Bonum Certa Men Certa

Links 30/1/2020: LibreOffice 6.4, Godot Engine 3.2 and Mesa 19.3.3 Released, Data Transfer in GTK4



  • GNU/Linux

    • Desktop/Laptop

      • CBS All Access serves ads, but not content, to Linux users

        I'm both a Linux user and a CBS All Access subscriber myself, but I had been unaware of the problem since I do all my own watching on a Roku. Technically, the Roku is a Linux PC in its own right—but CBS has its own app in the Roku store, which works perfectly.

        Moving back to one of my own PCs, I was quickly able to confirm the issue: trailers autoplay properly, and even the ads work—but the actual content won't play on a Linux desktop PC on any browser including Google Chrome. Diving into the Chrome Web Console, we can see HTTP 400 (Bad Request) errors when the browser attempts to fetch a license from CBS' Widevine back end.

      • You Can't Stream 'Star Trek: Picard' on Linux Without This Workaround

        It’s 2020, and you think that it would be easy to stream any content you want on any device you want—especially that brand-new Picard series on CBS All Access. If you’re an ubergeek who loves both Star Trek and Linux, you’re out of luck. Thanks to the joys of digital rights management, or DRM, you’re unable to use CBS’ All Access service to stream Picard on Linux.

        In a cruel twist, not only can you not stream the show, but you can stream all the bullshit that comes wrapped around it.

        [...]

        That is, however, slightly more than you’d pay if you signed up for an annual plan via CBS itself ($60/year for limited commercials and and $100/year for no commercials). Amazon doesn’t offer these options, so this route is best if you’re only planning to binge a show or two and then cancel your service. If you’re looking to stick with CBS All Access for the long haul, you might just want to try not watching it on Linux; a tablet, phone, or app on your Smart TV will save you more cash.

      • The Kubuntu-Powered Premium Laptop is Available for Purchase

        We recently wrote an article on buying a Linux preloaded laptop from the best 16 places.

        Kubuntu Council has announced a premium Kubundu powered laptop called Kubuntu Focus.

        Kubuntu Focus Laptop is a collaboration of Mindshare Management Inc, and Tuxedo Computers.

        Most vendors offer Ubuntu running laptops with GNOME, except few.

        But this is a new option for Linux users to experiment with Ubuntu’s KDE flavor.

    • Server

      • Cloud is starting to smell a lot like legacy tech

        Cloud is already starting to smell a lot like legacy technology.

        That may seem an odd thing to suggest, but Amazon Web Services (AWS) has just made it plain by citing customer demand for extending support for its oldest Linux.

        AWS introduced its Linux, the Amazon Linux AMI, in September 2010. It did so for the oldest of reasons: it wanted an OS nicely-integrated with its own hardware, the same rationale that powered generations of minicomputers!

        The Linux AMI received rolling updates every six months and earlier versions could be updated or bug fixes incorporated into older versions. The last updated landed in early 2018.

        The AMI was replaced by Amazon Linux 2, a newer cut of the open source OS better-suited to its more recent innovations.

      • IBM

        • RHEL 8 Still Vulnerable to “Magellan 2” SQLite Bugs, as Patches Drop

          Severe bugs in the ubiquitous SQLite engine – used in thousands of software applications – continue to pose a major security threat, security researchers say, with Red Hat admitting today that its flagship Red Hat Enterprise Linux (RHEL) 8 remains vulnerable, despite patching other products this week.

          Red Hat said in a security update it had now inoculated RHEL 7 and its “RHEL 8.0 Update Services for SAP Solutions”, but RHEL 8 itself remains affected by one of the vulnerabilities, first disclosed to the Chromium team by China’s Tencent Blade – which dubbed them “Magellan 2.0” – in October 2019.

        • Communication superstars: A model for understanding your organization's approach to new technologies

          The Open Organization Ambassadors have learned a great deal about the ways open principles are impacting organizational practices. In particular, we've developed an Open Organization Definition that specifies the five principles that distinguish open organizations from other types of organization—namely, more transparency, more inclusivity, greater adaptability, deeper collaboration and a sense of purpose teams/community. I've also delivered a presentation on this topic several times since 2016 and learned new insights along the way. So I'd like to update this article with a few comments that reflect those findings. And then, in a follow-up article, I'd like to offer readers some guidelines on how they can determine their organization's level of comfort with communication technology and use it to increase their success relative to industry competitors.

    • Audiocasts/Shows

      • mintCast 327 – The Mozilla Thrilla

        First up, in our Wanderings, I follow in Tony H?s footsteps and paint, Tony H upgrades a laptop and attends another LUG, Josh returns, Moss meets a mintCast listener, Joe listens to more books and learns about Cockpit, and Tony Watts edits video and works on his Studio.

        Then in our news a new Wine, GParted, Edge and Yaru theme for Ubuntu. The Pinephone ships and Firefox runs into issues.

      • 2020-01-29 | Linux Headlines

        LibreOffice focuses on performance, a new FreeNAS release is out, Thunderbird gets a new home, and more.

      • FLOSS Weekly 564: Open Mainframe Update

        The Open Mainframe Project is to serve as a focal point for deployment and use of Linux and Open Source in a mainframe computing environment. The project intends to increase collaboration across the mainframe community and to develop shared toolsets and resources. Furthermore, the project seeks to involve the participation of academic institutions to assist in teaching and educating the mainframe engineers and developers of tomorrow.

      • Full Circle Weekly News #162



        Arch Linux Now Using ZStandard Instead of XZ for Compression https://www.archlinux.org/news/now-using-zstandard-instead-of-xz-for-package-compression/

        EA Is Permanently Banning Linux Gamers in Battlefield V https://itsfoss.com/ea-banning-linux-gamers/

        OpenBSD’s Calm Window Manager version 6.6 is now available in a portable package https://github.com/leahneukirchen/cwm

        Smartmontools 7.1 is available https://www.smartmontools.org/browser/tags/RELEASE_7_1/smartmontools/NEWS

        Supertux Cart 1.1 is available with better multiplayer http://blog.supertuxkart.net/2020/01/supertuxkart-11-released.html

        GitBucket has released version 4.33.0 https://gitbucket.github.io/gitbucket-news/gitbucket/2019/12/31/gitbucket-4.33.0.html

        Linux Kernel 5.5 rc5 is available https://lkml.org/lkml/2020/1/5/185

        Credits: Ubuntu “Complete” sound: Canonical

        Theme Music: From The Dust – Stardust soundcloud.com/ftdmusic https://creativecommons.org/licenses/by/4.0/

      • Most Dangerous Tech Job in the World?

        There's one tech job that's easy to get into, and HARD to get out of. Know what you're getting yourself into, and know how you'll get out if you've had enough.

      • My YouTube Recording Studio Layout and Gear

        As I navigate trying to improve my video and audio quality, I figured I would create a video to show off some of my customizations and how my studio is set up. I'll talk about my recording gear, and more. It's still a work in progress, but here I show it's current state.

    • Kernel Space

      • Linux 5.6 Kernel Adds New System Call For "openat2" - More Extensible openat()
        LINUX KERNEL -- A new system call added to the very feature rich Linux 5.6 kernel is openat2() for more extensible behavior compared to the existing openat() functionality.

        The openat() system call has long existed as similar to open() but allowing relative paths to the directory stipulated by the passed file descriptor. With time trying to extend openat() has led to headaches for developers that is now made more extensible with openat2().

      • Indie VPN WireGuard gets the Torvalds seal of approval with inclusion in Linux kernel 5.6
        The WireGuard VPN protocol, which is smaller, faster and easier to configure than IPsec, has been merged into Linus Torvalds' git repository for version 5.6 of the Linux kernel, the next release.

        There is no set date for Linux kernel releases. Version 5.5 was released on 26 January 2020 and there is typically a couple of months between releases, so 5.6 may come in April.

      • WireGuard + Multi-Path TCP Were Merged Tonight Into Linux 5.6

        The very exciting networking subsystem updates have made it into the Linux 5.6 kernel.

        The prominent networking changes for Linux 5.6 include:

        - Finally mainlining WireGuard! It's finally in! This secure VPN tunnel software that has already been ported to many platforms and shown much potential is finally in the mainline Linux kernel!

      • USB4 Support Lands In The Linux 5.6 Kernel

        Ahead of USB4 devices expected to begin appearing later this year, the Linux 5.6 kernel is wired up with initial USB4 support.

        We were expecting USB4 in Linux 5.6 and indeed it has happened. It was just last September that the USB4 specification was published but allowing this Linux kernel enablement to come rather quickly is that it's based on Thunderbolt 3. This USB4 enablement for the Linux kernel is based in large part on the existing Thunderbolt Linux code.

      • The Linux 5.6 x86 Platform Driver Changes Are Busy From Quirky Laptops To New Hardware Support

        Intel's Andy Shevchenko sent in the x86 platform driver updates on Monday for the newly opened Linux 5.6 merge window. There is the never-ending work on dealing with quirky Windows-focused laptops to adding new Intel hardware support and other additions.

        Highlights of the x86 platform driver work for Linux 5.6 includes:

        - The fix for ASUS TUF laptops with AMD Ryzen laptops so they stop overheating so easily and leading to crippled performance. That is a very important fix for these ASUS TUF gaming laptops with Ryzen CPUs due to the thermal policy not being properly set otherwise on Linux.

      • The Big Set Of x86 Changes Hit The Linux 5.6 Kernel

        As part of the Linux 5.6 development dance, Ingo Molnar began sending in all of the pull requests this morning for the different areas of the Linux kernel he oversees.

        On the x86/asm front for x86 Assembly changes to the kernel, there has been some code clean-ups as well as a micro-optimization/simplification to the 32-bit boot code. Most interesting though on the Assembly side is Linux 5.6 will now use Intel Ice Lake's Fast Short REP MOV instruction for faster memmove() performance. The FSRM instruction with Ice Lake should offer faster memory movements from one location to another. It will be interesting to see on the Ice Lake Core i7-1065G7 system if this ends up having any meaningful performance difference in the real-world.

      • SELinux For 5.6 Kernel Sees Largest Change Set In A While

        Among the changes are deprecating CONFIG_SECURITY_SELINUX_DISABLE (the option allowing run-time disabling of SELinux via a sysfs node), SELinux controls for the new kernel lockdown functionality, an SELinux control for move_mount, improved SELinux security label data lookups, enabling SELinux per-file labeling for BinderFS, and various fixes and other enhancements.

      • Power Management + ACPI Updates Submitted For The Linux 5.6 Kernel

        Linux power management subsystem maintainer Rafael Wysocki is punctual as always in sending in his feature pull requests for the new merge window.

        This time around the ACPI and power management updates for Linux 5.6 include items like:

        - Support for Tiger Lake Mobile and Jasper Lake within the Intel Runtime Average Power Limiting (RAPL) power-capping driver.

      • Many Linux 5.6 Sound Driver Updates Especially On The Intel / Sound Open Firmware Front

        Linux sound subsystem maintainer Takashi Iwai of SUSE today sent in all of the sound driver updates for this next version of the Linux kernel.

        On the sound front with Linux 5.6 includes:

        - The ALSA ABI is now compliant against the Year 2038 problem, which comes after various ioctls have been extended and other special-case handling.

      • Linux 5.6 Crypto Code Brings The New AMD TEE Driver

        Herbert Xu sent in all of the crypto subsystem changes on Tuesday for the in-development Linux 5.6 kernel. Interesting us the most out of this crypto work is the AMD Trusted Execution Environment (TEE) driver.

        This AMD TEE driver that is part of this crypto pull is for providing Trusted Execution / Secure Processor support on newer AMD platforms. The current AMD TEE support is focused on Raven Ridge APUs.

      • It's Finally Time: The Time Namespace Support Has Been Added To The Linux 5.6 Kernel

        The Time Namespace, which was originally proposed back in 2018 for allowing per-namespace offsets to the system clocks, has finally entered the mainline kernel in early 2020 with the in-development Linux 5.6 kernel.

        The Time Namespace ability to provide per-namespace offsets to the system monotonic and boot-time clocks is driven by container use-cases as explained in that article.

      • EFI Code Gets More Cleaning With Linux 5.6

        The EFI kernel code has seen a variety of clean-ups and low-level improvements to it for the Linux 5.6 cycle.

        Among the EFI work queued for Linux 5.6 is cleaning up of the graphics output (EFI GOP) handling code within the EFI stub, refactoring the mixed mode handling in the x86 EFI stub, overhauling the x86 EFI boot/runtime code, better robustness out of the mixed mode code, support to disable DMA at the root port level, getting rid of RWX mappings in the EFI memory map and page tables where possible, and other fixes and clean-ups.

      • Clang 10 + Linux 5.6 Will Be Able To Build A Working s390 Kernel

        With LLVM Clang 9.0 and Linux 5.3 together it became possible to build the mainline Linux kernel with this non-GCC compiler. The x86_64 Linux kernel Clang-based kernel builds has continued to improve through newer kernel releases. This follows the mainline AArch64 (64-bit ARM) Linux kernel mainline build by Clang too, which has been of much interest by different hardware/software vendors. There hasn't been much Clang'ing kernel efforts for other architectures, but it turns out with Clang 10 and Linux 5.6 will be another working combination, this time for IBM s390.

        IBM System/390 interest in building the Linux kernel with Clang rather than GCC hasn't been on my radar until now when Clang 10 build support was just added to Linux 5.6 Git.

      • Btrfs Ready For Linux 5.6 With Async Discard For Better Efficiency + Performance

        Btrfs in the now-stable Linux 5.5 kernel is exciting for its new RAID1C3/RAID1C4 capability allowing three/four copies of data rather than just two while looking ahead to Linux 5.6 is further feature work on this Linux file-system.

        The big Btrfs item on the table with Linux 5.6 is async discard support developed by Facebook engineers and so solid-state drive TRIM/DISCARD support isn't done synchronously. This led to an efficiency improvement and lower read latencies when deploying the feature on Facebook servers.

      • Sony Now "Officially" Maintaining The Linux PlayStation Input Driver, But Leads To Interesting Problem

        It turns out Sony is now maintaining the mainline Linux kernel's hid-sony input driver in an "official capacity now across various devices." This hid-sony driver is what traditionally has supported the various PlayStation controllers and other input devices for their hardware. But their newfound "official" support for this open-source input driver could lead to interesting predicaments.

        Sent out this week by an independent Linux user was a patch for supporting Gasia controllers with the HID Sony driver. These controllers made by Gasia Co are USB-based controllers aiming for compatibility with the PlayStation 3 controller. These Gasia controllers are similar to "knockoff controllers" we've seen from other vendors for the PlayStation and other game consoles like the Xbox in that often times they even use the same device IDs and aim to mirror the hardware/software behavior all the same.

      • Linux 5.5 released with enhanced hardware support

        With this update, it seems clear that the main focus of the development team was to enhance the kernel’s hardware support. Other than that, there was also work done on improving the network driver and security.

        Delving deep into the hardware details, the new version will now be able to handle Raspberry Pi 4 better. Now, you will be able to connect your Raspberry Pi device to the Linux kernel right off the bat. Moreover, the kernel also offers better support for the Ugoos AM6, RK3308, and NanoPi Duo2 boards.

        The kernel will also come with drivers for Chromebook’s Wake-on-Voice feature, airplane mode LEDs, the keyboard backlight, and Fn key combinations.

        One impressive thing about this update is that it focuses on various demographics, even gamers. Accordingly, Linux 5.5 will be able to support two gaming keyboards, which include the first and second versions of Logitech G15. Although these keyboards are quite old, they are loved by gamers to this day, because they sport an LCD-screen, backlight modes, and macro buttons.

        Apart from that, gamers will have the ability to overclock their AMD OverDrive and also get better performance, all thanks to the improvements in the kernel’s scheduler.

        The developers of this update have also worked on improving the ext4, exFAT, and XFS file systems. When it comes to ext4, there is now support for direct I/O through fscrypt and iomap to handle smaller block sizes. Apart from that, users will also get better power management for Ice lake and Thunderbolt USB.

        Now coming to its upgraded security, it is now possible for MS Hyper-V virtual machines to hibernate and kernel concurrency sanitizer to spot data race conditions. Plus, from what we hear right now, Linux kernel 5.6 is highly likely to come with WireGuard support.

      • Linux 5.5 Performance Overall Is Comparable To Older Kernels For Most Workloads

        Since the stable release of Linux 5.5 this weekend I have been carrying out benchmarks for looking at how the performance of this newly-minted kernel compares to older releases. Here are benchmark results of Linux 5.3 vs. 5.4 vs. 5.5 with an AMD Ryzen Threadripper 3970X but the results are similar to other HEDT and lower-end systems we've tested thus far.

