Bonum Certa Men Certa

Links 12/6/2020: Fedora 32 Elections Results, KDE June 2020 Update and Kali Linux in Review



  • GNU/Linux

    • What is GNU/Linux?

       Most consumers can, with a little effort, name two desktop and laptop operating systems: Microsoft's Windows and Apple's macOS. Few have ever considered any of the open-source alternatives found under the umbrella of GNU/Linux, though some may have done so without even knowing it—for instance, Google's Chrome OS uses the Linux kernel. To be honest, aside from the Chrome OS platform, GNU/Linux systems are typically not best for people who rely on big-name software or don't like dabbling with a customizable, hands-on interface. However, if you're looking for a change of pace, don't want to pay for your software, and don't mind rolling up your sleeves, switching to GNU/Linux may not only be worthwhile, but could also make you a convert for life. This guide for nontechnical home users can help you get started. Note that using a GNU/Linux system to run a server is an entirely different use case and one not covered here.

    • 3 points where Linux could have played out differently

        Given different events or individual actions, could Linux and open source more broadly have failed to become the engine for collaboration and innovation that it is today?

      Perhaps you believe that great economic and technological forces make it difficult for individuals or chance events to radically alter how events play out. The integrated circuit, Moore’s Law, the internet, the sharing of software especially in academic settings, and other broad trends trump any single action in this view. Even if an open source operating system called “Linux” did not exist today, something much like it would.

    • Removing "Annoying" Windows 10 Features is a DMCA Violation, Microsoft Says

      Ninjutsu OS, a new software tool that heavily modifies Windows 10 with a huge number of tweaks, mods and extra tools, has been hit with a DMCA complaint by Microsoft. According to the copyright notice, the customizing, tweaking and disabling of Windows 10 features, even when that improves privacy, amounts to a violation of Microsoft's software license.

    • Desktop/Laptop

      • System76 Just Launched A Monster 12-Core AMD Ryzen Linux Laptop
        Linux users have been beating down the doors of Colorado-based System76, clamoring for the Pop OS developer and Thelio manufacturer to finally release a laptop with AMD Ryzen CPUs. Your feedback was apparently heard: today the System76 Serval WS laptop gets unleashed, and it’s packing unrestricted desktop performance with up to 12-core 3rd Gen AMD Ryzen processors.

      • Star Labs Now Offers elementary OS as an OS Choice for Its Linux Laptops

          I talked about Star Labs before and how they are producing really good Linux laptops. And the good news I want to share with you today is that you can finally buy a Linux laptop from Star Labs that comes pre-installed with the elementary OS distribution for an out of the box experience.

        If elementary OS is your favorite Linux distro, now you won’t have to go to all the trouble of installing it on your brand new laptop from Star Labs. The hardware manufacturer now lets you choose elementary OS as the default operating system when configuring and buying a new computer from them.

      • System76 Serval WS crams desktop CPUs and GPUs inside a laptop

        As powerful as laptops have become, they have always been limited by their size and the laws of physics. That’s why hardware, especially processors, are specifically designed to squeeze out as much performance without burning the computer down. From time to time, however, you’ll hear of some manufacturer boasting of performance comparable to desktop PCs. System76, famed for its Linux computers, makes that same boast by literally putting desktop-class processors inside a behemoth of a laptop known as the Serval WS.

        [...]

        With support for up to 64GB of dual-channel DDR4 RAM and up to 8TB total of storage via SATA or PCIe NVMe, the System76 Serval WS is built like a desktop that you can carry or drag around when absolutely necessary. It makes short work of any office or Web tasks and is more suited for heavy-duty processing, graphics and multimedia work, or even gaming.

        At that point, however, it bears noting that the System76 Serval WS comes with the Ubuntu Linux operating system installed by default though it’s also possible to dual boot Windows 10 on it. If those caveats are amenable, the next hurdle you need to overcome is the $1,299 price tag for the base configuration, or $4,877 when you max out all the available options.

      • It seems Coreboot and Open Firmware will come to System76's NVIDIA laptops

        Back in April, System76 released the Lemur Pro laptop and one of the highlights was that it pulled in a lot more open source. It seems those clever engineers aren't stopping there.

        System76 have their own fork of Coreboot, an open source replacement for the usual proprietary BIOS (firmware) found in most devices. They've continued working on it and now a System76 engineer, Jeremy Soller, has mentioned on Twitter that their fork now supports NVIDIA graphics in hybrid mode, and that NVIDIA laptops from System76 with both their System76 Open Firmware and their System76 Open Source Embedded Controller are "inevitable".

    • Server

      • Which cloud strategy is right for you in 2020?

        While most organisations are certain that the cloud has a vital role to play in the future of business, the various strategies, from a public or private cloud first approach to the hybrid or multicloud routes, can be confusing to some.

        At Red Hat, we’re constantly receiving useful industry insights from our customers when speaking to them about their current priorities and issues. Our recent Global Customer Tech Outlook study revealed that many organisations don’t know what cloud strategy to put in place, with 17% stating that this was something they were still working on. A further 12% had not yet developed any plans at all for their cloud.

        So what do organisations unsure of their strategy need to know?

        [...]

        Lock-in only matters when you want to move or do something new but, in today’s business world, who knows when your apps or workloads will have new requirements or need to change? An open approach can shield against this, offering flexibility and a platform to innovate.

        Ultimately, on any journey to develop a hybrid cloud infrastructure, it is vital to remember that every cloud is unique. While it is important to understand the basic principles of building an interconnected and agile cloud environment, it is equally important to understand that private clouds are one of a kind and there are thousands of public cloud providers.

        Businesses today value agility, to adapt and move workloads, create new workloads, to exit or enter new clouds. More than ever before, organisations can’t afford to put all their eggs in one basket. A public-cloud-only-and-first approach is likely to hamper agility. Instead, small steps led by business needs, and the ability to pivot quickly, will be crucial to navigating this complex landscape.

        By James Read, EMEA Principal Solution Architect, Cloud and Service Providers, Red Hat.

      • Sysadmin careers: Is your sysadmin job going away?

        An industry pundit who claims that system administrator jobs are evaporating or shrinking at an alarming rate either has no idea what they're talking about, or they have something to gain by saying it; in my opinion, it's about a 50-50 split between the two. The short response is no, system administrator jobs are not going away in the foreseeable future, and are likely never going away at all. I've heard many of these gloom and doom predictions for the past 20 years; from the Y2K bug to zero administration packages to automated system administrator suites, someone is always trying to label us extinct. Well, it's not happening in my lifetime, and you can take that to the bank.

        [...]

        If I got a dollar every time I heard some know-nothing know-it-all say that cloud computing and automation will eliminate the needs for sysadmins, I'd be able to retire, and you wouldn't have to read my musings. The reality is that many so-called industry experts or insiders are actually neither, and they don't really understand that cloud computing might change what jobs are, but it doesn't eliminate them. Oh sure, they've read about it on Wikipedia and enough tech news stories to use the phrase with impunity, but their understanding of what's underneath is nil.