        Outside of some AMD and Intel graphics performance improvements, when it comes to overall CPU/system performance the Linux 5.5 performance is comparable to 5.4. Early on the Linux 5.5 performance was looking bleak with a sizable performance hit that turned out to be an AppArmor regression. There were some other oddities but some noise made it difficult to narrow down. But fortunately with Linux 5.5 final, the performance seems to be in good standing and I haven't noticed any big performance hits in my Linux 5.5 stable testing from desktop to server platforms.

      • Linux 5.6 Is The First Kernel For 32-Bit Systems Ready To Run Past Year 2038

        On top of all the spectacular work coming with Linux 5.6, here is another big improvement that went under my radar until today: Linux 5.6 is slated to be the first mainline kernel ready for 32-bit systems to run past the Year 2038!

        On 19 January 2038 is the "Year 2038" problem where the Unix timestamp can no longer fit within a signed 32-bit integer. For years the Linux kernel developers have been working to mitigate against this issue also commonly referred to as the "Y2038" problem, but with Linux 5.6 (and potentially back-ported to 5.4/5.5 stable branches) is the first where 32-bit kernels should be ready to go for operating past this threshold.

      • Habana Labs Aims To Upstream Gaudi AI Accelerator Code For Linux 5.7~5.8

        Habana Labs, the AI start-up being bought out by Intel, is still striving towards upstreaming their Gaudi processor support code for AI training.

        Habana Labs has been a good member of the open-source community with having mainlined their driver in the Linux kernel a year ago. That initial focus was on the Goya AI inference processor while now they have been working on bringing up Gaudi too under this open-source kernel code.

      • Graphics Stack

        • There Is Experimental Patches Providing Support For DXIL Shaders With VKD3D

          The Wine project's VKD3D initiative for translating Direct3D 12 support to Vulkan took another step forward today with patches for handling DXIL (Shader Model 6.0+) shaders with VKD3D, but the work in the current form may need to be re-worked.

          DXIL is the DirectX Intermediate Language that can be generated out of the conventional HLSL shaders. DXIL support as open-source has been apart of Microsoft's DirectXShaderCompiler in the path to ultimately an LLVM-based compiler. This works with Shader Model 6.0 and newer for DirectX 12.

        • Mesa 20.0's RADV Driver Deems Navi/GFX10 Stable, Vulkan 1.2 In Good Shape, ACO Fixes

          With Mesa 20.0 scheduled for branching today (though that could be delayed a few days potentially depending upon last minute requests), there's been a flurry of Radeon Vulkan "RADV" driver activity to squeeze into this first Mesa release series of 2020.

          [...]

          While contingent upon the number of Mesa 20.0 release candidates ultimately needed, Mesa 20.0 stable should be out around the end of February.

        • [Mesa-dev] [ANNOUNCE] mesa 19.3.3
          Hi list,
          
          

          I'd like to announce mesa 19.3.3. This release was delayed due to bugs caught in CI that needed to be resolved before the release could be made. Due to the slightly longer cycle there's slightly more patches than would normally be present in the release.

          I've also started using a new script to find the patches in master to pick, so please ignore any .pick_status.json: commits, they're generated by the new script.

          There's plenty of changes here, but intel, docs, radeonsi, and aco are the biggest sets of changes.

          Dylan

          Shortlog ========

          Adam Jackson (1): drisw: Cache the depth of the X drawable

          Andrii Simiklit (1): mesa/st: fix a memory leak in get_version

          Bas Nieuwenhuizen (2): radv: Disable VK_EXT_sample_locations on GFX10. radv: Remove syncobj_handle variable in header.

          Caio Marcelo de Oliveira Filho (1): intel/fs: Only use SLM fence in compute shaders

          Daniel Schürmann (2): aco: fix unconditional demote_to_helper aco: rework lower_to_cssa()

          Dylan Baker (5): docs: add SHA256 sums for 19.3.2 cherry-ignore: Update for 19.3.3 .pick_status.json: Update to c787b8d2a16d5e2950f209b1fcbec6e6c0388845 docs: Add relnotes for 19.3.3 release VERSION: bump version to 19.3.3

          Eric Anholt (1): mesa: Fix detection of invalidating both depth and stencil.

          Eric Engestrom (1): meson: use github URL for wraps instead of completely unreliable wrapdb

          Erik Faye-Lund (8): docs: fix typo in html tag name docs: fix paragraphs docs: open paragraph before closing it docs: use code-tag instead of pre-tag docs: use code-tags instead of pre-tags docs: use code-tags instead of pre-tags docs: move paragraph closing tag docs: remove double-closed definition-list

          Francisco Jerez (3): glsl: Fix software 64-bit integer to 32-bit float conversions. intel/fs/gen11+: Handle ROR/ROL in lower_simd_width(). intel/fs/gen8+: Fix r127 dst/src overlap RA workaround for EOT message payload.

          Hyunjun Ko (1): turnip: fix invalid VK_ERROR_OUT_OF_POOL_MEMORY

          Jan Vesely (1): clover: Initialize Asm Parsers

          Jason Ekstrand (8): anv: Flag descriptors dirty when gl_NumWorkgroups is used intel/vec4: Support scoped_memory_barrier intel/blorp: Fill out all the dwords of MI_ATOMIC anv: Don't over-advertise descriptor indexing features anv: Memset array properties anv/blorp: Rename buffer image stride parameters anv: Canonicalize buffer formats for image/buffer copies anv: Stop allocating WSI event fences off the instance

          Jonathan Marek (1): st/mesa: don't lower YUV when driver supports it natively

          Kenneth Graunke (2): intel/compiler: Fix illegal mutation in get_nir_image_intrinsic_image intel: Fix aux map alignments on 32-bit builds.

          Lasse Lopperi (1): freedreno/drm: Fix memory leak in softpin implementation

          Lionel Landwerlin (4): anv: fix intel perf queries availability writes anv: only use VkSamplerCreateInfo::compareOp if enabled intel/perf: expose timestamp begin for mdapi intel/perf: report query split for mdapi

          Marek Olšák (4): ac/gpu_info: always use distributed tessellation on gfx10 radeonsi: work around an LLVM crash when using llvm.amdgcn.icmp.i64.i1 radeonsi: clean up how internal compute dispatches are handled radeonsi: don't invoke decompression inside internal launch_grid

          Nataraj Deshpande (1): egl/android: Restrict minimum triple buffering for android color_buffers

          Pierre-Eric Pelloux-Prayer (8): radeonsi: release saved resources in si_retile_dcc radeonsi: release saved resources in si_compute_expand_fmask radeonsi: release saved resources in si_compute_clear_render_target radeonsi: release saved resources in si_compute_copy_image radeonsi: release saved resources in si_compute_do_clear_or_copy radeonsi: fix fmask expand compute shader radeonsi: make sure fmask expand is done if needed util: call bind_sampler_states before setting sampler_views

          Rhys Perry (8): aco: set vm for pos0 exports on GFX10 aco: fix imageSize()/textureSize() with large buffers on GFX8 aco: fix uninitialized data in the binary aco: set exec_potentially_empty for demotes aco: disable add combining for ds_swizzle_b32 aco: don't DCE atomics with return values aco: check if multiplication/clamp is live when applying output modifier aco: fix off-by-one error when initializing sgpr_live_in

          Samuel Pitoiset (2): radv: only use VkSamplerCreateInfo::compareOp if enabled radv: fix double free corruption in radv_alloc_memory()

          Samuel Thibault (1): meson: Do not require libdrm for DRI2 on hurd

          Tapani Pälli (1): egl/android: fix buffer_count for applications setting max count

          Thong Thai (1): mesa: Prevent _MaxLevel from being less than zero

          Timur Kristóf (1): aco/gfx10: Fix VcmpxExecWARHazard mitigation.

          git tag: mesa-19.3.3
        • Mesa 19.3.3 Released With Many Fixes

          While Mesa 20.0 will be entering its feature freeze this week and branching ahead of the stable release expected in about one month, for now the Mesa 19.3 series is the newest available for stable users.

          Among the fixes to find with Mesa 19.3.3 are listed below while mostly amounting to the usual AMD Radeon and Intel churn along with other core work.

        • Mesa 19.3.3 Released with Improvements for Dead Rising 4, Many Fixes

          The Mesa 3D graphics library has been updated today to version 19.3.3, another bugfix release in the Mesa 19.3 series that addresses various crashes and other issues.

          Mesa 19.3.3 arrives two weeks after version 19.3.2 and it’s here to fix a crash with the Dead Rising 4 action-adventure video game on GFX6 and GFX7 family of AMD GPUs, improve compiling support with GCC (GNU Compiler Collection) 10, and a memory leak in the softpin implementation of the Freedreno DRM driver.

    • Benchmarks

      • Raspberry Pi 4 Benchmarked with 32-bit and 64-bit Debian OS

        The first Raspberry Pi board with a 64-bit Arm processor was Raspberry Pi 3 Model B, and all new models including the latest Raspberry Pi 4 come with four Arm Cortex-A 64-bit cores.

        But in order to keep backward software compatibility with the original Raspberry Pi and Raspberry Pi 2, the Raspberry Pi foundation decided to keep provided 32-bit OS image, so nearly everybody is now running a 32-bit OS on 64-bit hardware, and Eben Upton famously claimed it did not matter.

        We already wrote that 64-bit Arm (Aarch64) boosted performance by 15 to 30% against 32-bit Arm (Aarch32) several years ago, but Matteo Croce decided to try it out himself on Raspberry Pi 4 board first running benchmarks on Raspbian 32-bit before switching to a lightweight version of Debian compiled as aarch64.

    • Applications

      • Screen sharing on Linux: The state of things

        When I want to show something, I can either:

        Share a single window, which can sometimes just share the entire screen anyway, or sometimes crash the entire chat application if I hide the window by switching to another workspace.

        Share outside of the chat application we’re using

        So, I use OBS (which actually has third-party support for wlroots if you’re on Wayland) and stream to my own RTMP server.

      • 7 open source desktop tools: Download our new eBook

        Linux users say that choice is one of the platform's strengths. On the surface, this might sound self-aggrandizing (or self-deprecating, depending on your perspective). Other operating systems offer choice, too, but once you look at the options available for nearly anything you want to do on Linux, it doesn't take long to conclude that a new word ought to be invented for what we mean by "choice."

        User choice isn't a "feature" of Linux; it's a way of life. Whether you're looking for a whole new desktop or just a new system tray, Linux hackers provide you options. You might also be able to hack some simple commands together to create a batch processor for yourself—and you might publish it online for others, thereby contributing to the array of choice.

      • Snowflake is the Linux SSH GUI you didn't know you needed

        Every single day I rely on secure shell. 90% of the time I'm using that tool from the Linux platform, where I open a terminal window and SSH into what seems like an endless array of remote servers. Because I'm accessing so many servers, having a GUI tool makes that task less of a strain on my memory.

        What IP address goes to what server? There are so many of them.

        That's why I've taken to using the Snowflake GUI tool. Snowflake includes a connection manager, file browser, terminal emulator, resource/processor manager, disk space analyzer, text editor, log viewer, SSH key authentication support, and more.

      • New features and changes in the Kuesa 1.1.0 release

        KUESAâ„¢ is a solution that provides an integrated and unified workflow for designers and developers to create, optimize and integrate real time 3D content in a 3D or hybrid 2D/3D software user interface. Models, including geometry, materials, animations and more, can smoothly be shared between designers and developers. Kuesa relies on glTF 2.0, an open standard which is being broadly used in the industry, so it can easily and seamlessly integrate with a growing number of authoring tools.

      • Apache SpamAssassin 3.4.4 available

        One of the most significant projects from the Apache Foundation has released another version of SpamAssassin. This is primarily a security release, but also includes improvements to macro document processing with OLVBMacro and a set of smaller fixes.Apache SpamAssassin is a mature, widely-deployed open source project that serves as a mail filter to identify spam. SpamAssassin uses a variety of mechanisms including mail header and text analysis, Bayesian filtering, DNS blocklists, and collaborative filtering databases. In addition, Apache SpamAssassin has a modular architecture that allows other technologies to be quickly incorporated as an addition or as a replacement for existing methods.

    • Instructionals/Technical

    • Games

      • The Pedestrian is an imaginative and fun puzzle game about travelling through signs - out now

        You are The Pedestrian, the little person you see in various street and wall signs and you're on a mission. It's a clever idea for a game but is the gameplay worth it? I took a look to find out. Note: Key from the dev.

        Truthfully though, unless something major changed, I was fully expecting to enjoy this. The demo released previously I briefly wrote up was already very enjoyable and showcased what they wanted to do well enough. The Pedestrian can be played by pretty much anyone, as the story is without text and dialogue.

      • Huge new Dwarf Fortress release out with villains and interrogations - you can also pet animals

        Dwarf Fortress, a single-player fantasy game that's quite a complex mix of genres has a big new release now available. It's been around a long time and it's so popular it's inspired the creation of other amazing games like RimWorld, Prison Architect, Minecraft and plenty more.

        Yesterday, Bay 12 Games put out v0.47.01 with some pretty huge new features, plenty of which are spread out across the multiple game modes. For the fortress mode, you will now get petitions for guildhalls and temples when you have enough believers digging around. Slightly more concerning though, is that villains might target you and steal some artifacts. If you have a Sheriff, you will get reports on it and you will be able to interrogate people and perhaps get the name of their master eventually.

      • Ordmonster

        The first thing I’d like to point out that my fluency in Godot as a tool is starting to show of. I’m more happy with the code structure of ordmonster, and I start to feel that I don’t continuously bump into the sharp edges of Godot, but use the engine as it was meant to be used.

        I also learned a couple of things. The first one is the Control::mouse_filter property. The GameButton nodes (the ones showing a word or a picture) consists of a Button with a Label for text and a TextureRect for holding the picture. The TextureRect sits inside a MarginContainer. It turns out the MarginContainer stops all mouse events from passing through, effectively disabling the Button. This took a while to figure out.

        The second half has to do with how resource files can be traversed on Android. Resources are embedded into the executable produced by Godot. The words available in the game are stored as the filenames of the images, so that I don’t have to create a table and keep it in sync with the file names. Really smart idea – right? This smart idea cost me quite some time.

        First up, it seems like you cannot have non-ASCII characters in asset filenames when building apk files for Android devices. Really annoying. The fix was using English for the filenames and having to add the words to my translation tables, so now I have a table to keep in sync with the filenames anyway.

        The fun did not end here. Now it worked on desktop (both Linux and Windows), but my Android builds simply crashed on me. It turns out that the Directory::list_dir_begin and friends do not seem to work on Android, or the assets are not included in the apk. I’ll spend some time figuring out what is up, then I’ll probably file a bug report. In the mean time you can follow the current forum discussion.

      • Psyonix explains why Rocket League on macOS and Linux is scrapped and offers refunds

        Rocket League players on macOS and Linux got some bad news last week, as Psyonix is dropping online support for both platforms. The online-removing patch will arrive in March, at which point players will only have access to local multiplayer. At the time, there was little explanation as to why this move had to be made, but the developers have since expanded on its reasoning, attributing the change to a shift away from DirectX 9.

        Psyonix said last week that it has become “more difficult to support macOS and Linux” as the studio looks to adapt to newer technologies. Now, thanks to some additional clarification, we know that Rocket League is making the jump from DirectX 9 to DirectX 11 in order to support “new types of content and features” that aren’t possible on the older API:

        “There are multiple reasons for this change, but the primary one is that there are new types of content and features we’d like to develop, but cannot support on DirectX 9. This means when we fully release DX11 on Windows, we’ll no longer support DX9 as it will be incompatible with future content”.

      • Rocket League losing Linux and macOS support

        Rocket League, a game with which we have a bit of history, is losing support for Linux and macOS. Psyonix, the team behind the game, explained in a recent Reddit post that Rocket League is being updated from 32-bit and DirectX 9 to 64-bit and DirectX 11. The game’s OpenGL render for the Linux and macOS clients requires DX9 to function, and future game content will require DX11. Given that only 0.3% of the playerbase is on Linux and macOS, the team has decided that investing the time and resources into updating the Linux version to Vulkan or OpenGL4 and macOS version to Metal cannot be justified.

      • GtkStressTesting: Stress and Monitor Linux Hardware Components

        Insight: GtkStressTesting: Stress and Monitor Linux Hardware Components

        GtkStressTesting is a system utility designed to stress and monitor various hardware components in Linux. It monitors various hardware components like CPU and RAM.

        Features:

        Run different CPU and memory stress tests Run multi and single core benchmark Show Processor information (name, cores, threads, family, model, stepping, flags, bugs, etc) Show Processor’s cache information Show Motherboard information (vendor, model, bios version, bios date, etc) Show RAM information (size, speed, rank, manufacturer, part number, etc) Show CPU usage (core %, user %, load avg, etc) Show Memory usage Show CPU’s physical’s core clock (current, min, max) Show Hardware monitor (info provided by sys/class/hwmon)

      • Awesome looking FPS 'Prodeus' Early Access release slips to Summer, new trailer is up

        Retro-inspired with plenty of modern tricks, Prodeus looks bloody awesome! Sadly though, we have to wait a bit longer to frag as the Early Access date has slipped.