        To get an idea of automation and jobs, look again at the auto industry. Lots of automation. Lots of auto workers are still employed. By the way, did you know that, since the very early days of automobile manufacture, some sort of automation has been in place? Just look at old photos of the Ford Model T and Model A assembly lines. Still, surprisingly, we have thousands of autoworkers who show up to work every day. If only our brilliant technology pundits had seen that coming.

        [...]

        Today's job market for sysadmins is still going strong and growing. Don't allow the naysayers and the conservative growth numbers to discourage you from continuing on your career course. There will be plenty of sysadmin jobs for the next twenty years, just as there were when the pundits said system administration was dying twenty years ago.

    • Audiocasts/Shows

    • Kernel Space

      • Development statistics for the 5.7 kernel

        The 5.7 kernel was released on May 31. By all appearances this was a normal development cycle, unaffected by the troubles in the wider world. Still, there are things to be learned by looking at where the code came from this time around. Read on for LWN's traditional look at who contributed to 5.7, who supported that work, and the paths by which it got into the mainline.

        Work on 5.7 arrived in the form of 13,901 non-merge changesets contributed by 1,878 developers; that makes it rather busier than the 5.6 cycle was. It's notable that 281 of those developers made their first contribution to the kernel for 5.7, the highest number since 5.0; that is a distinct contrast from 5.6, which saw the lowest number of new contributors since 2013. Perhaps being made to stay at home has inspired more people to put together and send in that first kernel patch.

      • A possible end to the FSGSBASE saga

        The FSGSBASE patch series is up to its thirteenth version as of late May. It enables some "new" instructions for the x86 architecture, opening the way for a number of significant performance improvements. One might think that such a patch series would be a shoo-in, but FSGSBASE has had a troubled history; meanwhile, the delays in getting it merged may have led to a number of users installing root holes on their Linux systems in the hope of improving security. "Segments" are a holdover from ancient versions of the x86 architecture; they once were distinct regions of memory used to get around the addressing limitations of that era. Virtual memory has done away with the need for segments, but the concept persists; x86_64 processors only implement two of the original segments (called "FS" and "GS"). In these processors, a "segment" is really just an offset into virtual memory with little other meaning; their remaining value comes from the segment-based addressing mode supported by the CPU.

        Historic or not, these segment registers are still used. A common use for FS in user space is thread-local storage; each thread has a unique value of the FS base register pointing to its own storage area. Code running in threads can then use segment-based addressing to access local storage without having to worry about where that storage is. The kernel, instead, uses GS in a similar way for per-CPU data. There are some relics of the kernel's one-time use of FS to indicate the address range accessible to user space, but the kernel's get_fs() and set_fs() functions no longer use that segment.

        Modifying the segment registers has always been a privileged operation. There is value, though, in letting user space make use of the FS and GS base registers, so the kernel provides that functionality via the arch_prctl() system call. Since the base registers are actually set by the kernel, privileged code can count on knowing what their contents will be (and that said contents make sense).

      • Capacity awareness for the deadline scheduler

        The Linux deadline scheduler supports realtime systems where applications need to be sure of getting their work done within a specific period of time. It allocates CPU time to deadline tasks in such a way as to ensure that each task's specific timing constraints are met. However, the current implementation does not work well on asymmetric CPU configurations like Arm's big.LITTLE. Dietmar Eggemann recently posted a patch set to address this problem by adding the notion of CPU capacity to the deadline scheduler.

        In realtime systems, tasks need to meet certain timing requirements. The Linux kernel includes two realtime scheduling classes to meet the needs of these systems: POSIX realtime (often called just "realtime") and deadline.

        The POSIX realtime scheduler uses task priorities as the basis of its decisions; the task with the highest priority will be run first. The deadline scheduler, instead, dispenses with priorities and describes tasks using three parameters: the run time, period, and deadline. The run time is the CPU time that the task requires to finish its immediate work, the period defines the time between two activations of the task, and the deadline is the time by which the task must be able to use its CPU time. Interested readers can find more explanation of the theory behind the Linux realtime schedulers and the differences between them in an earlier article.

      • Cgroup v2 Checkpoint

        With the release of UEK5 in 2018, Oracle embarked on the long journey to fully transition to cgroup v2. UEK6 is the latest major milestone on the path to this significant upgrade.

        In UEK5, we added the cpu, cpuset, io, memory, pids, and rdma cgroup v2 controllers. While no new controllers were added for UEK6, emphasis was placed on reliability, usability, and security. Furthermore, we continue to focus on defining and implementing a holistic solution that once adopted by applications will allow them to seamlessly operate on a cgroup-v1 system or a cgroup-v2 system.

        [...]

        Cgroup v1 was a jack-of-all-trades and master-of-none solution. It provided the user with tremendous flexibility and a myriad of configuration options. This came at the cost of complexity, performance, and (at least within the kernel code itself) maintainability. In practice most users only utilized cgroup v1 in a couple different fashions, yet the kernel still needed to support the possibility of the many, many other quirky and now nonstandard v1 configurations. With cgroup v2, these nonstandard and unintuitive usages were removed, and a much more streamlined hierarchy was established.

      • Graphics Stack

        • Free user space for non-graphics drivers

          In the kernel graphics world, there has been a longstanding "line in the sand" that disallows merging kernel drivers without a corresponding free-software user-space driver. The idea is that not having a way to test the full functionality means that the kernel developers cannot verify the proper functioning and security of the driver; changes to the kernel driver may lead to unforeseen (and untestable) problems on the user-space side. More recently, though, we have seen other types of devices with complex drivers, but no useful free user-space piece, that have been proposed for inclusion into the kernel; at least one was merged, but the tide has perhaps turned against those types of drivers at this point—or some of them, anyway.

          In mid-May, Jeffrey Hugo posted an RFC patch for the "Qualcomm Cloud AI 100" device, which is a PCIe card with an application-specific integrated circuit (ASIC) that targets "deep learning" workloads. The device is also referred to as a QAIC device; it presents a modem host interface (MHI) control path and a DMA engine for the data path. These are exposed in the driver as a Linux character device with ioctl() commands to access the data path.

        • AMD Publishes Video To Explain The Radeon Open Compute Stack (ROCm)

          AMD has shared with us that they have published a video to explain in basic terms for the audience at large "What is ROCm?", a.k.a. the Radeon Open Compute stack.

          The video is arguably long overdue with ROCm being several years old, but it has been evolving a lot lately with new features and capabilities for better taking on the likes of NVIDIA CUDA and Intel oneAPI. With AMD increasing securing super-computing wins, they have also been ramping up their efforts on this standards-based GPU compute stack.

        • Intel Developer Posts Latest Patch For Variable Refresh Rate Within X.Org Modesetting

          With Intel supporting Adaptive-Sync/VRR with Gen11+ graphics and these days with effectively only supporting xf86-video-modesetting for X.Org-driven Linux desktops rather than their basically dead xf86-video-intel driver, the Intel open-source Linux developers continue working on plumbing variable refresh rate support into this generic modesetting DDX.

          Last month was more work on porting Adaptive-Sync/VRR to xf86-video-modesetting while this week the latest patch was sent out by Intel's Uday Kiran Pichika.

    • Benchmarks

      • AMD Ryzen 3 3300X vs. Intel Core i3 10100 In 350+ Benchmarks

          Following our Intel Core i5 10600K and Core i9 10900K Linux benchmarks, here is a look at the lowest-end Core "Comet Lake" processor in the form of the Core i3 10100. Thanks to the increased pressure from AMD Ryzen, Intel now has a 4 core / 8 thread Core i3 processor at less than $150 USD. Here is a head-to-head matchup of the AMD Ryzen 3 3300X and Intel Core i3 10100 processors in more than 350 benchmarks while also looking at the power and thermal efficiency in this largest comparison to date for these low-end desktop CPUs.

        The Ryzen 3 3300X launched back in May to great success for budget desktop users. The Ryzen 3 3300X as a reminder is 4 cores / 8 threads, 3.8GHz base clock. 4.3GHz boost clock. 16MB L3 cache, and a 65 Watt TDP while retailing in the $120~130 USD range.

    • Applications

      • All the Possible Ways to Reduce Laptop Overheating in Linux

        Laptop overheating is a serious issue faced by many users worldwide. It happens primarily to people who use their notebook for a long period. Moreover, modern notebooks tend to be much slimmer than their older counterparts, and thus it’s hard to implement efficient cooling solutions for them. So, either users need to buy a flagship notebook or invest in additional cooling hardware. Thankfully, overheating in Linux can be managed pretty easily if you implement some useful policies. Today, we will discuss some proven methods to bring the thermal issues of laptops in control for Linux users.

      • Linux at Home: Explore the Universe from your Garden

        In this series, we look at a range of home activities where Linux can make the most of our time at home, keeping active and engaged. The change of lifestyle enforced by Covid-19 is an opportunity to expand our horizons, and spend more time on activities we have neglected in the past.

        Even though many European countries have made significant steps in relaxing some of the restrictions of daily life, the advice is to maintain social distancing rules. The big fear is that there will be a coronavirus resurgence. But it’s important that we don’t cocoonourselves, we need to protect ourselves and be supportive to others. There are many fascinating hobbies that can spark our imagination. Astronomy is a great example.

        A widespread belief is that astronomy is an activity which cannot be enjoyed without paraphernalia like telescopes and other expensive equipment. However, astronomy is for everyone, and even with just the naked eye, it can become a fascinating and rewarding hobby for life.

        It’s a learning hobby. Its joys come from intellectual discovery and knowledge of the cryptic night sky. But you have to make these discoveries, and gain this knowledge, by yourself. In other words, you need to become self-taught.

        With the aid of open source software, budding astronomers can learn how to ‘read’ the stars, to know which constellations lie overhead, their trajectory throughout the seasons, and the legends ascribed to them. With the following software you can learn about the night skies of both the northern and southern hemispheres. I recommend Celestia, Stellarium, and AstroImageJ. For the first two programs, I’ve produced a short video showcasing them in action. The software is cross-platform.

      • Top 15 Ubuntu Applications

        We have selected the most popular categories that fit for an average Linux user. For instance, we suggest a flexible application for the picture altering classification; a natural GUI based video editorial manager for all your mixed media altering needs, etc. To put it plainly, we did all the investigation for you. So after you install Ubuntu, these are the applications that you would generally require for your everyday needs. Right away, we should begin the rundown.

    • Instructionals/Technical

    • Games

      • Stadia gets resolution options per-device, discount for everyone and more Android

        Stadia might not be reaching the heights that Google initially promised but they continue to tweak their game streaming service. Some big updates are now available.

        In their latest community update blog post, they did a bit of an information drop. For starters, it seems everyone will get $10 / €£10 off their next purchase and as they already said, new sign ups now only get one month of free Stadia Pro.

        For playing on PC, we finally have built-in performance controls. You no longer have to use an Android device to switch between resolutions as it's right there in Stadia settings now. That's a very welcome change and something that truly should have been there from the beginning. Not only that though, performance / resolution settings are now per-device instead of being applied to everything. All sounding pretty good and sensible.

      • Theme park builder 'Parkitect' now uses the Vulkan API on Linux

        Parkitect, one of the most magnificent games from 2018 had one of it's usual monthly updates but it turns out for Linux it was more than just some bug fixing.

        With the 1.5i update that's live now, Texel Raptor have enabled Vulkan rendering by default with a fallback to OpenGL for those that need it which can be run with "-force-glcore" as a launch argument. Wonderful to see more developers look to use Vulkan, as it can offer better performance.

      • Have some physics fun with Poly Bridge 2, now released for Linux

        After a short delay, Poly Bridge 2 from Dry Cactus has now released for Linux so you can begin building bridges and playing with the fun physics system. Featuring a whole new set of levels, multiple new mechanics, a custom physics engine, workshop campaigns and more.

        Originally launched at the end of May, the delay in the Linux version was due to last-minute technical issues they've now solved. Currently though, the replay feature once you finish a level is missing while they work on a solution for the Linux version. Apart from that, it appears to work fluidly and it's a lot of fun as expected.

      • Defold Foundation awarded a grant to bring support of Web Monetization

        The Defold Foundation recently announced another partnership, as they've secured a grant from Grant for the Web to bring in support for the Web Monetization API.

        Currently, Web Monetization is an API that is attempting to become a standard and it's being proposed to the W3C as such. This way, developers doing any sort of web-based game would have a set API to target making things a whole lot simpler.

        Since the Defold game engine, which now has the source code available, supports building games for the web with HTML5, it makes sense to get support for it integrated.

        "Web Monetization is an exciting new and non-intrusive way for game developers to monetize their creations while at the same time offering premium content to their paying players. The grant we have received from Grant for the Web will allow us to explore this new way of monetizing web games and we are excited to see it adopted by Defold developers," said Defold Product Owner Björn Ritzl.

        Also announced is that they will be running a Web Monetization game jam which will be hosted later this year. It's planned to have cash prizes and some "well known names" from the game industry will be involved. You can see the announcement here.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • KDE Ships June 2020 Apps Update, Kup Backup System Is Now an Official App

            That’s right, KDE Applications 20.04.2 is here, coming hot on the heels of the KDE Plasma 5.19 desktop environment, and it’s packed with a new version of the Kup Backup System utility and several bug fixes and improvements for other included applications.

          The June 2020 Apps update ships with Kup 0.8, a hefty release that introduces a new way to store rsync type backups when selecting only one source folder to minimize the risk of deleting files, improvements across default settings, as well as new advanced option to specify files that are excluded.

        • KDE's June 2020 Apps Update
        • 20.08 releases schedule finalized

          Dependency freeze is in four weeks (July 9) and Feature Freeze a week after that, make sure you start finishing your stuff!