        In a big update on Kickstarter, the team explained that while it's come far they're just not there yet, so they've pushed Early Access until Summer this year. The extra few months will be used to "deliver an amazing game" and "polish the game to get it to release quality".

      • Obversion is a slow, peaceful and satisfying first-person puzzler out now

        Obversion from former-Google developer Adrian Marple is out now, I played through a bunch of it and found it delightful.

        Visually simple, mechanically very straightforward too but it's also very accessible. You can play the entire game with a gamepad or mouse/keyboard - the choice is yours. The idea of each level is simply to reach the exit, you do this by manipulating the environment by creating and destroying certain blocks. Even if you get something wrong, you can undo entire moves at the tap of a button making it quite peaceful and relaxing even when you're stuck as you're free to experiment at your own pace.

      • Aquamarine, a story-driven quiet survival adventure set in an alien ocean

        Currently crowdfunding on Kickstarter, Aquamarine looks like a very sweet survival adventure about exploring an alien ocean.

        In development by Moebial Studios with a plan to release for Linux, macOS and Windows in Q4 this year, Aquamarine is a small-scale story-driven adventure inspired largely by the psychedelic sci-fi of the '70s and '80s. With gameplay combining elements of old-school roguelikes and the survival genre with the exploration and puzzle solving of classic point-and-click adventures.

      • Korean survival-horror The Coma 2: Vicious Sisters is officially out now

        From publisher Headup and the South-Korean development team at Devespresso Games we have the full release of The Coma 2: Vicious Sisters.

        Continuing the dark and vicious world setup in The Coma: Recut, this standalone sequel doesn't need you to have played the previous game so you can jump right on in thanks to the new protagonist, Mina Park, although it does have certain references to the previous game for those who've played it.

      • Seven years later Kentucky Route Zero is finally complete with the release of Act V

        As a free update to all existing owners, seven years after the initial release Kentucky Route Zero from developer Cardboard Computer is actually done and finished.

        Not only can you now play through the full story, the update also includes the "interludes" - free experimental games which they published to "ill in the story and characters from different perspectives" and the game has new translations too, adjustable text size and Steam Achievements. Quite a big update!

      • Google Stadia adds GYLT and Metro Exodus for Pro and more Stadia news

        It's time for another little roundup of happenings around Google Stadia, the Linux-powered game streaming service.

        Firstly, for anyone who does have the Founder/Premier Edition or were sent a Buddy Pass, the Pro games for February have been announced. At this point, it does seem like Google are running out of Steam as they're giving away their own exclusive GYLT and Metro Exodus. Samurai Shodown and Rise of the Tomb Raider for Pro ends January 31, so you need to claim them before that date to keep them with your subscription. Google did also announce new Pro deals here.

        Google also did an official "Stadia Savepoint" news post on the official Google blog, going over what they've been doing but there's nothing new there since they already announced the big stuff like 120 games coming to Stadia across this year including some timed-exclusives.

      • How Warcraft III accidentally became a great Lord of the Rings game

        Warcraft III shipped in 2002 with a robust set of map-making tools. To younger folks that might sound weird now. “Map-making tools?” But once upon a time it was normal. In the ‘90s and early ‘00s, most multiplayer games shipped with official tools for creating custom maps or scenarios. I imagine a number of today’s developers grew up making maps for Unreal Tournament, Quake, Counter-Strike, Age of Empires II, and yes, Warcraft III.

      • HERE COMES GODOT 3.2, WITH QUALITY AS PRIORITY

        Godot contributors are thrilled and delighted to release our newest major update, Godot 3.2! It's the result of over 10 months of work by close to 450 contributors (300 of them contributing to Godot for the first time) who authored more than 6000 commits!

        Godot 3.2 is a major improvement over our previous 3.1 installment, bringing dozens of major features and hundreds of bugfixes and enhancements to bring our game developers an ever-improving feature set with a strong focus on usability.

      • Godot Engine 3.2 is out - advancing this FOSS game engine 'with quality as priority'

        After nearly a year of development, the free and open source game engine Godot Engine has a big new feature-filled release out with 3.2 focusing on quality as their priority.

        Even though it's a massive release, the Godot team is encouraging developers to upgrade from the older version as practically "every area of the engine has seen some degree of enhancement". There are a few breaking changes though so check the changelog.

        Originally planned as a small release, however a lot of features introduced in 3.0 and 3.1 "needed refinement" and they did "a lot of work" to improve the "usability, implement missing components and fix bugs" to ensure Godot 3.2 is a long-lasting release with long-term support due to how vastly different Godot 4.0 will be.

      • Godot 3.2 Open-Source Game Engine Released With Better Documentation, New Features

        While developers are hard at work on Godot 4.0 with Vulkan support, that release won't be ready until mid-2020 so as a result Godot 3.2 is out today as their latest stable release and serving as a "long-term support" release until transitioning to Godot 4.

        Godot 3.2 is bringing with it better documentation, Mono / C# integration working on Android and WebAssembly, Oculus Quest support, overhauling of Godot's visual shaders, various graphics/rendering improvements, glTF 2.0 3D asset support, WebSocket and WebRTC support, new editor features, and a variety of other enhancements.

      • VULKAN PROGRESS REPORT #6

        It's been a while since the previous progress report, as I went on vacation in November (did not take a vacation in years...), and December I had a lot of other engine related tasks that piled up that I had to solve. Work on the Vulkan branch resumed at the beginning of January and significant progress was made already.

      • Godot's Vulkan Renderer Is Already Picking Up New Features In 2020

        We remain quite excited to see Godot 4.0 this year that most notably is working on Vulkan API support.

        Godot 4.0 will hopefully be out in mid-2020 with the big ticket item being a Vulkan renderer. Godot lead developer Juan Linietsky has been back at work striving to have the Vulkan renderer match feature completeness to the Godot 3.x OpenGL rendering while also introducing new advanced features.

        Some of the latest Godot Vulkan developments include working out a modernized post-processing stack, rewritten auto exposure code with better performance, rewritten glow/bloom, a new depth of field effect, new screen space ambient occlusion, and specular anti-aliasing.

      • Godot Engine continues advancing Vulkan support, plus Nakama Godot first release

        Two bits of news relating to the free and open source game engine, Godot Engine, to share today and it's quite exciting.

        Firstly, the Vulkan support coming with the big Godot Engine 4.0 release later in the year (not the upcoming 3.2 release) continues improving the graphics overhaul. In a new progress update, lead developer Juan Linietsky writes about recent changes after taking a small holiday last November.

      • Epic Games Kills Rocket League on Linux! (Reaction)

        Epic Games decided that Linux and macOS Gamers don’t deserve the ability to play Rocket League on their preferred platform so I made this video because I am frustrated with losing my favorite game and I’m sick of Epic Games attacking the Gaming Industry while pretending to care about gamers.

        Tim Sweeney (CEO of Epic Games) has something against Linux apparently because he seems to refuse to support Linux with any games owned by Epic Games even to the point of buying a game that already had support for years and removing that support with Rocket League. In this video, I also cover the absurding of the claims that Sweeney thinks “Linux is great” while at the same time doing his best to ignore it and even hurt it.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • conf.kde.in and Calamares

          I spent a week in Delhi on a trip to be part of conf.kde.in. One of the talks I gave had a line in it Translation is Accessibility.

          I would probably add accessibility is a right, although that would be hypocritical of me, given that Calamares’s accessibility isn’t all that good (part of that is down to Qt and a languishing patch for making Qt-applications-as-root accessible). There’s some open issues on that front, and I hope that we’re going to find some progress in the next few months.

          In any case, one of the talks was on the transition of the Janayugom newspaper to Free Software – Scribus and KDE applications. That includes the challenges of dealing with fonts, writing, transliteration, and more. Read the upstream story from the people who did the work. At conf.kde.in both Kannan and Subin spoke about Malayalam topics; Kannan about the newspaper, and Subin about KDE bits. I showed off Calamares running in Malayalam as well, although since I hadn’t prepared that, I didn’t have proper Indic fonts installed and it was terribly ugly. In Hindi it looked ok, so there’s plenty of work for system integrators to do to deliver a good-looking localized desktop there.

          Since I was also giving a talk about translations and one about Calamares, I decided to canvas for more translators. Gujrati, for instance, has only one translator and not much work done, so I was hoping to find some helpers.

        • Season of KDE

          I am thrilled to be a part of Season of KDE 2020. I am working with the KDE Web and Calligra teams to create a new website for the Calligra Suite. The project involves converting the website to jekyll so that it is inline with the rest of the KDE websites.

          I got involved with KDE in december 2019 by joining their telegram group. I have been trying to contribute to open source projects since a long time but always found it difficult getting started. KDE dev’s helped me get started. I would especially like to thank my mentor Carl Schwan for guiding me in contributing to KDE.

          As mentioned in my previous post, I’ll be documenting my Season of KDE journey in this blog. This is first report for my project.

        • Guest Post: Current State of ComDaAn: Community Data Analytics, by Christelle Zouein

          Paul Adams is a developer renowned for his work in the field of free software and his many contributions to the KDE FOSS community. Before retiring from KDE, Adams provided the community with a service in the form of community data visualization using git repositories. To ensure the continuity of the service, Kevin Ottens, Libre software craftsman and developer at enioka Haute Couture, decided to take over.

          And so, ComDaAn took form as a way of modernizing Paul Adams’ scripts while staying true to his vision.

          That later turned into a complete rewrite with the purpose of creating a solid base for community data analytics in general. The project then became a suite of tools to study and analyze data produced by software communities and teams.

        • Latte bug fix release v0.9.8.1

          Latte Dock v0.9.8.1 has been released containing important fixes and improvements!

      • GNOME Desktop/GTK

        • Data transfer in GTK4

          The traditional methods for user-initiated data transfers between desktop apps are the clipboard or Drag-and-Drop. GTK+ has supported these methods since the beginning of time, but up until GTK3, the APIs we had for this kind of data transfer were thinly disguised copies of the corresponding X11 apis: selections, and properties and atoms. This is not too surprising, since the entire GDK api was modeled on X11. Unfortunately, the implementation includes horrors such as incremental transfers and string format conversions.

          For GTK4, we’re leaving these things behind as we are moving things in GDK around to be closer to the Wayland API. Data transfer is one the areas in most urgent need of this modernization. Thankfully, it is almost complete at this point, so it is worth taking a look at what has changed, and how things will work in the future.

        • GTK4 Data Transfer APIs Being Modernized Around Wayland

          Red Hat's Matthias Clasen has provided an update on one of the latest areas the GTK developers are working on finishing up with the forthcoming GTK 4.0 tool-kit... Improving the data transfer interfaces around handling for copy/paste and drag-and-drop.

          With GTK4, the data transfer interfaces are being re-engineered with an emphasis on moving closer to the Wayland API where as with GTK3 the GDK API was modeled on the X11 interfaces.

    • Distributions

      • 9 Years After Starting, AppStream 1.0 Is Coming For Cross-Distribution Package Metadata

        AppStream was started in 2011 as a means of drawing up cross-distribution (XML-based) standards for describing software components/packages metadata and for repositories to describe software collections. Now nearly a decade later, AppStream 1.0 should be coming in the next few months.

        Debian developer Matthias Klumpp who has been extensively involved in AppStream and other Linux packaging/installation efforts over the years has provided an update on the AppStream efforts.

        Among the AppStream additions in recent times has been a run-time component type added (such as for Flatpak bundles), end-of-life date support for software releases, an agreement section for metainfo files, support for videos in the software screenshots area, and various other additions.

      • New Releases

        • Kali Linux 2020.1 Now Available for Download
          Beginning with this release, if you run the live version of Kali, both the default user and password are “kali.” On the other hand, if you install the distro, you are prompted to create a non-root user with administrative privileges.

          “Tools that we identify as needing root access, as well as common administrative functions such as starting/stopping services, will interactively ask for administrative privileges (at least when started from the Kali menu),” the dev team explains.

        • Kali Linux 2020.1 released: New tools, Kali NetHunter rootless, and more!
          Offensive Security have released Kali Linux 2020.1, which is available for immediate download. The popular open source project, which is heavily relied upon in the pentest community, is introducing several new features, including new packages and tools. The key new features include:

          Changes in the default credentials – Kali is abandoning the default ‘root/toor’ credentials and moving to ‘kali/kali’. This is a very big change as root has been the default for Kali since its inception.

        • Kali Linux 2020.1 Switches To Non-Root User By Default, New Single Installer Image

          For the latest Kali Linux 2020.1, released yesterday, the developers have decided to go with a traditional default non-root user model. Other changes in this Kali Linux release include a single installer image instead of separate images for every desktop environment, rootless mode for Kali NetHunter, and more.

          Kali Linux is a Debian Testing based Linux distribution created for digital forensics and penetration testing, which comes with hundreds of tools preinstalled.

          [...]

          The Kali developers note that while there's nothing stopping users from using Kali Linux as their main OS, just like before, they still don't encourage this. But the change to a non-root default user will make it easier for those that want this.

          The main reason for not recommending the usage Kali Linux as the main OS is that it's not tested for this kind of usage, and the Kali developers don't want the influx of bug reports that come with it.

          If you do, however, run Kali as your main OS, you'll probably want to switch from the rolling branch to kali-last-snapshot for more stability.

      • Screenshots/Screencasts

      • PCLinuxOS/Mageia/Mandriva/OpenMandriva Family

        • OpenMandriva Lx 4.1 RC KDE-focused Linux distro now available for download
          Today, there is some great news for the Linux community -- OpenMandriva Lx 4.1 is RC now available! Yes, there is a new version of the KDE-focused Linux distribution.

          Before you get too excited, please know that RC stands for "Release Candidate." What does that mean? Well, it should be more stable than an Alpha or Beta, but it is still pre-release software. Essentially, with an RC, the developers are proposing that this version could be stable enough to become "final" or "gold."

        • OpenMandriva Lx 4.1 Will Ship with Linux Kernel 5.5, LibreOffice 6.4
          OpenMandriva Lx 4.1 is just around the corner, and the Release Candidate (RC) build is now available for public testing, giving the community a glimpse over the features and components to be implemented in the final release.

          The Release Candidate (RC) is the last milestone in the development cycle of any GNU/Linux distribution, and it usually contains mostly bug fixes and update packages. But what’s more exciting is the fact that OpenMandriva Lx 4.1 RC is shipping with the recently released Linux 5.5 kernel series.

          In addition to the Linux kernel bump, the Release Candidate also comes with the latest KDE Plasma 5.17.5 desktop environment, KDE Frameworks 5.66.0 and KDE Applications 19.12.1 open-source software suites, Qt 5.14.0 applications framework, Krita 4.2.8 digital painting software, and LLVM/clang 9.0.1 compiler.

      • SUSE/OpenSUSE

        • Libvirt, PHP, FFmpeg Updates Roll Out on Tumbleweed

          The 1.4 version of kdeconnect-kde was updated in the most recent 20200127 snapshot. The version offers a new “KDE Connect” desktop app to control the phone from the PC and SMS app that can read and write SMS texts. The newer version also offers compatibility with Xfce‘s file manager Thunar. The third release candidate for LibreOffice requires java 1.8 or newer with the libreoffice 6.4.0.3 package. Some core and curl bugs were fixed with php7 7.4.2, which included an Exif fix, and a handful of rubygem packages had minor version bumps. The snapshot is currently trending at a stable rating of 99, according to the Tumbleweed snapshot reviewer.

          Snapshot, 20200125 had a half dozen packages updated. GNU’s Utilities tool package for multi-lingual messaging, gettext-runtime 0.20.1, removed dynamic linker ldconfig and script builder autoreconf. GNU Multiple Precision Arithmetic Library has a new C++ function in the gmp 6.2.0 update and the new version provides better assembly code and greater speed for AMD Ryzen, Power9 and ARM 64-bit CPUs. An updated to the authentication-related tool shadow 4.8 synced password field descriptions in man pages and migrated to ITS Tool for translations. The snapshot is currently trending at a stable rating of 99.

        • Running for openSUSE Board #2: Getting new people aboard

          I’d like to illustrate my view on it with a simple example: When you visit opensuse.org there’s a menu item top right named “contribute”. Clicking it brings you to the contribution bit of the page. There you have choice between two things: Code and Hardware. Now if we’re lucky a potential contributor will click on “Code” and gets presented four slightly unmotivated lines of text and a button to “find out more”. That’s not how to be friendly and inviting. Let’s hope not too much people are turned down by that.

          But what I see as a way bigger problem – and some kind of basic pattern in oS – is that behind the “find out…” button in fact there would be really good and detailed information on how to contribute. Documentation, testing, translations and so on is all there. But it’s not communicated in any reasonable way! It’s hidden in different places, buried deeply in the wiki. The wiki is a good place for extensively written explanations but not for getting a first step into the pool.