      • GNOME Desktop/GTK

        • 15 Ways to Customize Your Desktop with the GNOME Tweak Tool

            Customizing your desktop is the best way to improve the look of your desktop and improve performance. I always like to customize the appearance of my desktop and perform tweaks to help me boost productivity. To customize your desktop, the GNOME Tweak Tool is the best customization tweak you will ever get. GNOME users must be well familiar with this tool, which is popularly known as Tweaks.

          This article will show you the 15 best ways to customize your desktop using the GNOME Tweak Tool. The customizations listed below are performed on Ubuntu 20.04 LTS Focal Fossa, running the GNOME desktop environment. If you have other distros, do not worry; these customizations will also work on other Linux distributions running the GNOME desktop environment.

        • Best 12 GNOME Themes of 2020

            Desktop appearance matters to me most and I regularly tweak appearance, icon, font themes, and backgrounds. It not only gives fresh look to my Ubuntu desktop but also gives me a feeling of freshness and motivation while working on projects. When Ubuntu is clubbed with GNOME, it opens up the door to the large world of tweaking and customization. There is a large pool of themes available for GNOME users which will give your GNOME desktop fresh new look.

          So, in this article, I’m going to share 12 best GNOME themes to give your GNOME desktop a whole new look.

    • Distributions

      • Kali Linux Top Forensic Tools (2020)

          In the current digital world, every individual, as well as an organization, are bound to external attacks and security breaches by a cyber attacker. To determine how the attack was carried out and how to respond to attack is achieved by using digital forensics. With the Kali Linux launched in 2013, the digital forensic area evolved very much. More than 600 penetration testing tools are packaged in Kali Linux. We are going to present 14 best tools for forensics packaged inside Kali Linux. Kali Linux forensic tools let you perform basic problem solving, data imaging solutions up to full case analysis and management.

        Generally, when performing forensics on a computer system, any activity that can change or modify the data analysis of the system must be avoided. Other modern desktops usually interfere with this goal, but with Kali Linux through the boot menu, you can enable a special forensics mode.

      • Kali Linux Top Forensic Tools (2020) (Part 2)
      • Top Sniffing and Spoofing Tools Kali Linux 2020.1

        Sniffing and spoofing means to wiretap the network, checking on all the traffic coming and going in that network. Kali Linux has the 10 best tools available for sniffing and spoofing. Most of these tools come pre-installed in Kali Linux. However, some of the tools might require you to install them manually. Some of these tools are network sniffers, others are for spoofing, and a few can handles both of these functions.

      • BSD

        • FreeBSD switches Code of Conduct

          There’s a reporting mechanism, at least (later on in the document).

          The previous version of the FreeBSD CoC was based on the Geek Feminism CoC which put enforcement much of in-your-face. I liked that. Something else I miss in the new CoC is some explicit attention for trans- and non-binary rights: Geek Feminism puts that front-and-center as well. I must admit that when that CoC first showed up in my FreeBSD world I had to ask “what’s a deadname!?” And that was an education, and now I know.

          So while I’m happy that the FreeBSD community (which I’m part of) continues to take Codes of Conduct seriously, I’m a bit apprehensive about the new wriggle-room. Time will tell, and we’ll have a new democratic round for the CoC in due course.

        • ZFS: adding a drive back into the zpool

          Today I was updating some servers. One of them was rebooted three times. On the third time, one of the drives went missing. This is how I tracked down which drive, and which slot in the server, and fixed it. I’m writing it mostly so I can remember how to flash the light on the drive. There is also an off-by-one issue to avoid.

      • IBM/Red Hat/Fedora

        • Fedora 32 elections results

          One Council seat was open this election. A total of 267 ballots were cast, meaning a candidate could accumulate up to 1068 votes (267 * 4).

          # votes Candidate 654 Aleksandra Fedorova 591 Till Maas 314 James Cassell 303 Alberto Rodriguez Sanchez FESCo

          Four FESCo seats were open this election. A total of 273 ballots were cast, meaning a candidate could accumulate up to 2730 votes (273 * 10).

          # votes Candidate 1507 Neal Gompa 1450 Stephen Gallagher 1372 Igor Raits 1148 Clément Verna 1124 Justin Forbes 997 Chris Murphy 937 Petr Å abata 904 Frantisek Zatloukal 755 James Cassell 730 Michal Novotný Mindshare

          One Mindshare seat was open this election. A total of 220 ballots were cast, meaning a candidate could accumulate up to 880 votes (220 * 4).

          # votes Candidate 586 Maria Leandro 420 Sumantro Mukherjee 288 Alessio Ciregia 188 Daniel Lara

        • Council policy proposal: withdrawing support from events

          The Fedora Council is considering a change in policy that better defines how the Council will handle withdrawing from sponsored events. The policy as proposed by Ben Cotton, with edits from the Mindshare Committee is:

          The Fedora Council may choose to withdraw Fedora’s support from events or other activities that involve fiscal sponsorship or use of Fedora trademarks when it determines that participation is not in the interests of the Fedora Project. Decisions to withdraw support will be published in venues normally used for Council decisions. Deliberation and reasoning for the decision should be public to the extent possible. The Council will engage with the committee/group/team that is involved with the event in question to ensure their input is considered.

          This policy proposal was written in response to a request from Justin Flory, who noted some lingering resentment over a previous Council decision.

      • Debian Family

        • Markus Koschany: My Free Software Activities in May 2020

          Welcome to gambaru.de. Here is my monthly report (+ the first week in June) that covers what I have been doing for Debian. If you’re interested in Java, Games and LTS topics, this might be interesting for you.

          [...]

          I was contacted by Martin Gerhardy, upstream maintainer of caveexpress and former lead-developer of ufoai. He is currently working on a new free software voxel game engine and its tools. He asked me to take a look at the Debian packaging but I couldn’t promise to package it yet, although this is certainly something that interests me. I will provide some feedback for the prelimary Debian packaging though, which he has prepared already. In the meantime he released a new version of caveexpress and I hope that we can find a solution for an ufoai RC-bug quite soon, but at least before Debian freezes.

          [...]

          New upstream versions this month: undertow, jboss-xnio and libapache-mod-jk. The latter package contained a wrongly named file that prevented the apache tools a2enmod and a2dismod from symlinking that file. I corrected the error by preparing a stable point-update as well.

      • Canonical/Ubuntu Family

        • Linux Mint 20 beta arrives without Chromium browser
          Earlier this week, we said that the Linux Mint project was preparing the disc images of Linux Mint 20 beta. Now, sure enough, they have been pushed to several mirrors and are available for download. It was also reported earlier this month that Linux Mint 20 would block background snapd installs; now that the beta has been released, we were able to have a look at the ramifications of that change.

          Linux Mint 20 brings with it several enhancements but nothing very radical, which is to be expected from the distribution that prides itself on consistency. Several new changes in this update include...

        • Linux Mint 20 Beta is Now Available to Download
          Freshly prepared ISOs have been spun up for testing and feedback and are in the process of syncing out to mirrors.

          The Linux Mint 20 beta build precedes the final stable release, which is due for release in a couple of weeks time.

        • Linux Mint 20 Beta Is Now Available for Download
          It’s not officially announced yet, but the Linux Mint 20 Beta ISO images have just been uploaded to the main server for early adopters and adventurous users who want to give them a try and report bugs or other issues to the Linux Mint developers.

          The final release of the Linux Mint 20 “Ulyana” operating system has been teased by the Linux Mint team for late June 2020. It’s not yet clear when it will be generally available, but at least you can now get an early taste of its new features and improvements.

        • Linux Mint 20 Beta XFCE Run Through

          In this video, we are looking at Linux Mint 20 Beta XFCE.

        • Linux Mint 20 Beta MATE Run Through

          In this video, we are looking at Linux Mint 20 Beta MATE.

        • Linux Mint 20 Beta Cinnamon Run Through

          In this video, we are looking at Linux Mint 20 Beta Cinnamon.

        • You Can Now Download Beta Version Of Linux Mint 20 “Ulyana”

          A few hours ago, we reported that Clem Lefebvre, head of the Linux Mint project, approved the Linux Mint 20 for the beta release. Following the same, the testing ISO image of Mint 20 has now been made available to the public.

          You can download the Cinnamon, MATE, and Xfce editions of Mint 20 beta from the mirror archives. Though the Mint team has not officially announced or published any news of the beta release, you can expect it very soon on the Linux Mint blog.

          [...]

          As the beta sometimes contains bugs, some of you may want to switch to the latest Mint version only when the stable release comes out. So, if you’re looking for a stable version of Mint 20, I would say you still have to wait until the end of June.

          As per the previous releases, the stable version of Linux Mint usually takes around 20 days to release after the beta announcement. So, Mint 20 will most probably be released in the coming weeks. Moreover, Clem also mentioned in May blog that Mint 20 will be released by the end of June.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Faster than ever, Apache Cassandra 4.0 beta is on its way

         If you want a fast database management system (DBMS), which can handle petabytes of data for web and mobile applications, chances are you're using the NoSQL Apache Cassandra database. After all, such companies as Hulu, Netflix, and Reddit, already do. Oh, it has competitors, such as MongoDB, DynamoDB, and Cosmos DB, but Cassandra's arguably the most popular DBMS of its breed.

        And, with its new beta release coming out shortly, it may become more popular than ever. With the addition of Zero Copy streaming, Cassandra promises to have five-times faster data streaming between clusters. So, what does that mean in terms of real-world speed? The developers claim that will mean five-times faster Mean Time to Recovery when there are problems. This, in turn, means it will reduce your Total Cost of Ownership (TCO) because you'll need less cloud, server, and network resources.

      • 3 reasons to contribute to open source now

         Open source software has taken over the world. From the early days of Linux and MySQL, open source is driving innovation like never before, with more than 180,000 public repositories on GitHub alone.

        For those of you who have not yet ventured into the open source world, here are the three reasons to start today.

        If you're young, early in your career, or are even just learning a new programming language, open source is the best way to get started.

        By contributing to an open source project, you receive immediate feedback on your development and programming skills. You may get suggestions about the choice of a function name, the way you used conditional logic, or how using a goroutine you didn't know about speeds up the execution of your program. This is all invaluable feedback to receive when you're learning something new.

      • replacing an existing zroot with a proper zroot

        I want to copy a zroot from old drives to new drives. The new drives are in a test box of mine. Once the new drives are configured, I will replace the existing mirror with them.

      • prose - Blogging with emails

        The software developer prx, his website is available at https://ybad.name/ (en/fr), released a new software called prose to publish a blog by sending emails.

        I really like this idea, while this doesn’t suit my needs at all, I wanted to write about it.

      • What's up with K-9 Mail?

        The release of the latest stable version of K-9 Mail (5.600) was in September 2018, nearly two years ago. So, of course, many of you have been wondering if K-9 Mail is dead. I’m happy to inform you that this is not the case. Work on K-9 Mail was slow at times, but it has never really stopped.

        [...]

        Some features that were available in 5.600 are still missing because we haven’t had the time to restore them. Some have been deliberately removed because we didn’t consider them important enough to justify the maintenance burden. We would like to release a new stable version as soon as possible. There’s only one feature that we had to remove, but without which we don’t want to ship a new stable version of the app: Push (IMAP IDLE). After it has been added again, we’ll spend some time focusing on fixing bugs reported by beta testers, and then we’ll release the next stable version of K-9 Mail, 5.800.

      • Web Browsers

        • Mozilla

          • Introducing the MDN Web Docs Front-end developer learning pathway

            The MDN Web Docs Learning Area (LA) was first launched in 2015, with the aim of providing a useful counterpart to the regular MDN reference and guide material. MDN had traditionally been aimed at web professionals, but we were getting regular feedback that a lot of our audience found MDN too difficult to understand, and that it lacked coverage of basic topics.

            Fast forward 5 years, and the Learning Area material is well-received. It boasts around 3.5–4 million page views per month; a little under 10% of MDN Web Docs’ monthly web traffic.

            At this point, the Learning Area does its job pretty well. A lot of people use it to study client-side web technologies, and its loosely-structured, unopinionated, modular nature makes it easy to pick and choose subjects at your own pace. Teachers like it because it is easy to include in their own courses.

          • Recommended extensions — recent additions

            When the Recommended Extensions program debuted last year, it listed about 60 extensions. Today the program has grown to just over a hundred as we continue to evaluate new nominations and carefully grow the list. The curated collection grows slowly because one of the program’s goals is to cultivate a fairly fixed list of content so users can feel confident the Recommended extensions they install will be monitored for safety and security for the foreseeable future.

            Here are some of the more exciting recent additions to the program…

            DuckDuckGo Privacy Essentials provides a slew of great privacy features, like advanced ad tracker and search protection, encryption enforcement, and more.

          • Cameron Kaiser: TenFourFox FPR23 for Intel available

            Ken Cunningham figured out the build issues he was having with the Intel version and has updated TenFourFox for Intel systems to FPR23, now up to date with the Power Mac version. As always, there is no support for any Intel build of TenFourFox; do not report issues to Tenderapp. You can get it from SourceForge.

            Ken's patches have also been incorporated into the tree along with a workaround submitted by Raphaël Guay to deal with Twitch overflowing our JIT stack. This is probably due to something we don't support causing infinite function call recursion since with the JIT disabled it correctly just runs out of stack and stops. There is no way to increase stack further since we are strictly 32-bit builds and the stack already consumes 1GB of our 2.2-ish GB available, so we need to a) figure out why the stack overflow happens without being detected and b) temporarily disable that script until we do. It's part B that is implemented as a second blacklist which is on unless disabled, since other sites may do this, until we find a better solution to part A. This will be in FPR24 along with probably some work on MP3 compliance issues since TenFourFox gets used as a simple little Internet radio a lot more than I realized, and a few other odds and ends.