          So my idea is part of a whole to-be-defined restructuring of opensuse.org. I proposed a few thoughts a while ago but got curbed due to the renaming/rebranding discussion back then. Yet I still have these things on my list to discuss and tackle. [1]

          Of course the website is just one puzzle part. The whole getting fresh blood (as you called it) thing needs further pushing. Hence the initiative of the marketing team to get special t-shirts for Leap 15.2. Beta testers. [2] This is something easily to be communicated to the outside and can be a door opener for new people. Though it is not a board member’s job there. But I think it’s good to have a board taking part in this whole communication initiative.

        • Instant Fresh openSUSE Tumbleweed with Docker and Vagrant Images

          On my machines I run openSUSE Leap (download), a stable distribution that follows the SUSE Linux Enterprise service packs. But frequently my task is to reproduce or fix a bug in openSUSE Tumbleweed (download), the hottest rolling distribution.

          In the past, I would take an ISO image of the installation DVD and install a virtual machine from scratch. (To say nothing about burning a CD, copying a boot floppy, and reinstalling a physical machine. I've been doing this for too long.)

          Fortunately, things got easier with ready-made disk images for containers (Docker/Podman) and virtual machines (Vagrant).

        • Klaas Freitag: Public Money – Public Code [Ed: in German]

          Genau dafür setzt sich die Kampagne Public Money for Public Code der Free Software Foundation Europe (FSFE) ein.

      • Fedora Family

        • Fedora Magazine: 4 cool new projects to try in COPR for January 2020

          COPR is a collection of personal repositories for software that isn’t carried in Fedora. Some software doesn’t conform to standards that allow easy packaging. Or it may not meet other Fedora standards, despite being free and open source. COPR can offer these projects outside the Fedora set of packages. Software in COPR isn’t supported by Fedora infrastructure or signed by the project. However, it can be a neat way to try new or experimental software.

          This article presents a few new and interesting projects in COPR. If you’re new to using COPR, see the COPR User Documentation for how to get started.

        • Robbie Harwood: Fedora Has Too Many Security Bugs

          I don't work on Fedora security directly, but I do maintain some crypto components. As such, I have my own opinions about how things ought to work, which I will refrain from here. My intent is to demonstrate the problem so that the project can discuss solutions.

          To keep this easy to follow, my data and process is in a section at the end; curious readers should be able to double-check me.

        • Vague proposal: ship prebuilt initramfs images

          Measured boot involves generating cryptographic measurements of boot components and configuration and using that to either control access to a local secret (in the case of sealing secrets to a TPM) or proving to another device (eg, a remote server or a local phone) what was booted. We're shipping most of the infrastructure to do this, but we're still left with a pretty fundamental problem - we need to know what the expected values are in order to know whether something's been tampered with or not. For many components this isn't a huge problem (we build and distribute the files - users can extract them and calculate the appropriate measurements, and maybe long term we'll be able to ship the measurements in a digestable way), but our initramfs images are generated on the user system and include system-specific data. This makes it impractical to know the expected measurements in advance. I've been thinking about ways to solve this for a while, and I'm coming to the conclusion that the best plan is probably to just ship pre-built initramfs images. I can think of three main reasons to want to use system-specific images: 1) They're smaller. By default we're already generating a generic image for rescue purposes, so disk space isn't the concern here - we're largely looking at losing boot speed. As machines have got faster this is probably not a huge deal. 2) They contain machine-specific configuration. Some of this can be passed on the kernel command line instead (eg, the machine ID), but we'd need answers for the rest. I can think of a couple of solutions: a) Stick the config in UEFI variables. It's small enough that we wouldn't run out. b) Extend grub to read some config files and synthesise an initramfs image for them. If we measure the paths that those images use then we don't need to worry about the contents as long as the tools that read the config can't be subverted via that configuration. 3) User customisation, such as including extra tooling. grub supports loading multiple initramfs images. Packages that right now install stuff in the initramfs could instead ship a prebuilt image that grub could append to the main initramfs. This would allow for things like overriding Plymouth themes, and we could ship the measurements for these pre-built images in order to allow them to be validated. Any thoughts on this?

        • Fedora Stakeholders Discuss Possibility Of Using Pre-Built Initramfs Images

          Another alternative to slow initramfs generation could be distributing pre-built initramfs images to users. An additional benefit of that is possibly better security with measured boot capabilities, a matter currently being discussed by Fedora stakeholders.

          Fedora from time-to-time has brought up the topic of using pre-built initramfs images and that happened again last week by former Red Hat employee turned Googler Matthew Garrett. He brought up a possible proposal to ship prebuilt initramfs images in the name of better security with measured boot.

      • Debian Family

        • Jonathan McDowell: Hardware, testing and time

          This week I fixed a bug that dated back to last May. It was in a piece of hardware I assembled, running firmware I wrote most of. And it had been in operation since May without me noticing the issue.

          What was the trigger that led to me discovering the bug’s existence? The colder temperatures. See, the device in question is a Digispark/433MHz receiver/USB serial dongle combo that listens for broadcasts from a Digoo DG-R8H wireless temperature/humidity weather station monitor. This is placed outside, giving me external temperature data to feed into my home automation setup.

          The thing is, while Belfast is often cold and wet, it’s rarely really cold. So up until recently the fact I never saw sub-zero temperatures reported could just be attributed to the fact the sensor is on a window sill and the house probably has enough residual heat and it’s sheltered enough that it never actually got below zero. And then there were a few days where it obviously did and that wasn’t reflected in the results and so I scratched my head and dug out the code.

          It was obvious when I looked what the issue was; I made no attempt to try and deal with negative temperatures. My excuse for this is that my DS18B20 1-Wire temperature sensor code didn’t make any attempt to deal with negative temperatures either - it didn’t need to, as those are all deployed inside my home and if the temperature gets towards zero the heating is turned on. So first mistake; not thinking about the fact the external sensor was going to have a different set of requirements/limits than the internal one.

        • Debian package updates preining.info: Digikam (6.4 and 7), Elixir, Kitty, Certbot

          I have updated some of the Debian packages distributed at https://www.preining.info/debian/, the complete list as of now is as below.

      • Canonical/Ubuntu Family

        • Ditch Windows 7 For Ubuntu Linux With This Great Guide

          If you’re still using Windows 7 and not paying for extended support (likely the vast majority of home users), you’re entering very risky waters. Microsoft won’t be sending along any more updates or security patches which leaves you exposed to all kinds of nastiness. You may be considering upgrading to Windows 10, or even buying a new PC with Windows 10 pre-installed since many older computers don’t meet the hardware requirements to run the latest version of Microsoft’s OS. But Canonical, the company behind the Linux distribution Ubuntu, has published a new guide to ease you through the transition from Windows 7 to Linux.

        • Here’s Ubuntu Touch Running on the PinePhone

          UBports’ Marius GripsgÃ¥rd has shared today on YouTube a more in depth overview of the Ubuntu Touch mobile operating system on the PinePhone Linux phone.

          The PinePine is already shipping to customers who pre-ordered the BraveHeart edition, but the new Linux phone doesn’t ship with an operating system pre-installed. Several options are available though, including Ubuntu Touch and Plasma Mobile.

          Its makers, PINE64, are currently waiting for a Linux mobile OS vendor to port their operating system to the PinePhone before shipping the second edition in spring 2020, and I really hope that Ubuntu Touch will be the first option they choose.

        • Mark Shuttleworth 2020 Prediction

          Here are the predictions by Canonical founder.

        • Ubuntu's Zsys Tool For Enhancing The ZFS On Linux Experience Now Supports Snapshots

          One of the work items we have been keen to monitor during the Ubuntu 20.04 LTS development cycle is tracking the happenings around Zsys, the Ubuntu/Canonical led utility for helping to administer ZFS On Linux systems. In ending out January, Zsys now has more functionality in tow.

          The latest with Zsys as of this week for the Golang-written daemon and user-space utility is zsysctl save for saving the current user state (snapshot) by default but also options for saving the complete system state and all users and another option for saving the state of specified users.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • The CUPS Printing System Lead Developer Has Left Apple, Begins Developing "LPrint"

        More than a decade after Apple acquired the CUPS source-code and its lead developer, that developer, Michael Sweet, recently parted ways with Apple.

        Just before Christmas was an announcement by CUPS lead developer Michael Sweet that he left Apple and will be taking a break and then plans to begin forming a new business with his wife.

        During his tenure at Apple, there were many CUPS improvements: much better network printing support, basic 3D printer support, IPP Everywhere, and more.

        Back in 2017 though is when Apple decided CUPS would no longer be GPL licensed but they migrated to the Apache 2.0 license. Just last August came CUPS 2.3 with that licensing change and the print server's first release in three years.

      • Flashing Builds from the Android Open Source Project

        AOSP has been around for a while, but flashing builds onto a development device has always required a number of manual steps. A year ago we launched Android's Continuous Integration Dashboard, which gives more visibility into the continuous build status of the AOSP source tree. However, these builds were not available for phones and flashing devices still required a manual command line process.

      • Google Makes It Easier To Flash Android Open-Source Project On Phones

        Flashing the Android Open-Source Project (AOSP) onto devices is now a lot easier thanks to the Android Flash Tool.

        Deploying the open-source build of Android onto smartphones/tablets has been a chore with various manual steps involved from the command line, but now the Android Flash Tool makes it easy to flash builds produced via the Android Continuous Integration Dashboard onto supported devices. Android Flash Tool makes it much easier for those wanting to run AOSP builds on hardware.

      • Google Android Flash Tool Allows You to Flash AOSP From a Web Browser
      • Product Announcement: Chef Habitat 1.5 Now Available

        Chef Habitat provides automation capabilities for defining, packaging, and delivering applications to almost any environment with any operating system, on any platform. Over the last year, we’ve seen organizations like Alaska Airlines, Rakuten, Walmart, and Rizing address a broad range of application delivery automation challenges with Habitat. They’ve improved their developers’ productivity, reduced deployment failures, and are delivering applications consistently across a variety of platforms and technologies.

      • Events

        • Cephalocon 2020 sessions to look out for

          March is a busy month in the open source calendar, with not just SUSECON occurring in Dublin, Ireland, but also the Ceph community congregating on the city of Seoul in South Korea for the ever popular Cephalocon conference. The global Ceph community is very vibrant, and where better to hold the annual get together for lovers of the industry-leading, open source software-defined storage technology than the high-tech metropolis that is Seoul?

        • Philip Withnall: Interested in a GUADEC remote attendance party in the UK, July 2020?

          GUADEC is in Mexico this year, which is great! This means that, for once, the tables are turned and people in Europe will get to experience what everyone in the rest of the world normally experiences for GUADEC: long travel times. That’s no bad thing, but I suspect it means there’ll be more people from Europe who are taking a break from GUADEC this year.

          I don’t want to travel to GUADEC, but do want to keep up with the conference and see people. So I’m looking at organising a UK remote attendance party for GUADEC, where anyone who isn’t going to Mexico is welcome to come along for a few days, follow the conference remotely, hack together, and socialise together.

      • Web Browsers

        • Mozilla

          • Thunderbird Mail Client Now Being Pushed Along By "MZLA Technologies Corporation"

            Mozilla's Thunderbird mail client has been rather neglected the past several years with all the focus on the Firefox web browser, but as the next step forward for this mail/RSS client is now placing it under the newly-formed MZLA Technologies Corporation.

            MZLA Technologies Corporation is a wholly-owned subsidiary of the Mozilla Foundation. By placing it under this new corporation, the hope is it will open new doors for Thunderbird and in turn more funding.

          • Thunderbird’s New Home

            As of today, the Thunderbird project will be operating from a new wholly owned subsidiary of the Mozilla Foundation, MZLA Technologies Corporation. This move has been in the works for a while as Thunderbird has grown in donations, staff, and aspirations. This will not impact Thunderbird’s day-to-day activities or mission: Thunderbird will still remain free and open source, with the same release schedule and people driving the project.

          • Thunderbird spun out to a separate corporation

            The Thunderbird email client has been moved into a separate company called "MZLA Technologies Corporation", which remains wholly owned by the Mozilla Foundation.

      • Productivity Software/LibreOffice/Calligra

      • BSD

        • Meet FuryBSD: A New Desktop BSD Distribution

          FuryBSD is a new BSD distribution based on FreeBSD and tweaked for desktops. Here's more information about this new project.

        • FreeBSD quarterly report for the period October 2019 - December 2019

          Here is the last quarterly status report for 2019. As you might remember from last report, we changed our timeline: now we collect reports the last month of each quarter and we edit and publish the full document the next month. Thus, we cover here the period October 2019 - December 2019.

          If you thought that the FreeBSD community was less active in the Christmas' quarter you will be glad to be proven wrong: a quick glance at the summary will be sufficient to see that much work has been done in the last months.

        • FreeBSD Had A Very Busy End Of Year 2019 With Numerous Advancements

          The FreeBSD project has issued their last quarterly status update for 2019.

          During Q4-2019 were many improvements to the FreeBSD project itself and related BSD ecosystem. Some of their happenings for Q4 included:

          - Delivering the successful FreeBSD 12.1-RELEASE in early November.

          - Support for newer Intel WiFi chipsets. As part of that, WiFi now works on the Lenovo ThinkPad X1 Carbon 7th Gen laptop which is the laptop FreeBSD Foundation is aiming for good BSD support.

      • FSF

        • Petition asking Microsoft to open-source Windows 7 sails past 7,777-signature goal

          Good news everybody! The Free Software Foundation has blown through its self-imposed target of 7,777 signatories in its efforts to persuade Microsoft to make Windows 7 open source.

          We noted last week the GNU-gang's attempt to coax the born-again open-sourcerer formerly known as "The Beast Of Redmond" into making a surprise deposit into GitHub.

          The thinking was that since Windows 7 has now come to the end of the road, as far as free security updates are concerned, then perhaps Microsoft might release it as open software?

          We put it to the Free Software Foundation that it might be more complicated than that – after all, Windows 7 contains all manner of codecs and the like licensed from third parties, as well as code licensed back to those same customers.

          The FSF's Greg Farough told us: "We want all software to be free software." The clue, after all, is in the name. "But Microsoft freeing just the operating system itself would satisfy our demand here."

          But what of those enterprises that have already paid for support? Should Microsoft start lobbing out refunds or fork the freshly open-sourced code base?

        • FSFE

          • FSFE is hiring: interns and trainees for legal, policy and technical areas

            FSFE is hiring: interns and trainees for legal, policy and technical areas We are looking for interns and trainees experienced in legal, policy or technical fields. The persons will work 35 hours per week with our team in the FSFE's Berlin office. There will be coordination with remote staff and volunteers, and depending on the work area opportunity to participate in events and meetings throughout Europe.

        • GNU Projects

          • GNU Linux-Libre 5.5 Kernel Arrives for Those Seeking 100% Freedom for Their PCs

            The GNU Linux-Libre 5.5 kernel has been released today as a 100% free version of the Linux 5.5 kernel, shipping only with free and open source drivers.

            GNU Linux-Libre 5.5 kernel is here for those seeking 100% freedom for their personal computers, as it deblobs more drivers, including brcmstb_dpfe, i915, iwlwifi, mlxsw spectrum, wilc1000, r8169, x86 touchscreen dmi, and xhci-tegra.

            In addition, the GNU Linux-Libre 5.5 kernel release also cleans several new drivers, among which we can mention IDT Clockmatrix, Realtek RTL815[23] USB Ethernet adaptors, RT5677 sound codecs, and WFX wf200 wireless.

      • Openness/Sharing/Collaboration

        • Open Access/Content

          • Journal transparency index will be ‘alternative’ to impact scores

            A new ranking system for academic journals measuring their commitment to research transparency will be launched next month – providing what many believe will be a useful alternative to journal impact scores.

            Under a new initiative from the Center for Open Science, based in Charlottesville, Virginia, more than 300 scholarly titles in psychology, education and biomedical science will be assessed on 10 measures related to transparency, with their overall result for each category published in a publicly available league table.

            The centre aims to provide scores for about 1,000 journals within six to eight months of their site’s launch in early February.

      • Programming/Development

        • AMD Zen 2 "Znver2" Optimizations With LLVM Clang 10 Bring Some Improvements

          With LLVM Clang 10 having added a Zen 2 scheduler model tuned for the latest AMD CPUs over the existing "znver2" tuning that had just copied the Zen 1 scheduler, here are some benchmarks looking at the LLVM Clang 9 vs. 10 compiler performance on AMD EPYC when making use of "-march=znver2" optimizations.

          On the AMD EPYC 7742 2P server running Ubuntu 19.10 with the Linux 5.5 kernel, I carried out benchmarks earlier this month comparing the LLVM Clang 9.0.1 performance to that of LLVM Clang 10.0 after the Zen 2 (znver2) improvements landed and around the time of the LLVM 10.0 branching.