      • SaaS/Back End/Databases

        • Yugabyte boosts distributed SQL database with new funding

          Bill Cook: We were doing this fund raising in parallel with the company recruiting me to join. But, you know, the impetus is obviously that there is a big market opportunity in front of us.

          As to why $30 million, it was really around what was going to be required to continue the investment on the engineering product side to grow the organization aggressively. And we're also ramping on the enterprise go-to-market side.

          If you think about things like the pandemic and the changes that are going on more globally, it really just starts to accelerate how people think about technology. When you're an open source database company like we are, with the services that we deliver, I think it is an accelerant.

        • MongoDB grows with Atlas Data Lake and mobile services

          MongoDB Inc. on Tuesday launched its Atlas Data Lake service, along with the latest update of its namesake database and the release of new mobile database services.

          With Atlas Data Lake, now in general availability after being in beta release for a year, the New York City-based vendor has expanded its Atlas Cloud platform.

          Meanwhile, the MongoDB 4.4 release provides enhanced features to the open source database intended to improve performance and scalability. Beyond the core database, the new MongoDB Realm mobile database builds on technology that the vendor acquired with the acquisition of open source mobile database vendor Realm in April 2019.

      • CMS

        • AsBlocks Project Uses Gutenberg to Create a Collaborative Writing Environment

          The Gutenberg team is currently immersed in bringing full-site editing capabilities to the block editor as part of Phase 2 in the project’s longterm roadmap. Meanwhile, Gutenberg engineer Riad Benguella has been experimenting with ideas for the collaboration features coming in Phase 3, which aims to deliver a more intuitive way to co-author content. Today, Benguella unveiled a collaborative writing prototype called AsBlocks that is built using the Gutenberg editor. It is an example of the editor working outside of WordPress. AsBlocks provides an end-to-end encrypted writing environment that can be shared to other users with a link, while the server itself cannot decrypt the content. In the video demo below you can see a user adds some content, clicks the share button, and is presented with an option to share a link for a live collaboration session (Write) or a link for read-only access (Read). The session is private and only users with the link can access the post.

      • FSF

        • GNU Projects

          • Digital signatures with GnuPG

            In a previous article, I introduced GnuPG by verifying a signed file and encrypting a file for a recipient by using a public key. I have also shared how to create a key pair and export a public key so that we could receive encrypted messages. In this article, I will demonstrate how to sign files before sharing via email or publishing on a web site.

            [...]

            The detached signature option is available to provide everyone with the option of viewing the message without having the public key. This creates a separate signature file that is used to verify the original message if desired. In its simplest form, this file contains a hash of the original message and is encrypted with the private key. Anyone with the public key can open the signature and then compare hashes to verify the integrity of the signed file.

          • GIMP 2.10.20 Released with Advanced Crop and More Filters

            The latest release of GIMP is here with new features and more bug fixes. And it is immediately available for download for Linux, Windows, and Mac.

      • Programming/Development

        • Enrico Zini: Custom build of Qt5

          This is part of a series of posts on compiling a custom version of Qt5 in order to develop for both amd64 and a Raspberry Pi.

          A customer needs a procedure for a custom build of Qt5 5.15, the last LTS release of Qt 5.

          They develop for industrial systems that are managed by an amd64 industrial computer. This computer is accessed either through an attached panel touch screen, or through touch screens driven by Raspberry Pi clients connected via an internal ethernet network.

          The control interfaces use mostly a full screen Qt5 application. The customer relies heavily on Qt5, has a full Enterprise license, and needs to stay on top of the most recent releases, to make use of new features or bug fixes that have made it upstream since the last Debian stable was released.

        • Enrico Zini: Qt5 custom build for amd64

          This is part of a series of posts on compiling a custom version of Qt5 in order to develop for both amd64 and a Raspberry Pi.

          First step, build Qt5 5.15 packages for amd64.

          To prevent conflicting with Debian Qt packages, we'll install everything in /opt.

          We can install qtchooser configuration files to allow developers to easily switch between Debian's standard Qt version or the custom version, at will.

        • Merkle trees and build systems

          OSTree is like Git, but for storing entire filesystem images such as a complete Linux system. OSTree stores more metadata about its files than Git does: ownership, complete permissions (Git only remembers whether or not a file is executable), and extended attributes ("xattrs"). Like Git, it doesn't store timestamps. OSTree is used by Flatpak, rpm-ostree from Project Atomic/CoreOS, and GNOME Continuous, which is where OSTree was born.

          My company has been using OSTree to build and roll-out software updates to Linux-based devices for the last four years. OSTree provides deployment tools for distributing images to different machines, deploying or rolling back an image atomically, managing changes to /etc, and so on, but in this article I'll focus on using OSTree for its data model.

          Like Git, OSTree stores files in a "Content Addressable Store", which means that you can retrieve the contents of a file if you know the checksum of those contents. OSTree uses SHA-256, but I will use "SHA" and "checksum" interchangeably. This store or "repository" is a directory in the filesystem (for example "ostree/") where each file tracked by OSTree (a "blob" in Git terminology) is stored under ostree/objects/ as a file whose filename is the SHA of its contents. This is something of a simplification because file ownership, permissions, and xattrs are also reflected in the checksum.

          A "tree" (directory) is stored as a file that contains a list of files and sub-trees, and their SHAs. The filename of this file, just like for blobs, is the SHA of its contents. This way the entire tree, including its sub-trees and their sub-trees, and the contents of each of the files within, can be uniquely identified by a single SHA. This data structure is called a Merkle tree.

        • The history and evolution of PHP governance

          Looking back to the early 2000s, as was true for many open-source projects at the time, the governance and direction of the project was largely dictated by the simple concept of what has been known in the PHP community as "karma". That is to say, the more contributions you made to the project the more clout you had when it came to deciding which features made it into a release. Especially early on, there was little to no gatekeeping when it came to handing out repository credentials to people who wanted to contribute something interesting. If a developer wanted to add something, the biggest barrier was often only having the technical understanding to do so correctly. A good example of this is SimpleXML, which provides object-oriented mapping of XML documents. The experimental implementation of that feature more or less just appeared in the code base one day without much of any discussion at all. Back in the early 2000s, if you knew how to do it and it seemed reasonable, most of the time your code made it into a release.

          From the beginning, PHP was a language born of an itch to scratch. Solutions, rather than concerns over consistency or academic purity, have always been a main goal of the project. This show-me-the-code approach can certainly be credited for the vibrant community at work on the project still today, but it has also led to plenty of problems in regards to governance.

          Sidestepping the occasional argument over a relatively minor commit in the early days, the first real struggles PHP had was around the time of the release of PHP 4 with the introduction of the Zend Engine. Written by contributors Zeev Suraski and Andi Gutmans, it replaced the implementation of the language found in PHP 3 with a more robust engine and API for PHP 4. By itself, the value of the contribution to the project is undeniable. However valuable, the engine and control over it quickly became a point of conflict with the community as those same two developers founded Zend Technologies in order to sell closed-source technology for PHP based on the open-source engine they introduced to the language.

          The contribution itself rocketed Suraski's and Gutmans's standing in terms of clout when deciding the future direction of the language, but it left many of the other contributors uncomfortable. For starters, especially early on, the number of people who even understood the engine's implementation was limited and documentation was scarce. Perhaps more significantly was that Zend's product line included features that arguably belonged in the language, such as debugging and performance enhancements. These circumstances caused a certain amount of resentment among other community members as they started to get the impression that the two developers were preventing features that competed with their commercial offerings from getting into the open-source code base.

        • Abusing go:linkname to customize TLS 1.3 cipher suites

          When Go 1.12 was released, I was very excited to test out the new opt-in support for TLS 1.3. TLS 1.3 is a major improvement to the main security protocol of the web.

          I was eager to try it out in a tool I had written for work which allowed me to scan what TLS parameters were supported by a server. In TLS, the client presents a set of cipher suites to the server that it supports, and the server chooses the best one to use, where “best” is typically a reasonable trade-off of security and performance.

          In order to enumerate what cipher suites a server supports, a client must make individual connections, each offering a single cipher suite at a time. If the server rejects the handshake, you know the cipher suite is not supported.

        • Programming languages: Java still rules over Python and JavaScript as primary language

          Java, JavaScript and Python are invariably the three most popular programming languages in several indexes, but their exact order varies depending on how the ranking is calculated. Lately most have placed JavaScript and Python ahead of or equal to Java.

          But a new survey from Czech IDE maker JetBrains has found that Java, historically the most popular programming language, is still the top main language used by developers.

          [...]

          JetBrains asked developers to pick up to three languages they consider their primary programming language. In this context, JavaScript comes out on top (39%), followed Java (37%), and Python (31%).

          JetBrains analyst Sichkarenko Anastassiya explained the apparent discrepancy by saying each languages' position – first, second or third – was assigned a weighting to produce an overall popularity ranking.

          The company also told The Register that Java's superior ranking as a primary language comes down to lots of developers using JavaScript as part of a project, but its use falls when considering where developers spend most of their time.

        • GitLab Acquires Security Companies Peach Tech and Fuzzit

          DevOps company GitLab on Thursday announced the acquisition of software security testing firms Peach Tech and Fuzzit in an effort to expand its DevSecOps offering.

        • Functional Code is Honest Code

          This isn’t typical in OO code. Sometimes I joke that if I were to rewrite Working Effectively with Legacy Code I’d call it Working Effectively with Object-Oriented Code. So many of the techniques around gaining testability involve parameterizing classes and methods so that all of the inputs and outputs are explicit and mockable under test. You don’t have an embedded call to, say, the file system in a class. You pass in a reference to that capability as a constructor or method argument. This makes an OO system, broadly functional. That is, to say, it is honest. You can look at the signatures and see what is possible. Maybe some mutation happens a function body. You increment a local variable rather than using a fold. That's ok. If it doesn't leak through the interface (the call), you have referential transparency at the call. The signature tells you the full story.

        • Python

          • A View From Start To Finish - Building SaaS #60

            In this episode, I created a view to add students from beginning to the end. I used Error Driven Development to guide what I needed to do next to make the view, then wrote tests, and finished it all off by writing the template code.

            At the start of the episode, I gave a quick overview of the models in my application and which models I planned to focus on for the stream.

            We worked on a view to add students. I did this using a technique that I called Error Driven Development. With this strategy, I started with what I wanted and followed the error messages to drive to what I needed to write. Django’s error messages are good enough to show what was needed for each step.

            After creating a view that didn’t error anymore, I filled in some tests to prove that the view behaved in the way I wanted.

            Finally, I wrote the template that provides the proper data for the newly created view.

          • Python RegEx

            In this tutorial, you will learn about regular expressions (RegEx), and use Python's re module to work with RegEx (with the help of examples).

        • Java

          • The 20 Best Java Books for Learning Core Java Programming

            Java is an extensively used programming language, unequivocally expected for use in the appropriated state of the web. If you did not know, Java stands for Just Another Virtual Accelerator. It is the most popular programming language for developing Android applications and is likewise among the most preferred for the advancement of cutting edge technologies. The uses of Java are innumerable, but if I were to mention the top few, I would say that Java is the best for mobile applications, embedded systems, desktop GUI applications, etc. Java can work on any platform, and this makes it a platform-independent software. That is why a proper set of Java books is extremely necessary for anyone who wants to learn Java.

    • Standards/Consortia

      • Listen to the Hedge Podcast 39 to Learn about the Open Standards Everywhere Project

        What is our Open Standards Everywhere (OSE) project all about? How did it get started? What are the project goals? What are some of the challenges web server operators face? How can we work together to make web servers more secure and available?

        Recently Russ White and his team interviewed me on The Hedge Podcast Episode 39 to discuss all these questions and much more. I’ve known Russ for a good number of years and it was fun to talk with him and his co-hosts Eyvonne Sharp and Tom Ammon about all things related to the OSE project. I hope you enjoy listening to the episode as much as we enjoyed having the conversation!

      • ECDSA: Handle with Care

        The elliptic curve digital signature algorithm (ECDSA) is a common digital signature scheme that we see in many of our code reviews. It has some desirable properties, but can also be very fragile. For example, LadderLeak was published just a couple of weeks ago, which demonstrated the feasibility of key recovery with a side channel attack that reveals less than one bit of the secret nonce.

  • Leftovers

    • Three Things: A for "Antifa", for Brutality, C for Commit (Murder)

      Here’s my theory: “Antifa” isn’t just a bogeyman. It’s a test, like an A/B switch. The folks who adopt this concept so deeply they are willing to take action outside the norm can also be persuaded to take other action.

      QAnon likely serves a similar purpose, providing a centralized mythology for persons identified as too weak to reason out of a wet paper bag but willing to invest some degree of effort for their new “faith” system.

      What can’t be seen apart from idiots like this gun shop owner and his compadres is how this uptake is being tested online. This small town gun shop owner didn’t pull the idea of bus-packing “Antifa” terrorists out of thin air; he must have gotten through broadcast media and social media, of which only social media would allow a two-way push-pull of content.

    • Behind the Iron Curtain: Ivan Pepelnjak

      Ivan Pepelnjak was a founding member of the first IX in Slovenia twenty-five years ago. He joins us to describe the origins of the Internet, from the first dial-up circuits to the founding of the first IX and local DNS services here on the History of Networking.

    • Education

      • A Correspondent Looks Back at 40 Years on the Continent

        Everywhere, though, millions of Africans continue to struggle to overcome the same problems: poverty, unemployment, disease, the incompetence of a corrupt elite and competition for a limited amount of resources, a clash which is becoming worse as population growth and climate change continue apace. In many areas - from literacy to the number of dentists per capita – Africa is well behind the rest of the world.