        • 3 lessons I've learned writing Ansible playbooks

          I've used Ansible since 2013 and maintain some of my original playbooks to this day. They have evolved with Ansible from version 1.4 to the current version (as of this writing, 2.9).

          Along the way, as Ansible grew from having dozens to hundreds and now thousands of modules, I've learned a lot about how to make sure my playbooks are maintainable and scalable as my systems grow. Even for simple projects (like the playbook I use to manage my own laptop), it pays dividends to avoid common pitfalls and make decisions that will make the future you thankful instead of regretful.

        • Introduction to Eclipse JKube: Java tooling for Kubernetes and Red Hat OpenShift

          We as Java developers are often busy working on our applications by optimizing application memory, speed, etc. In recent years, encapsulating our applications into lightweight, independent units called containers has become quite a trend, and almost every enterprise is trying to shift its infrastructure onto container technologies like Docker and Kubernetes.

          Kubernetes is an open source system for automating deployment, scaling, and management of containerized applications, but it has a steep learning curve, and an application developer with no background in DevOps can find this system a bit overwhelming. In this article, I will talk about tools that can help when deploying your Maven applications to Kubernetes/Red Hat OpenShift.

          Background: Eclipse JKube

          This project was not built from scratch. It’s just a refactored and rebranded version of the Fabric8 Maven plugin, which was a Maven plugin used in the Fabric8 ecosystem. Although the Fabric8 project was liked and appreciated by many people in the open source community, due to unfortunate reasons it could not become successful, and the idea of Fabric8 as an integrated development platform on top of Kubernetes died. Although the main project is archived, there are still active repositories used by the community, such as the Fabric8 Docker Maven plugin, the Fabric8 Kubernetes client, and of course the Fabric8 Maven plugin.

          As maintainers of the Fabric8 Maven plugin, we started decoupling the Fabric8 ecosystem related pieces from the plugin to make a general-purpose Kubernetes/OpenShift plugin. We also felt there was a need for rebranding because most people were confused about whether this plugin had something to do with Fabric8. Hence, we decided to rebrand it, and fortunately, someone from the Eclipse foundation approached us to take in our project. Now, the project is being renamed to Eclipse JKube and can be found in the Eclipse Foundation repos on GitHub.

        • JSON Lines: record-style JSON

          There are lots of websites that explain why JSON is so popular. It's based on the familar JavaScript syntax and it has several advantages over CSV, XML and other data transfer formats. T

        • Perl / Raku

          • JSON, Unicode, and Perl … Oh My!

            You might think this a reasonable enough round-trip, just using two different JSON libraries, Mojo::JSON and Cpanel::JSON::XS. In fact, though, when you run this you’ll see that $decode in the above is "\x{c3}\x{83}\x{c2}\x{a9}", not just the "\xc3\xa9" that we started with.

        • Python

          • Python '!=' Is Not 'is not': Comparing Objects in Python

            There’s a subtle difference between the Python identity operator (is) and the equality operator (==). Your code can run fine when you use the Python is operator to compare numbers, until it suddenly doesn’t. You might have heard somewhere that the Python is operator is faster than the == operator, or you may feel that it looks more Pythonic. However, it’s crucial to keep in mind that these operators don’t behave quite the same.

            The == operator compares the value or equality of two objects, whereas the Python is operator checks whether two variables point to the same object in memory. In the vast majority of cases, this means you should use the equality operators == and !=, except when you’re comparing to None.

          • Webinar: “Security Checks for Python Code” with Anthony Shaw

            Software has security issues, Python is software, so how do Python developers avoid common traps? In this webinar, Anthony Shaw discusses the topic of security vulnerabilities, how code quality tools can help, and demonstrates the PyCharm plugin he wrote to let the IDE help.

          • Leysin Winter sprint 2020: Feb 29 - March 8th

            The next PyPy sprint will be in Leysin, Switzerland, for the fourteenth time. This is a fully public sprint: newcomers and topics other than those proposed below are welcome.

          • [Old] BPF Theremin, Tetris, and Typewriters

            If you wish to develop your own BPF observability tools, start with bpftrace and only use BCC when needed. My BPF Performance Tools book has plenty of examples. This is the culmination of five years of work: the BPF kernel runtime, C support, LLVM and Clang support, the BCC front-end, and finally the bpftrace language. Starting with other interfaces is like writing your first Java program in JVM bytecode. You can...but if you're looking for an educational exercise, I'd recommend using BPF tools to find performance wins.

          • Introducing Anaconda Team Edition: Secure Open-Source Data Science for the Enterprise

            I’m very excited to announce a new addition to Anaconda’s product line — Anaconda Team Edition!

            For the last few years, Anaconda has offered two products: our free Anaconda Distribution, meant for individual practitioners, and Anaconda Enterprise, our full-featured machine learning platform for the enterprise. This left a gap for many data scientists and developers who use Anaconda professionally, but whose companies either do not yet need a fully-featured machine learning platform, or are building their own solution.

            But even for these companies, open-source data science and machine learning tools are largely undermanaged. There are thousands of open-source packages data scientists and developers could bring into an organization, unaware of potential security or licensing implications. Moreover, these packages have complex inter-dependencies and intricate build requirements, which are underserved by traditional IT OSS management solutions.

            Many of our enterprise users have been asking for the convenience and security of mirroring Anaconda’s repository onto their own infrastructure, using an official facility rather than relying on our community-facing free services. This is why we are offering Anaconda Team Edition.

          • Joaquim Rocha: OCRFeeder 0.8.2 released

            Looking at this title gives me a “blast from the past” kind of feeling. OCRFeeder hasn’t seen a release in 6 years (!), but due to some recent efforts from members of the GNOME community, I decided to dedicate a few late nights to it and here it is the new release finally: version 0.8.2.

            I gotta give my special thanks to the community member scx who not only fixed a few important issues and added a couple of quick improvements, but also was patient enough to wait for my delayed reviews last year, and even created the flatpak for OCRFeeder.

            Here are a few paragraphs about the changes/status:

            Python 3

            Perhaps the biggest change in this version is the port to Python 3. Yes, Python 3 has not been a new thing for a while now, but it was never a priority to port the source code to it. An extra incentive for me to do the change though, is that Debian is in the process of nuking Python 2 for good.

            One of the good things that Python 3 brings is unicode support by default, so hopefully there will be no more unicode issues in OCRFeeder.

          • MOSS Video, BSSw Honorable Mention, and The Maintainership Book I Am Writing

            Mozilla interviewed me about the Python Package Index (PyPI), a USD$170,000 Mozilla Open Source Support award I helped the Python Software Foundation get in 2017, and how we used that money to revamp PyPI and drive it forward in 2017 and 2018. From that interview, they condensed a video (2 minutes, 14 seconds) featuring, for instance, slo-mo footage of me making air quotes. Their tweet calls me "a driving force behind" PyPI, and given how many people were working on it way before I was, that's quite a compliment!

            I will put a transcript in the comments of this blog post.

            (Please note that they massively condensed this video from 30+ minutes of interview. In the video, I say, "the site got popular before the code got good". In the interview, I did not just say that without acknowledging the tremendous effort of past volunteers who worked on the previous iteration of PyPI and kept the site going through massive infrastructure challenges, but that's been edited (for brevity, I assume).)

          • Hidden test dependencies

            Tests should be independent, isolated and repeatable. When they are, it's easy to run just one of them, run all of them in parallel or use pytest-testmon. But we don't live in an ideal world and many times we end up with a test suite with unwanted hidden test dependencies. In this article I am describing a couple of tips and tricks which allow us to find and fix the problems.

          • Wing Python IDE 7.2.1 - January 28, 2020

            Wing 7.2.1 fixes debug process group termination, avoids failures seen when pasting some Python code, prevents crashing in vi browse mode when the first line of the file is blank, and fixes some other usability issues.

          • Karl Dubost: Week notes - 2020 w04 - worklog - Python

            I dedicated most of my time in advancing the new anonymous workflow reporting. The interesting process in doing it was to have tests and having to refactor some functions a couple of times so it made more sense.

            Tests are really a safe place to make progress. A new function will break tests results and we will work to fix the tests and/or the function to a place which is cleaner. And then we work on the next modification of the code. Tests become a lifeline in your development.

            Another thing which I realize that it is maybe time we create a new module for our issues themselves. It would model, instantiate our issues and we can use in multiple places. Currently we have too many back and forth on parsing texts, calling dictionaries items, etc. We can probably improve this with a dedicated module. Probably for the phase 2 of our new workflow project.

            Also I have not been effective as I wished. The windmill of thoughts about my ex-work colleagues future is running wild.

        • Shell/Bash/Zsh/Ksh

          • Bash Select (Make Menus)

            In this tutorial, we will cover the basics of the select construct in Bash.

          • Some Useful Bash Aliases and How to Create Bash Aliases

            Do you spend a good amount of time working in the command line? Then you may have noticed that most of the commands you run are a small subset of all the available commands. Most of them are habitual and you may be running them every single day. To lessen the suffering of typing, developers the command utilities have attempted to eliminate the extraneous typing with abbreviations, for example, “ls” instead of “list”, “cd” instead of “change-directory”, “cat” instead of “catenate” etc. Yet, typing the same command over and over and over is truly boring and unenjoyable.

            This is where aliases come handy. Using an alias, it’s possible to assign your shortcut for a specific command. Here, we’ll be talking about how to create Bash aliases and demonstrate some useful aliases that you might enjoy.

          • Bash break and continue

            Loops allow you to run one or more commands multiple times until a certain condition is met. However, sometimes you may need to alter the flow of the loop and terminate the loop or only the current iteration.

            In Bash, break and continue statements allows you to control the loop execution.

      • Standards/Consortia

        • The need for adversarial tech-interoperability legislation

          In the words of Cory Doctorow: ?Interoperability is the act of making a new product or service work with an existing product or service?. The tech market has moved further and further away from interoperable standards in favor of vendor-lock-in or ?silos? over the last decade.

          I?ll discuss file hosting services to explain the problem with the lack of interoperable standards and argue for the need for legislation to ensure such interoperability.

          Let?s look at this app-integration with commercial file hosting providers targeted at consumers as an example. The big players in this space are Microsoft OneDrive, Google Drive, Apple iCloud, and Dropbox. There are dozens of more actors in this space.

          It?s common for all sorts of apps to integrate with one or more of these services to offer app-specific synchronization features. This is used to synchronize to-do lists, documents, and other app-specific data. A few large developers offer their own hosting services. However, many smaller app developers don?t want to take on the role of a file hosting provider. Instead, they build-in the option to synchronize using a third-party service.

  • Leftovers

    • Greece: a Chronology From January 25, 2015 to 2019

      Five years ago, on 25 January 2015, the Greek people sent a great signal of hope to the rest of the world.

    • Autobiographical Roots of Habermas’ Thought

      Habermas is reticent to talk about his childhood trauma of being born with a cleft palate, which had a decisive and lasting impact both on his own sense of himself and the deep-seated intuitions underpinning his thought. In a commemorative lecture, “Public space and political public sphere –the biographical roots of two motifs in my thought,” delivered in Kyoto, November 11, 2004, Habermas was invited to offer insights into his path of life. He was not used to doing this; he has been addressed most often as an “author, teacher and intellectual who is accustomed to communicate with readers, students and listeners” (p. 1).

    • The Disaster of Utopian Engineering

      This column is drawn from notes that Chris Hedges wrote in preparing for a debate held today by the University of Toronto’s Munk School of Global Affairs and Public Policy. Hedges, speaking from Princeton, N.J., argued for the motion: “Be it resolved, politics isn’t working as usual. It’s time for a revolution.” Opposed was David Brooks, an op-ed columnist for The New York Times who spoke from Washington, D.C. A podcast of the contest will be available later.

    • 7.7 Magnitude Earthquake Hits Off Jamaican Coast

      A tsunami warning was issued earlier but the danger has passed.€ 

    • Who Cares If It Leaks? An Afternoon at Hollyhock House

      Hollyhock House, designed by Frank Lloyd Wright in 1921, crowns a knoll called Olive Hill in East Hollywood. Once it was surrounded by citrus fields, now Hollyhock House and the small shady park it inhabits is hemmed in by LA sprawl: strip malls, gas stations, fast-food joints, the endless growl of traffic. The views from the hilltop stretch from the imperial towers of downtown LA to the Griffith Observatory in the Hollywood Hills. The commission for the house came from Aline Barnsdall, an oil heiress, who wanted Wright to build a complex of buildings on the site–a theater, art gallery, concert hall, cinema–to enrich the cultural life of Los Angeles. But the doyenne and the architect fell out before construction even began. Wright headed to off Japan to build the Imperial Hotel and oversight of the Hollyhock project was left to his radical young protegé, Rudolph Schindler, who felt the decorative Mayan design was a minor retreat from Wright’s modernist aesthetics. (Wright and Schindler were both uncompromising iconoclasts, but Schindler designed the more comfortable furniture. Alexander Cockburn, who adored them both, described Wright as “a little man who hated chairs.”) Barnsdall lived in the house less than a year, before moving into a smaller Wright-designed house nearby, where Schindler had resided during the two-year-long construction, and then donated the entire site to the city of Los Angeles, which has never really known what to do with the bequest. What Wright understood at the time, and the city’s boosters, managers and moguls failed to acknowledge for decades, was that LA’s architectural past and future pointed south, to Mexico and Central America.

    • Psychologist, Clinical Psychologist, Doctor Or None Of The Above? Will The Real Bettina Arndt AM Please Stand Up!

      EXCLUSIVE: For many years, Bettina Arndt has been passed off by the Australian media as a “psychologist” and “clinical psychologist”. More recently, she’s been credited as “Dr Arndt” – in The Australian newspaper, and in federal parliament. But a long-running New Matilda investigation has discovered that Ms Arndt is not a doctor, has never obtained a PhD and nor, as it turns out, is she a psychologist or clinical psychologist. NINA FUNNELL and CHRIS GRAHAM report.

    • Science

      • Reflections of a Scientific Humanist

        Michael Shermer’s Giving the Devil His Due: Reflections of a Scientific Humanist€ (Cambridge University Press, 2020) is a very special book written for people that actually spend time “thinking.” Geez, come to think of it, that’s kinda special in and of itself, “people thinking about things.” It’s especially true because nowadays society is geared to the opposite of deep thinking. Rather, in today’s world quick reflexes attuned to electrical whims rule the day. People increasingly react to impulses, not deep thought, as buttons/apps are pushed to communicate across the room as well as across the world. Presto! So much for deep thought!

    • Education

      • China’s Media Regulator Cuts ‘Entertaining’ TV Content During Coronavirus Crisis

        China’s media regulator has responded to the deadly coronavirus epidemic sweeping the country by cutting “entertaining” TV shows and boosting news programs, it said Tuesday, at a time when millions are stuck at home under quarantine.

        The announcement comes just days after it declared it was also doing the opposite: actively working to bring in more TV shows to channels in Wuhan and Hubei province, the epicenter of the disease. The self-contradiction is an illustration of the Chinese regime’s desire to disseminate ideologically “correct” programming of the appropriate emotional timbre to residents at a chaotic time of crisis.

        It also provides a window into what kinds of content Beijing deems suitable for its citizens to consume as it tries to keep a lid on panic and mounting criticism of the government’s management of the outbreak.

    • Health/Nutrition

      • People with Albinism Form First Ever Global Alliance

        This week, I witnessed a historic moment in human rights advocacy and empowerment: people with albinism from around the world unanimously voted to form a global alliance on albinism.

        From January 26 to 28, civil society groups representing people with albinism from six continents gathered in Paris to lay the foundation for an international coalition to combat the attacks, stigmatization, and discrimination people with albinism – a relatively rare condition caused by a lack of melanin or pigmentation in the skin, hair, and eyes – face worldwide.

      • Global Efforts to Contain Coronavirus Epidemic May Not Work, Experts Warn

        "We need to plan for the possibility containment of this epidemic isn't possible."

      • More than 5,000 Russian tourists currently in China to be evacuated within the next week

        All Russian tourists who are currently vacationing in China on organized tours will be returned to Russia by February 4, the press service of Russia’s government agency for tourism announced.

      • China’s Coronavirus Outbreak Reminds Me of the Irish Polio Epidemic I Survived

        China is responding to the spread of the coronavirus in Wuhan much as countries have always reacted to life-threatening epidemics. At every level of society and government, fear of death – or, more accurately, fear of being held responsible for death – drives decision-making, which is consequently often ill-judged.

      • Radiation spike recorded in Severodvinsk; officials point to broken detector

        In Severodvinsk, the city in northern Russia that is closest to the location of the country’s August 2019 nuclear accident, another sudden uptick in radiation has been recorded. City officials first told Interfax about the detected result.

      • Virtually All Major US Drinking Water Sources Likely Contaminated With PFAS

        New laboratory tests confirm that drinking water in dozens of cities across the United States is contaminated with toxic chemicals known as per- and polyfluoroalkyl substances (PFAS) at levels exceeding what independent experts consider safe for human consumption. The findings suggest that previous studies have dramatically underestimated the number of consumers exposed to PFAS through drinking water and come as the Trump administration continues to gut environmental and clean water protections.

      • Your computer mouse is twisting your arm every second. How to avoid a potential surgery

        Back in 1964, Douglas C. Engelbart created the wildly popular computer mouse. The design was simple, consisting of a wooden body complete with a circuit board and two metal wheels to interact with surfaces. If you use a computer, you?ve probably used a mouse with similar design before, but it?s probably not wooden. The reason for that is because sixteen years after the mouse was invented, Steve Kirsch invented the Optical mouse, which is quickly took off until recently. Regardless of the design or type, the mouse comes just as standard as your laptops keyboard but has been proven to be used three times as much.

        [...]

        When you’re choosing a mouse for your computer, whether for health reasons or otherwise, it’s best to choose something that’s going to make you feel comfortable, and that happens to be the Vertical mouse. It’s better not to wait until you feel pain in your hand to make the change, specifically if you want to find the one that fits correctly. Once the pain from incorrect posture settles in, it quickly becomes harder to manage. If you decide to stick with what you have, instead of investing in a Vertical mouse, whether as a creature of habit or because of familiarity, make sure you take a break every few hours in order to avoid stress injuries from repetitive movements.

    • Integrity/Availability

      • Proprietary

        • Neil Young Says the MacBook Pro Has 'Fisher-Price' Audio Quality

          Neil Young has some harsh words to describe Apple’s MacBook Pro audio quality. The long-time proponent of hi-res audio assailed the laptop for having ‘Fisher-Price’ quality audio.

        • Ransomware Linked to Iran, Targets Industrial Controls

          Tel Aviv-based Otorio, a cybersecurity firm which specializes in industrial control systems (ICS), said that the ransomware called “Snake,” like others of its kind, encrypts programs and documents on infected machines. But it also removes all file copies from infected stations, preventing the victims from recovering encrypted files.

        • Pseudo-Open Source

          • Openwashing

            • Banks are finally embracing the Open Source movement

              Even though bank leaders are becoming convinced that leveraging open source technology is the future, banks will not transform over night to open source adepts. Just like introducing all other new technologies and methodologies, embracing open source software requires a cultural shift in the whole organization, which takes time and intensive change management.

          • Privatisation/Privateering

            • Linux Foundation

              • XCP-ng 8.1 Beta Rolls Out While Becoming Part Of The Xen Project

                XCP-ng, the Xen-based enterprise-focused hypervisor offering a Xen Server Linux distribution, has released a beta of its next feature release while formally becoming part of the Linux Foundation hosted Xen Project.

                The Xen Project has announced that XCP-ng has become an incubation project within the organization to provide a fully open-source virtualization platform. "XCP-ng includes some key features inherited from Xen Project as the ability to live migrate VMs without interruption, scalability and security but also brings a whole new ecosystem as a modern Web-ui (Xen Orchestra), compatibility with recognized solution on the market (eg. Netdata) and turnkey installer to ease the adoption. XCP-ng provides a central, validated distribution that delivers Xen. Why is this important? It’s a streamlined way for users to gain access and creates a default go-to solution for the community. The inclusion of XCP-ng with its large and active user community into the Xen project creates a bridge between users and developers. The healthy flow of knowledge sharing ensures input from end-users gets incorporated into new releases."

          • Entrapment (Microsoft GitHub)

        • Security

          • Avoiding gaps in IOMMU protection at boot

            When you save a large file to disk or upload a large texture to your graphics card, you probably don't want your CPU to sit there spending an extended period of time copying data between system memory and the relevant peripheral - it could be doing something more useful instead. As a result, most hardware that deals with large quantities of data is capable of Direct Memory Access (or DMA). DMA-capable devices are able to access system memory directly without the aid of the CPU - the CPU simply tells the device which region of memory to copy and then leaves it to get on with things. However, we also need to get data back to system memory, so DMA is bidirectional. This means that DMA-capable devices are able to read and write directly to system memory.

            As long as devices are entirely under the control of the OS, this seems fine. However, this isn't always true - there may be bugs, the device may be passed through to a guest VM (and so no longer under the control of the host OS) or the device may be running firmware that makes it actively malicious. The third is an important point here - while we usually think of DMA as something that has to be set up by the OS, at a technical level the transactions are initiated by the device. A device that's running hostile firmware is entirely capable of choosing what and where to DMA.

            Most reasonably recent hardware includes an IOMMU to handle this. The CPU's MMU exists to define which regions of memory a process can read or write - the IOMMU does the same but for external IO devices. An operating system that knows how to use the IOMMU can allocate specific regions of memory that a device can DMA to or from, and any attempt to access memory outside those regions will fail. This was originally intended to handle passing devices through to guests (the host can protect itself by restricting any DMA to memory belonging to the guest - if the guest tries to read or write to memory belonging to the host, the attempt will fail), but is just as relevant to preventing malicious devices from extracting secrets from your OS or even modifying the runtime state of the OS.

            But setting things up in the OS isn't sufficient. If an attacker is able to trigger arbitrary DMA before the OS has started then they can tamper with the system firmware or your bootloader and modify the kernel before it even starts running. So ideally you want your firmware to set up the IOMMU before it even enables any external devices, and newer firmware should actually do this automatically. It sounds like the problem is solved.

          • Our upcoming Webinar on Security with Ubuntu and IBM Z

            My first interaction with the Ubuntu community was in March of 2005 when I put Ubuntu on an old Dell laptop and signed up for the Ubuntu Forums. This was just a few years into my tech career and I was mostly a Linux hobbyist, with a handful of junior systems administrator jobs on the side to do things like racking servers and installing Debian (with CDs!). Many of you with me on this journey have seen my role grow in the Ubuntu community with Debian packaging, local involvement with events and non-profits, participation in the Ubuntu Developer Summits, membership in the Ubuntu Community Council, and work on several Ubuntu books, from technical consultation to becoming an author on The Official Ubuntu Book.

            These days I’ve taken my 15+ years of Linux Systems Administration and open source experience down a slightly different path: Working on Linux on the mainframe (IBM Z). The mainframe wasn’t on my radar a year ago, but as I got familiar with the technical aspects, the modernization efforts to incorporate DevOps principles, and the burgeoning open source efforts, I became fascinated with the platform.

            As a result, I joined IBM last year to share my discoveries with the broader systems administration and developer communities. Ubuntu itself got on board with this mainframe journey with official support for the architecture (s390x) in Ubuntu 16.04, and today there’s a whole blog that gets into the technical details of features specific to Ubuntu on the mainframe: Ubuntu on Big Iron

            I’m excited to share that I’ll be joining the author of the Ubuntu on Big Iron blog, Frank Heimes, live on February 6th for a webinar titled How to protect your data, applications, cryptography and OS – 100% of the time. I’ll be doing an introduction to the IBM Z architecture (including cool hardware pictures!) and general security topics around Linux on Z and LinuxONE.

          • Intel Makes Public Two More Data Leakage Disclosures

            Intel last night made public two more data leakage disclosures, which tie back to Zombieload and November's TAA issue.

            [...]

            As of writing no CPU microcode updates have been released for Linux users but as soon as that happens I'll begin with some tests for seeing any new performance overhead.

          • Canonical Outs Major Ubuntu 18.04 LTS Kernel Security Update for Cloud Users

            New Ubuntu 18.04 LTS kernel security update addresses 15 vulnerabilities in the Linux 5.0 kernel packages for various cloud systems.

          • Security updates for Wednesday

            Security updates have been issued by CentOS (apache-commons-beanutils, java-1.8.0-openjdk, libarchive, openjpeg2, openslp, python-reportlab, and sqlite), Debian (hiredis, otrs2, and unzip), openSUSE (apt-cacher-ng, git, samba, sarg, and storeBackup), Oracle (openjpeg2), Red Hat (libarchive, openjpeg2, sqlite, and virt:rhel), SUSE (aws-cli and python-reportlab), and Ubuntu (libgcrypt11, linux-aws-5.0, linux-gcp, linux-gke-5.0, linux-oracle-5.0, linux-hwe, linux-hwe, linux-aws-hwe, linux-lts-xenial, linux-aws, and openjdk-8, openjdk-lts).

          • Duo CEO Dug Song: We have to make security simple

            Duo Security CEO Dug Song kept it simple Tuesday when he described the last decade in cybersecurity.

            “It sucked,” Song told the crowd at the Zero Trust Security Summit presented by Duo and produced by FedScoop and CyberScoop.

            The next decade doesn’t have to be that way, he says, because the technology ecosystem has the tools it needs to make security as seamless and easy to use as possible. Architectures like zero trust can become more commonplace, giving enterprises simple ways to protect themselves against the most familiar threats.

            At the core, it’s about ensuring that users and devices are connecting only with the data that they need. In a sit-down with CyberScoop on the sidelines of the summit, Song talked about the evolution of zero trust, how the cybersecurity market is changing, and how cybersecurity can be better woven into campaign operations.

          • [Old] ScreenConnect MSP Software Used to Install Zeppelin Ransomware

            Threat actors are utilizing the ScreenConnect (now called ConnectWise Control) MSP remote management software to compromise a network, steal data, and install the Zeppelin Ransomware on compromised computers.

            ConnectWise Control is a remote management software commonly used by MSPs and IT professionals in order to gain access to a remote computer to provide support.

          • How to Approach Linux Threats?

            There is a lot of importance given for protecting Windows endpoints in the antivirus industry. Windows desktop users dominate close to 87 percent of the total desktop market share when compared to the 2 percent share held by Linux desktop users. A group of people argue that Linux is the safest and most secure operating system as it is scarce that malware targets Linux end users. While discussing the threats to the Linux platform, we must understand that Linux desktop usage is a tiny piece of the puzzle. About 70 percent of the webserver market share is made by Linux, according to Web Technology Surveys, and, according to CBT Nuggets, 90 percent of all cloud servers. Linux is said to be the most popular operating system among Microsoft’s Azure Cloud, according to ZDNet.

            The recent discovery of HiddenWasp, QNAPCrypt, and Evilgnome has made the emergence of Linux threats evident. The detection rate is low as reported by several security vendors, and this is due to the industry’s quick migration to the cloud, combined with a lack of awareness about the threats.

          • Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation

            • OpenBSD OpenSMTPD Remote Code Execution Vulnerability (CVE-2020-7247)

              Qualys Research Labs discovered a vulnerability in OpenBSD’s OpenSMTPD mail server that allows an attacker to execute arbitrary shell commands with elevated privileges. OpenBSD developers have confirmed the vulnerability and also quickly provided a patch.

              Proof-of-concept exploits are published in the security advisory.

            • Critical Bug Fix: OpenBSD Vulnerability Needs Urgent Patching – RCE With Morris Worm Inspiration

              Security researchers at Qualys say they’ve identified a remotely exploitable vulnerability in OpenBSD’s mail server — used by a range of Linux distributions.

              The critical vulnerability is in OpenSMTPD, a free mail transfer agent that lets machines exchange emails with other systems speaking the SMTP protocol.

            • Critical Remote Code Execution Bug Fixed in OpenBSD SMTP Server

              A critical vulnerability in the free OpenSMTPD email server present in many Unix-based systems can be exploited to run shell commands with root privileges.

              The component is a free implementation of the server-side SMTP protocol to exchange email-related traffic with compatible systems.

              It is part of the OpenBSD project and has a portable version that is compatible with other operating systems: FreeBSD, NetBSD, macOS, Linux (Alpine, Arch, Debian, Fedora, CentOS).

            • Unpleasant vulnerability in OpenSMTPD

              Qualys has put out an advisory regarding a vulnerability in OpenBSD's OpenSMTPD mail server. It "allows an attacker to execute arbitrary shell commands, as root: either locally, in OpenSMTPD's default configuration (which listens on the loopback interface and only accepts mail from localhost); or locally and remotely, in OpenSMTPD's 'uncommented' default configuration (which listens on all interfaces and accepts external mail)." OpenBSD users would be well advised to update quickly.

            • RCE in OpenSMTPD library impacts BSD and Linux distros

              Security researchers have discovered a vulnerability inside a core email-related library used by many BSD and Linux distributions.

              The vulnerability, tracked as CVE-2020-7247, impacts OpenSMTPD, an open-source implementation of the server-side SMTP protocol.

              The library is normally included with distros that are designed to operate on servers, allowing the server to handle SMTP-related email messages and traffic.

              The OpenSMTPD library was initially developed for the OpenBSD operating system, but the library was open-sourced, and its "portable version" has also been incorporated into other OSes, such as FreeBSD, NetBSD, and some Linux distros, such as Debian, Fedora, Alpine Linux, and more.

            • Uncovering Vulnerabilities in Open Source Libraries

              In recent articles, ForAllSecure has discussed how we were able to use our next-generation fuzzing solution, Mayhem, to discover previously unknown vulnerabilities in several open source projects, including Netflix DIAL reference, Das U-Boot, and more. In this post, we will follow up on a prior article on using Mayhem to analyze stb and MATIO by reviewing three additional vulnerabilities found in another open source library. Prior to detailing these new vulnerabilities, we will examine some of the factors which can help to identify code which is a good candidate for fuzzing.

          • Privacy/Surveillance

            • Italian Spyware Company Execs Arrested After Company Employees Spied On Innocent Citizens

              Any tool that gives people access to tons of personal data will be abused. Law enforcement databases are routinely misused by government employees. Ring -- law enforcement's favorite consumer home product -- collects tons of data about its customers and this data has been inappropriately accessed by Ring employees.

            • FISA Court Orders FBI To Start Cleaning Up Its Carter Page Surveillance Mess

              The FBI's abuse of its surveillance powers in the Carter Page investigation -- uncovered by the Inspector General -- is now being addressed by the FISA court. The FISA court is often considered to be a rubber stamp for government applications -- only very rarely rejecting the government's national security advances.

            • Is William Barr's Latest Attack On Section 230 Simply An Effort To Harm Tech Companies For Blocking His Desire To Kill Encryption?

              Last month, we noted that Attorney General William Barr was making a bizarre attack on Section 230 of the Communications Decency Act, claiming that the DOJ was "studying Section 230 and its scope" and arguing -- without evidence -- that 230 might be contributing to "unlawful behavior" online. As we noted at the time, Section 230 explicitly exempts federal criminal charges from what it applies to, meaning that it literally cannot interfere with any DOJ prosecution. So it's truly bizarre to see the DOJ concerned about the issue.

            • Off-Facebook Activity is a Welcome but Incomplete Move

              Today Facebook announced the roll-out of its Off-Facebook Activity tool (initially introduced as “Clear History” nearly two years ago). The tools shows you a list of apps, websites, and businesses that Facebook knows you have visited through its business tools (including Facebook Login, Facebook’s tracking Pixel, social widgets such as Like and Share buttons, and other less visible features for developers). It also gives you options to “clear” or “disconnect” the identifiable information they have linked to your account. For more on how to use the setting, see our tutorial post.

              This is a good step for Facebook to take, and we hope it pushes other companies who talk a big game about transparency to follow suit. If even Facebook can give people this level of transparency and control around a particular data stream, other adtech players should be able to get their act together.

            • EFF and Other Groups to PCLOB: Urge the Ban of Face Recognition

              This week EFF joined a coalition letter asking the Privacy and Civil Liberties Board (PCLOB) to urge that the government suspend its use of face recognition technology. The letter was signed by organizations like Color of Change, Council on American-Islamic Relations, Demand Progress, Fight for the Future, National Center for Transgender Equality, and the Project on Government Oversight, to name a few.

              In it, the groups point to the many ways that face recognition can track people, presumes guilt of the people whose faces have been collected or identified, and can even misidentify them to great consequence. “While we do not believe that that improved accuracy of facial recognition would justify further deployment,” the letter’s authors write, “we do believe that the obvious problems with bias and discrimination in the systems that are currently in use is an additional reason to recommend a blanket moratorium.”

            • How to Change Your Off-Facebook Activity Settings

              Facebook's€ long-awaited Off-Facebook Activity tool€ started rolling out today.€ While it's not a perfect measure, and we still need stronger data privacy laws, this tool is a good step toward greater transparency and user control regarding third-party tracking. We hope other companies follow suit, and we encourage users to take advantage of it.

              This tutorial will guide you through the steps to not only “clear” the off-Facebook activity already linked with your account, but also to prevent future activity from being associated with your account going forward. Note that this won’t stop third parties from sending Facebook information about you—it will only stop Facebook from associating that information with your account.

            • Data Privacy or Data Protection Day? It’s a Human Right, Either Way

              Today marks the 39th anniversary of the Council of Europe's "Convention for the Protection of Individuals with Regard to the Automatic Processing of Personal Data", or, more catchily, Convention 108. It is the root treaty that spawned the first European Union-wide data protection laws, including the General Data Protection Regulation (GDPR), as well as similar laws in Canada, Australia, India, Japan, Argentina, Uruguay, Mexico, and more.

              Its anniversary is why in the United States, as declared in previous years by Congress, we celebrate National Data Privacy Day. Meanwhile, across the Atlantic, the nations of the Council of Europe—including the European Union, Russia, Norway, and their neighbours—will be celebrating Data Protection Day.€  Others around the globe, will be relishing 24 hours of simple, undiluted Privacy Day, sans any mention of "data" at all.

            • Why Mark Zuckerberg’s Oversight Board May Kill His Political Ad Policy

              The Oversight Board’s bylaws set out a road map for what may become the end of his stubborn stand on political advertising. Here’s the scenario: A politician makes a bogus charge in a paid Facebook ad, falsely claiming an opponent has taken a bribe, appeared in a sex film, trafficked in drugs, or doesn’t wash their hands after visiting the bathroom. Right now, the victim of one of those lies has no recourse: If they appeal to Facebook, the company will refer to Zuckerberg’s official policy. Facebook will continue to pocket the money and promote the lie.

            • US colleges are trying to install location tracking apps on students’ phones

              Barely over a year ago, we pointed out how dystopian it seemed when Chinese schools added “smart uniforms” to track their students’ attendance. But US colleges are already testing out a similar tactic with a location tracking app, which students are now apparently expected to install on their phones.

              I say “apparently” because there’s some confusion over whether the schools are actually forcing this on their students. The Kansas City Star reported that at the University of Missouri, new students “won’t be given a choice” of whether to install the SpotterEDU app, which uses Apple’s iBeacons to broadcast a Bluetooth signal that can help the phone figure out whether a student is actually in a room.

            • How fast can a new [Internet] standard for sharing patient data catch fire?

              The consolidation of medical records may be on its way, as technology companies prod the health care industry to embrace an internet-based common standard for storing and sharing patient information. It’s known as FHIR and pronounced “fire” — a catchier way of saying Fast Healthcare Interoperability Resources.

              Industry analysts say the rapidly growing demand for freer exchange of health care information is creating an electronic health record market estimated to reach $38 billion by 2025. With numbers like that bandied about, it should come as no surprise that Silicon Valley tech giants Apple and Google are lining up for a slice of the pie — as are other technology behemoths, including Amazon and Microsoft. Those corporations, and many smaller companies and startups, offer FHIR-based apps and services to consumers and health industry professionals.

            • US universities reject campus facial recognition systems

              Advocacy groups fighting the technology planned this week to highlight that about a dozen institutions had already committed to opposing systems that use cameras and software to identify people for security and payment purposes.

              That follows moves by Stanford University and the University of San Francisco to end their brief uses of facial recognition systems, and the acknowledgement by the University of Southern California that its students were largely rejecting the technology in their dormitories.

            • Payment Data from WaWa Customers Is For Sale Online

              Credit and debit card information from customers of the food and gasoline chain WaWa Inc. is being sold online, according to the fraud intelligence company Gemini Advisory.

              The breach “ranks among the largest payment card breaches of 2019, and of all time” because it potentially affected 850 stores and 30 million payment records, Gemini Advisory said in a report on Tuesday.

            • I Monitor My Teens' Electronics, and You Should Too

              All valid arguments, but even I knew the truth: They wanted phones so they could screw around online.

    • Defence/Aggression

    • Environment

    • Finance

      • Trump’s Feeble Phase 1 China-US Trade Deal

        With the announcement today, January 16, 2020 of the signing of the US-China Phase 1 ‘mini’ trade deal, and the US Senate’s simultaneous ratification of the USMCA ‘NAFTA 2.0’ trade agreement, Trump’s so-called ‘trade wars’ are at an end.€  In election year 2020 nothing of additional significance will be achieved by Trump with regard to restructure US and global trade relations. While Trump himself will make further threats and claims, likely aimed at the Europeans, no country will agree to any changes this year when the possibility exists of Trump leaving the presidency next November 2020.€  To repeat once again, the Trump trade wars are over. As the comedian once said: ‘what you see is what you get, baby’.

      • Elizabeth Warren's Radical Critique of Corporate Bankruptcy—And How it Shapes What Kind of President She Would Be

        The 2020 candidate's analysis dating back thirty years and the proposals she now promotes reflects an ideology that would make her orders of magnitude more radical than any President in our history.€ 

      • The Push to Create Co-ops Is Energizing a New Generation of Socialists

        Socialism is a yearning for something better than capitalism. As capitalism has changed and as experiments with socialism have accumulated — both good and bad — socialist yearnings, too, have changed. However, a bizarre disconnect surfaces as capitalism’s gross dysfunction during and since its 2008 crash brings socialism again into public discussion. Large numbers of people debate the pros and cons of socialism as if what it is in the 21st century were identical to what it was in the 20th. Is it reasonable to presume that the last century’s two purges, the Cold War, the implosion of the USSR, and the explosive emergence of the People’s Republic of China inspired no critical reflections on socialism by socialists themselves? No. The remarkable lack of awareness of new and different definitions of socialism since 1945, their elaborations, and their implications reflects the fact that sustained engagement with socialism was taboo in the US for decades. That people are now mostly unaware of socialism’s evolution in theory, practice, and self-criticism over the last half century is therefore no surprise.

      • Budget Deficit to Break $1 Trillion Despite Strong Economy

        An annual congressional report says the U.S. budget deficit is likely to burst through the symbolic $1 trillion barrier this year despite a healthy economy.

      • It Is Time to Bill the Billionaires

        The 1 percent does not have solutions for our system of inequality because they are its primary beneficiaries.

      • The Evolution of "Davos Man" into . . . Trump Fan!
      • Three billion in real estate, all owned by family Navalny’s Anti-Corruption Foundation lobs its first volley at Russia’s new prime minister, Mikhail Mishustin

        Newly appointed Russian Prime Minister Mikhail Mishustin’s financial declarations list him as a “user” of real estate in the Moscow area whose total value is about three billion rubles ($48.2 million). Mishustin is not the official owner of any of that property, but all of it is registered to his relatives. These are among the claims made in the latest investigation from opposition politician Alexey Navalny’s Anti-Corruption Foundation (FBK), which includes a list of all the real estate now known to belong to Mishustin’s family.

      • To Cancel Student Debt, You Don’t Need Congress

        The 2020 Democratic primary elevated the student debt debate to the national stage and has sparked discussion at dinner tables and workplaces across the country. Americans are asking themselves and the candidates: how much student debt should we cancel, and how shall we cancel it? Sen. Bernie Sanders wants to cancel it all — and has introduced legislation to do so. Sen. Elizabeth Warren wants to cancel up to $50,000 in debt for households making less than $250,000 on Day 1 of the next administration. Warren recently updated her plan to clarify that she will use executive authority to cancel student debt, without needing to wait for Congress to act.

      • Insurance Lobby Talking Points Don’t Come With Warning Labels

        The healthcare industry has spent over $2 billion on lobbying over the past four years, more than any other industry.

    • AstroTurf/Lobbying/Politics

      • Trump’s Expansive Executive Privilege Claims Pose Serious Constitutional Crisis
      • Truth a Major Casualty of Impeachment Hearings

        As in any political battle, truth has been one of the major casualties of the impeachment proceedings against President Donald J. Trump.

      • John Bolton Is Not to Be Trusted, But the Question Remains: What Does He Want?

        What if Bolton is trying to get Trump removed from office? That would imply that he wants a president Pence.

      • 'Green New Dud, Not a Green New Deal': Climate Groups Denounce Draft Bill From House Democrats

        "A bold climate plan must call for a ban on fracking and all new fossil fuel infrastructure, and a swift and just transition to 100 percent clean, renewable energy across all sectors of the economy."

      • Sunrise Movement to Host Nationwide House Parties to Boost Sanders, Demand Green Green New Deal

        "Whether we can pull it off is up to you and me."

      • Noam Chomsky Is the Antidote to Trump's Facism

        In addition to the obvious terrors — gutting our social safety net, near-wars with North Korea and Iran, the family separations, and the everyday racism and xenophobia — the Trump era has been threaded with two subtler but no less damaging afflictions: confusion and paranoia. Not knowing on any given day whether President Donald Trump and his sycophants are serious about such critical matters as sending bombs into North Korea or the Middle East, say, or planning to take away our health care is nearly as damaging as the actions themselves.

      • Lobbies' Greatest Ally in the Effort to Sabotage Health Care Reform

        Ever since€ The Intercept€ (11/20/18) found several planning documents by the€ Partnership for America’s Healthcare Future€ (PAHCF), a benign-sounding corporate alliance formed to prevent any kind of reform and prop up the€ dysfunctional US healthcare€ system’s profits, corporate media have been reporting on the PAHCF’s efforts to defend the US’s for-profit healthcare system (The Hill,€ 6/28/19).

      • Trump Team: Impeachment Not About ‘Unsourced Manuscripts’

        President Donald Trump’s legal team neared the end of his impeachment trial defense Tuesday, painting him and his aides as hounded by investigation and taking a dismissive swipe at an unpublished book by John Bolton that is said to contradict a key defense argument.

      • Union Accuses Federal Agency of "Chilling" Government Workers' Speech by Barring Any Talk of Trump Impeachment

        "Government employees have a right to speak about this historic matter."

      • 41 Senators Urge Trump Administration to End 'Cruel and Dangerous' Effort to Cut Social Security Disability Benefits

        "It is alarming that the agency appears more concerned with devoting limited resources toward making it harder for people with disabilities to receive essential benefits."

      • Sometimes We Can Make Our Own Hope

        Running for office in the age of Donald Trump and climate change.

      • Perfecting the Call
      • Trump Unveils Controversial Peace Plan for the Middle East

        President Donald Trump unveiled his long-awaited Middle East peace plan Tuesday, calling for the creation of a State of Palestine with its capital in portions of east Jerusalem. He declared it a “win-win” opportunity for both Israel and the Palestinians.

      • Palestinians Brace for the Worst Ahead of Trump’s 'Peace Plan'

        It is largely understood that the deal will be heavily pro-Israel.

      • Denouncing Trump Plan as 'Unacceptable,' Sanders Declares It Is Time to 'End the Israeli Occupation'

        "Trump's so-called 'peace deal,'" warned the White House hopeful, "will only perpetuate the conflict, and undermine the security interests of Americans, Israelis, and Palestinians."

      • Palestinians Call on World to Reject Trump ‘Peace’ Deal

        The so-called “peace deal” authored by White House adviser Jared Kushner was met with protests and condemnation by Palestinians on Tuesday ahead of an expected announcement by U.S. President Donald Trump and Israeli Prime Benjamin Netanyahu in Washington, D.C.

      • 'This Is Not a Peace Plan, It Is a War Plan': Trump-Netanyahu Deal Decried as Shameful Attack on Palestinian Rights

        "Any attempt to address the Israeli-Palestinian issue that does not begin and end with the full acknowledgment of the Palestinian right to self-determination, freedom, justice, and equality is a non-starter."

      • Sorry Chomsky and Friends, The Green Party isn't the Problem
      • Where Was Rudy Giuliani When Democrats Needed Him?

        Help me get this straight. Rudolph Giuliani is the President’s private attorney, or at least he still seems to be. According to CNN on 10/11/19:

      • 'Screaming the Quiet Part Into a Bullhorn': Sen. Joni Ernst Admits GOP Using Impeachment Trial to Damage Biden in 2020

        "Trump is trying to use the trial to do what Ukraine wouldn't—destroy his political rivals."

      • New Tennessee Law Deepens Discrimination Against LGBT People

        Tennessee has just become the latest US state to let taxpayer-funded adoption and foster care agencies operate under their own religious or moral beliefs – even if this means discriminating against prospective parents or jeopardizing the best interests of children.

        Lesbian, gay, bisexual, and transgender (LGBT) people, single parents, and religious minorities have faced problems trying to adopt or foster children in the US because some agencies will only place kids with heterosexual parents of a particular faith – a discriminatory practice.

      • So Much For America's Mayor
      • Nationalist writer Zakhar Prilepin announces founding of party said to be a future spoiler

        The prose writer Zakhar Prilepin has announced that he will be formally founding a political party based on the nationalist movement “For Truth,” which he created in October 2019.

      • Stop Blaming Algorithms For Misinformation And Threats To Democracy; The Real Problem Is Societal

        For quite some time now, we've pointed out that we should stop blaming technology for problems that are actually societal. Indeed, as you look deeper at nearly every "big tech problem," you tend to find the problem has to do with people, not technology. And "fixing" technology isn't really going to fix anything when it's not the real problem. Indeed, many proposals to "fix" the tech industry seem likely to exacerbate the problems we're discussing.

      • Biden Won’t Say Whether Sanders Could Unify Democrats as Nominee

        Former Vice President Joe Biden wouldn’t say Tuesday whether he thinks Bernie Sanders could effectively unify the Democrats if the Vermont senator wins the party’s presidential nomination.

      • New Poll Shows Bernie Sanders With More Than Double the Support of Joe Biden in New Hampshire

        Running away from the pack, Sanders leads former vice president by 15 points and holds double-digit lead over all his Democratic rivals in the key early voting state.

      • GOP Doesn't Have Votes Yet to Block Bolton, McConnell Concedes

        Republican leaders do not yet have the votes to block Democrats from summoning John Bolton or other witnesses at President Donald Trump’s impeachment trial, Senate Majority Leader Mitch McConnell conceded to fellow GOP senators late Tuesday. It could be a major hurdle for Trump’s hopes to end the trial with a quick acquittal.

      • The FBI Has Been Lying About Seth Rich

        A persistent American lawyer has uncovered the undeniable fact that the FBI has been continuously lying, including giving false testimony in court, in response to Freedom of Information requests for its records on Seth Rich. The FBI has previously given affidavits that it has no records regarding Seth Rich.

      • DNC Defends Diverse Group Of Corporate Democrats Appointed To Convention Committees

        Faced with a backlash, the Democratic National Committee defended the secretive manner in which dozens of lobbyists, corporate consultants, party insiders, think tank board members, and pro-Israel Democrats were nominated by DNC Chair Tom Perez to committees for the 2020 national convention.Seventy-five individuals were appointed to the platform, rules, and credentials committees on January 25 during a DNC executive committee meeting. Who currently is part of this executive committee is unclear.Two chairs and four vice-chairs were appointed to oversee each of the committees. Thirty-one spots on each committee were filled. Nearly all of the individuals appointed endorsed Hillary Clinton during her 2016 campaign. Many endorsed Clinton early in 2015, but the DNC said it does not consider “past endorsements” when filling committees.The DNC claimed “high-profile” supporters of Senator Bernie Sanders were appointed to the committees, but that is false. Only one “high-profile” supporter was appointed to the Platform, Rules, and Credentials Committees. Larry Cohen, the former union president of the Communications Workers of America, was appointed. He founded the pro-Sanders political action organization, Our Revolution.According to The Hill, “DNC officials said they look for policy experts to help shape the platform or for experienced Democratic hands who know their way around party bylaws to assist in the rules and credentialing process.”But positions were not merely filled with people capable of grasping Robert’s Rules of Order. These so-called “policy experts” have exhibited open hostility toward a leading presidential candidate, who may potentially be the Democratic Party’s nominee. They have also represented business interests, like Blue Cross Blue Shield, at the expense of policies and ideas that will presumably be championed in the Democratic platform in 2020. “Some DNC members complained that they were only alerted to the appointments late on Friday ahead of the executive committee’s Saturday vote,” even derisively referring to the appointments as the “midnight convention committee picks,” according to The Hill.Terry Tucker, a DNC member and Sanders supporter from Colorado told The Hill, “The subject of transparency and notice has been broached in the past with Chairman Perez in open meetings of the full DNC,” and, “Lack of transparency and input from the members continues to be a source of irritation.”But the DNC maintained it was completely normal to give members less than a day to consider nominees before they were ratified.€  At least 26 of the people appointed are superdelegates, who will be able to vote for the presidential nominee if no candidate wins on the first ballot.Seventy-five percent of the appointments were “at-large” appointments, meaning they are not elected officials. Their status in the Democratic Party is not dependent on voters in any particular state or in any state party. “Most of the members will be allotted in proportion to the number of delegates the candidates win over the course of the primaries and caucuses,” The Hill noted. “There will be 187 people on each committee, and the winner’s supporters should make up a majority.”If Sanders is the nominee, his supporters may make up the majority, but they would potentially have to deal with chairs and vice-chairs that are opposed to their agenda.

      • Pro-Sanders Youth Movement Is Changing the Political Landscape in New Hampshire

        Fifty-two years after young people changed history with the New Hampshire primary election, a new generation is ready to do it again — this time by mobilizing behind Bernie Sanders.

      • It’s Media—Not Bernie Sanders—That Have an Antisemitism Problem

        Have you heard the news? Democratic presidential frontrunner Bernie Sanders is antisemitic. Yes, yes, he’s Jewish, and has a long history of anti-racist activism—but that doesn’t matter.

      • Impeachment Trial: The Big Picture

        10. What can the rest of us do? Vote Trump out of office this November, and convince everyone you know to do so as well. It may seem daunting, but remember: We already beat the liar-in-chief by 2.8 million votes in 2016. And the 2018 elections had the highest turnout of any midterm election since 1914 – handing House Republicans their most resounding defeat in decades. People are outraged, mobilized, and ready to keep fighting. If we come together, we will prevail.

      • Why does Trump love to hang with bottom-feeders, crooked lawyers and porn stars?

        Donald Trump has been a real estate developer, a TV show host, a casino owner, a politician and more. But through it all, there has been one constant: Trump has surrounded himself with sleazy characters. Oddly enough, those are exactly the people who helped propel him to becoming the 45th president of the United States.

        That's the thesis of the new book by Pulitzer Prize-winning reporters Michael Rothfeld and Joe Palazzolo, titled aptly enough, "The Fixers: The Bottom-Feeders, Crooked Lawyers, Gossipmongers, and Porn Stars Who Created the 45th President." I spoke with Rothfeld during an episode of "Salon Talks" about the book, a veritable encyclopedia of the unsavory characters that have made Trump who he is, alongside some new reporting.

      • [Attackers] hijacked nearly half of the NFL’s Twitter accounts, as well as ESPN and UFC

        The social media accounts of almost half of the teams in the National Football League, as well as the official NFL account, were [cracked], the NFL said in a statement today. Some ESPN social media accounts were also “briefly compromised,” ESPN said today in a statement to The Verge.

      • Supreme Court Rules in Favor of Trump’s ‘Wealth Test’ for Immigrants

        The Supreme Court voted in favor of letting the Trump administration move forward on more of its harsh immigration policies.

        In a 5-4 vote, the conservative majority won out on Monday, allowing enforcement of a rule called a “wealth test” by immigrant rights advocates and “public charge” policy by the government. Enforcing the rule would make it more difficult for immigrants who are deemed likely to need public assistance, like food stamps and Medicaid, to secure a green card.

      • Conservative Justices Sanction Stephen Miller's Anti-Immigration Agenda

        Not even an impeachment trial can slow down the White House’s anti-immigrant agenda.

      • Donald Trump Attacked CNN Anchor Don Lemon After Being Laughed at on Air

        In a video of the segment on YouTube, titled “Don Lemon loses it over GOP strategist roasting Mike Pompeo,” Wilson impugned Trump and members of his administration for their “war on the media.” Asked by Lemon about a line from Pompeo’s statement about the NPR incident, Wilson pivoted to a discussion of Trump’s intelligence.

      • McConnell Concedes Lacking Votes to Stop Dems from Calling Witnesses, Republicans Say

        Fifty-one of the 100 senators hearing the impeachment case would have to vote in favor of witnesses — meaning just four Republicans would have to side with the 47 Democrats and independents.

        Several moderate Republicans, including Mitt Romney, Susan Collins and Lisa Murkowski, have said they may be interested in hearing Bolton and others testify.

    • Freedom of Information / Freedom of the Press

      • Split Hearings: the Assange Extradition Case Drags On

        It is being increasingly larded with heavy twists and turns, a form of state oppression in slow motion, but the Julian Assange extradition case now looks like it may well move into the middle of the year, dragged out, ironically enough, by the prosecution.€  Curiously, this is a point that both the prosecutors, fronted by the US imperium, and the WikiLeaks defence team, seem to have found some inadvertent agreement with. This is the biggest case of its kind, and will determine, for an era, how journalism and the publication of nationally classified information is treated.€  Neither wish to misstep in this regard.

      • 'You Did a Good Job on Her': White House Audience Laughs as Trump Praises Pompeo for Bullying NPR Reporter

        "That was very impressive, Mike," the president said to applause during a press conference in the White House.

      • Stopping the Press: New York Times Journalist Targeted by Saudi-linked Pegasus Spyware Operator

        Ben Hubbard is the Beirut Bureau Chief of the New York Times. Prior to his promotion to that role, Hubbard reported on Saudi Arabia, including on Crown Prince Mohamed Bin Salman (MbS). In an announcement of his promotion, the New York Times noted that Hubbard had “turned out deeply revealing reports from a closed society that is changing rapidly under a headstrong crown prince,” and had “…peeled back the curtain from the prince’s relentless consolidation of power.”

    • Civil Rights/Policing

      • Make America Radical Again: A Conversation with Harvey J. Kaye

        Harvey J. Kaye is the Ben & Joyce Rosenberg Professor of Democracy and Justice Studies at the University of Wisconsin-Green Bay, the Founding Director of the University’s Center for History and Social Change, and the author of numerous books, including The British Marxist Historians, The Education of Desire (winner of the Isaac Deutscher Memorial Prize) Why Do Ruling Classes Fear History?, Thomas Paine and the Promise of America, The Fight for the Four Freedoms (The Nation’s 2014 progressive book of the year), and most recently, Take Hold of Our History: Make America Radical Again (Zero Books). This spring he will also publish FDR on Democracy (Skyhorse Books).

      • Catholic Leaders Promised Transparency About Child Abuse. They Haven’t Delivered.

        It took 40 years and three bouts of cancer for Larry Giacalone to report his claim of childhood sexual abuse at the hands of a Boston priest named Richard Donahue.

        Giacalone sued Donahue in 2017, alleging the priest molested him in 1976, when Giacalone was 12 and Donahue was serving at Sacred Heart Parish. The lawsuit never went to trial, but a compensation program set up by the archdiocese concluded that Giacalone “suffered physical injuries and emotional injuries as a result of physical abuse” and directed the archdiocese to pay him $73,000.

      • We Assembled the Only Nationwide Database of Priests Deemed Credibly Accused of Abuse. Here’s How.

        ProPublica published an interactive database on Tuesday that lets users search for clergy who have been listed as credibly accused of sexual abuse in reports released by Catholic dioceses and religious orders.

        It is, as of publication, the only nationwide database of official disclosures. The U.S. Conference of Catholic Bishops, the religious leaders’ national membership organization, does not publicly release any centralized, countrywide collection of clergy members who have been credibly accused of sexual assault.

      • Making Rebellion Attractive: Why the Establishment Still Hates John Reed

        ‘If Mark Twain or John Reed were alive today and looking for work, would they find it at your newspaper or channel? Could Twain have a column? Would you carry Reed’s despatches?’

      • Nicki Minaj's Brother Sentenced to 25 Years For Child Rape

        Rapper Nicki Minaj’s brother is facing life in prison after a judge sentenced him for child sexual assault.

      • Brutal Same As It Ever Was: Israel's War On Justice
      • Algeria: Post Election Repression

        On July 5 2019, thousands of people protested for a twentieth consecutive week in Algeria's capital, defying a major police presence just days before the mandate of interim president Bensalah expires.€ 

      • Poland: Veto Law Punishing Judges for Criticism

        Polish judges, joined by judges from other European countries, wear their robes during a January 11 protest against proposed reforms that would undermine judicial independence.€ 

      • Court Tosses Evidence From Pretextual Stop When Dashcam Shows Cop Had Zero Reason To Perform A Stop

        The #BacktheBlue types like to say stuff like "If you don't want to get arrested, don't break the law." But breaking the law is never a prerequisite for a traffic stop, search, and/or arrest. The nation's top court has already said cops don't actually have to enforce real laws. They can predicate stops on what they perceive the law to be, whether or not any actual law was broken.

    • Internet Policy/Net Neutrality

      • Oh Look, More Giant ISPs Taking Taxpayer Money For Unfinished Networks

        For more than a decade we've highlighted how the U.S. simply adores throwing taxpayer money at giant telecom companies in exchange for networks they then only half deploy. Whether it's on the city, state, or federal level, we've thrown untold billions at mono/duopolies which in turn dodge their obligations under these agreements with little to no real penalty. While sometimes this money winds up being used as intended, just as often this money winds up being pocketed by executives and shareholders with little discernible impact on America's broken and uncompetitive broadband markets.

    • Digital Restrictions (DRM)

      • Spring the mouse trap: don't fall for Disney+

        It's common to feel a little uneasy when it comes to Disney. Most people know that the mouse didn't get to where he is now by himself, and that behind him there are more shadowy people wearing suits than their cheerful advertising admits. Likewise, the intricate control and extensive surveillance they have over their parks can be seen as a playground for dystopia.

        Over the last few decades, the company has grown tremendously, with billion dollar franchises such as Star Wars and the Marvel universe making up only a fraction of the Disney empire, in addition to the complete film catalog of 20th Century Fox. Disney's leadership in the movie world has given them immense power that they have a rich history of abusing, as we've seen with the "Mickey Mouse Protection Act," and the notorious Digital Millennium Copyright Act (DMCA).

        Like the witch with her cauldron, Disney executives were concocting something evil when they were brewing up Disney+. It needed just the right amount of poison to be palatable: not enough to where it would turn everyone away, but not so little that users would be able to actually take a screenshot of the film that they are watching. Maleficent is more than just a character in a Disney film; it's an apt descriptor for the behavior of Disney itself when it comes to their attack on culture through Digital Restrictions Management (DRM).

        Along with the steady wave of advertising, Disney+ drew early comments from concerned free software developers like Hans de Goede, who was among the first to point out that Disney+ would be using the highest restriction level of Widevine DRM. Widevine is a scheme that's familiar to anti-DRM activists, and is one commonly embedded in Encrypted Media Extensions (EME), the World Wide Web's Consortium's initiative to create a Hollyweb out of the Internet. For a short time, this made the Disney+ "service" incompatible with all GNU/Linux systems, Chromebooks, and many older Android devices. Though public comment led them to loosen the shackles a little, that doesn't mean that your favorite films are any less imprisoned.

    • Monopolies

      • Patents

        • A Secret Reason Rx Drugs Cost So Much: A Global Web of Patent Laws Protects Big Pharma

          Ordinary people around the world will increasingly find themselves in the same boat when it comes to accessing the medicines they need.

        • Apple, Broadcom Hit With $1.1B Verdict In Caltech Patent Suit



          A California federal jury found Wednesday that Apple and Broadcom infringed three California Institute of Technology data transmission patents with Wi-Fi chips used in hundreds of millions of iPhones and other devices, awarding the university over $1.1 billion in damages.

          A jury on Wednesday took under five hours to decide that Apple and Broadcom had infringed three Caltech patents, and ordered the tech companies to pay more than $1 billion in total damages. (AP) Following a two-week trial, the nine-person jury took under five hours of deliberating to find that Apple Inc. and Broadcom Inc. have been infringing five claims [...]

        • Software Patents

          • Strategy Lessons From Wells Fargo Fintech Patent Litigation



            United Services Automobile Association is a financial services company that provides insurance, banking, investment, and retirement products and services for members of the military and their families. On June 7, 2018, USAA filed a surprising patent infringement complaint against Wells Fargo & Co. in the U.S. District Court for the Eastern District of Texas.[1]

            In a suit that rapidly caught the banking industry’s attention, USAA alleged that Wells Fargo infringed four of USAA’s patents by offering its banking customers the option to conveniently deposit paper checks from their smartphones in real time by taking photographs of paper checks and submitting them through...

      • Copyrights

        • YouTube Rippers Battle RIAA in Takedown Whack-a-Mole

          The RIAA is continuing to use DMCA anti-circumvention notices to remove YouTube ripper websites from Google's search results. The music group started a few months ago and has only increased its efforts. However, the targeted sites are fighting back by continuously updating their URLs in response, turning it into a game of whack-a-mole.

        • BitTorrent Owner Accused of Profiting From Movie Piracy

          A lawsuit filed against BitTorrent owner Rainberry Inc, TRON Foundation's Justin Sun, and one of his colleagues, is based in employment law. However, the allegations it contains could pique interest in Hollywood, with claims that movies including The Lion King were involved in a "fraudulent scheme" to "make a profit from the illegal piracy of those materials."

        • UK Says It Won't Implement The EU Copyright Directive, Which Wouldn't Have Passed Without Its Support During A Crucial Vote

          As Techdirt has reported, the EU member states are starting to transpose the EU Copyright Directive into their national laws, and the results are as bad as we feared. France wants to implement the Article 17 upload filters without user protections, while Germany plans to place ludicrous restrictions on the use of press materials as part of its implementation of Article 15. What's particularly frustrating about the whole sorry EU Copyright Directive saga is that the law was very close to being thrown out last April. That was when the final vote by the EU Council (made up of representatives of the EU member states) took place. As Mike wrote at the time, because Sweden changed its original position, and voted against the Directive, it would only have required either Germany or the UK to do the same, and the legislation would have been dropped.

        • Impala Criticizes the UK’s Unwillingness to Enforce EU Copyright Directive

          Impala, a leading advocate of independent record labels in Europe, is speaking out against the United Kingdom’s decision to not enforce the European Union’s controversial Copyright Directive.



Recent Techrights' Posts

Topics We Lacked Time to Cover
Due to a Microsoft event (an annual malware fest for lobbying and marketing purposes) there was also a lot of Microsoft propaganda
EPO Education: Workers Resort to Legal Actions (Many Cases) Against the Administration
At the moment the casualties of EPO corruption include the EPO's own staff
 
Links 22/11/2024: Dynamic Pricing Practice and Monopoly Abuses
Links for the day
Microsofters Try to Defund the Free Software Foundation (by Attacking Its Founder This Week) and They Tell People to Instead Give Money to Microsoft Front Groups
Microsoft people try to outspend their critics and harass them
[Meme] EPO for the Kids' Future (or Lack of It)
Patents can last two decades and grow with (or catch up with) the kids
Gemini Links 22/11/2024: ChromeOS, Search Engines, Regular Expressions
Links for the day
This Month is the 11th Month of This Year With Mass Layoffs at Microsoft (So Far It's Happening Every Month This Year, More Announced Hours Ago)
Now they even admit it
Links 22/11/2024: Software Patents Squashed, Russia Starts Using ICBMs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, November 21, 2024
IRC logs for Thursday, November 21, 2024
Gemini Links 21/11/2024: Alphabetising 400 Books and Giving the Internet up
Links for the day
Links 21/11/2024: TikTok Fighting Bans, Bluesky Failing Users
Links for the day
Links 21/11/2024: SpaceX Repeatedly Failing (Taxpayers Fund Failure), Russian Disinformation Spreading
Links for the day
Richard Stallman Earned Two More Honorary Doctorates Last Month
Two more doctorate degrees
KillerStartups.com is an LLM Spam Site That Sometimes Covers 'Linux' (Spams the Term)
It only serves to distract from real articles
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, November 20, 2024
IRC logs for Wednesday, November 20, 2024
Gemini Links 20/11/2024: Game Recommendations, Schizo Language
Links for the day
Growing Older and Signs of the Site's Maturity
The EPO material remains our top priority
Did Microsoft 'Buy' Red Hat Without Paying for It? Does It Tell Canonical What to Do Now?
This is what Linus Torvalds once dubbed a "dick-sucking" competition or contest (alluding to Red Hat's promotion of UEFI 'secure boot')
Links 20/11/2024: Politics, Toolkits, and Gemini Journals
Links for the day
Links 20/11/2024: 'The Open Source Definition' and Further Escalations in Ukraine/Russia Battles
Links for the day
[Meme] Many Old Gemini Capsules Go Offline, But So Do Entire Web Sites
Problems cannot be addressed and resolved if merely talking about these problems isn't allowed
Links 20/11/2024: Standing Desks, Broken Cables, and Journalists Attacked Some More
Links for the day
Links 20/11/2024: Debt Issues and Fentanylware (TikTok) Ban
Links for the day
Jérémy Bobbio (Lunar), Magna Carta and Debian Freedoms: RIP
Reprinted with permission from Daniel Pocock
Jérémy Bobbio (Lunar) & Debian: from Frans Pop to Euthanasia
Reprinted with permission from Daniel Pocock
This Article About "AI-Powered" is Itself LLM-Generated Junk
Trying to meet quotas by making fake 'articles' that are - in effect - based on plagiarism?
Recognizing invalid legal judgments: rogue Debianists sought to deceive one of Europe's most neglected regions, Midlands-North-West
Reprinted with permission from Daniel Pocock
Google-funded group distributed invalid Swiss judgment to deceive Midlands-North-West
Reprinted with permission from Daniel Pocock
Gemini Links 20/11/2024: BeagleBone Black and Suicide Rates in Switzerland
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, November 19, 2024
IRC logs for Tuesday, November 19, 2024