        I have never been one to write off Africa as a continent beset by war and catastrophe. At the same time, though, I have never belonged to those who sugarcoat the situation in Africa, those who continually blame the region's struggles on destructive foreign powers or who overhype small success stories as the beginning of a vast upsurge. I have always sought to remain an "Afro-realist," positioning myself between the prophets of doom and the hopeless romantics. My motto: The situation is serious, but by no means hopeless.

    • Hardware

      • Intel Announces Jim Keller's Departure, Other Leadership Changes

        Legendary processor engineer Jim Keller has resigned from Intel just over two years since he joined the company to much fanfare.

        Intel confirmed today that Jim Keller has resigned effective today due to "personal reasons" while he will continue serving as a consultant for Intel over the next six months.

      • Chip designer Jim Keller has resigned from Intel

        Jim Keller, something of a legend when it comes to chip design has formally resigned from Intel over 'personal reasons'.

        If you don't follow AMD / Intel too closely to know any of the specifics, Keller was the lead architect of the AMD K8 and also the original AMD Zen. Keller also worked with Apple, Tesla and most recently joining Intel in 2018 which turned a few heads because they're obviously quite the name.

        Yesterday, Intel put out a press statement simply mentioning that Keller had resigned 'effective June 11, 2020, due to personal reasons'. However, Keller will be sticking around as a consultant for six months to assist with any transitions.

    • Health/Nutrition

      • [Old] Study: Most Plastics Leach Hormone-Like Chemicals

        Most plastic products, from sippy cups to food wraps, can release chemicals that act like the sex hormone estrogen, according to a study in Environmental Health Perspectives.

      • Automating business for Covid-19 continuity

        While the global situation demands urgency, it’s important to clarify that IT automation won’t provide a rapid return on investment rapidly if your organisation tries to automate a complex business process or operation all at once. Automating small tasks allows you to gain experience in select automation solutions (in turn helping to build your team’s confidence), and it will allow you to develop a foundation of automated processes that can become the building blocks of more complex automation projects. When aggregated together, all the small tasks you automate away can represent a significant time-save for your organisation and will let you focus attention on the bigger projects.

        Another way to accelerate the return on the automation investment is by paying special attention to the skill levels necessary to master the automation solution of choice. Some automation languages tools are much easier to write, understand, and troubleshoot than actual development code, requiring smaller investments in sourcing or developing the skills necessary to operate the automation solution.

        Choosing an easy-to-understand automation language means that more people in your organisation can use the automation solution in their respective domains of expertise compared to a few highly skilled and expensive-to-hire professionals. Similarly, an easy-to -understand language implies a milder learning curve and a faster transition from education to application.

    • Integrity/Availability

      • This Guy Accidentally Took a Photo That Crashes Android Smartphones

        Amateur photographer Gaurav Agrawal had no idea his spectacular picture of St. Mary Lake in Glacier National Park, Montana could end up mercilessly crashing countless Android phones.

        But if it was set as the wallpaper on smartphones running the Android 10 operating system, the phones started acting up, switching off and on repeatedly.

        “I didn’t do anything intentionally,” Agrawal told the BBC. “I’m sad that people ended up having issues.”

        The image, edited in Adobe Lightroom and uploaded to Flickr, didn’t seem to cause any issues on iPhones. But thanks to a tiny snafu during the export of the image, Agrawal unintentionally turned his gorgeous landscape photo into an Android-killing threat.

      • Proprietary

        • Honda Ransomware Confirms Findings of Industrial Honeypot Research [iophk: Windows TCO]

          Through this account, the attackers uploaded a PowerShell script that created a backdoor user account called 'Admin'. This ensured future access and created persistence that allowed the attackers to upload additional attack tools. One of these was Mimikatz, which was used to steal user credentials for lateral movement beyond the initial compromised server. In this instance, it failed because none of the credentials obtained could access the domain controllers. Instead, the attackers used a network scanner to discover additional endpoints. Only after as many endpoints as possible were detected and compromised was the ransomware simultaneously detonated.

        • Job application-themed malspam pushes ZLoader [iophk: Windows TCO]

          Last week, I published a diary about ZLoader malware spread through Polish malspam. Today's diary reviews more ZLoader spread through a different malspam campaign. Two interesting points about this campaign: [...]

        • This was inevitable: 'Thanos' ransomware weaponizes research tool against Microsoft Windows users

          Scammers on cybercriminal forums are marketing a new strain of ransomware, dubbed “Thanos,” to other attackers aiming to infiltrate computers running Microsoft Windows, according to research published Wednesday by threat intelligence firm Recorded Future. Thanos operates much like similar [cracking] tools — encrypting victims’ files until they pay a shakedown fee — except that it’s the first ransomware built, in part, based on a proof-of-concept from security researchers who previously marketed their computer code as a way to bypass Windows 10 security protocols as part of otherwise legitimate tests.

        • [Attackers] use fake contact tracing apps in attempt to install banking malware on Android phones

          Twelve applications posing as coronavirus contact tracing apps available outside mainstream marketplaces are designed to steal personal and financial information from unwitting Android users.

          Apps meant to impersonate official government tracing apps from countries including Italy, Russia and Singapore trigger malicious software capable of collecting a range of data from user’s devices, the threat intelligence firm Anomali found in research shared with CyberScoop prior to its publication. It’s the latest example of [attackers] and scammers exploiting global events to try stealing from anxious smartphone users who, in this case, would have believed they were downloading an app designed to measure the prevalence of COVID-19 in their community.

        • U.S. Officials Ask Juniper Networks About Investigation Into 2015 Backdoor

          More than a dozen U.S. officials have sent a letter to California-based networking and cybersecurity solutions provider Juniper Networks to ask the company about the results of the investigation launched in 2015 following the discovery of a backdoor in its products.

        • Google Researcher Finds Vulnerability in VMware Virtualization Products

          The flaw, tracked as CVE-2020-3960, was reported to VMware by Cfir Cohen, a researcher from Google's cloud security team.

          According to VMware, Cohen discovered that ESXi, Workstation and Fusion are affected by an out-of-bounds read vulnerability that can allow an attacker with non-admin access to a virtual machine to read privileged information from memory.

        • Senate Intelligence Committee wants DNI to investigate commercial spyware threats

          The Senate Intelligence Committee quietly approved a measure last week that would require the Director of National Intelligence to submit a report to Congress on the threats posed by foreign governments’ and entities’ use of commercially available surveillance software.

          The DNI’s report, which would be sent to Congress 180 days after the Intelligence Authorization Act for 2021 passes, would include information on how the U.S. — and other countries — can work to reduce the threats of commercial spyware, including through export controls, diplomatic pressure, trade agreements, and work with the technology and telecommunications sectors to better secure consumers’ software.

        • Pseudo-Open Source

        • Security

          • Another Intel Speculative Execution Vulnerability

            That has turned out to be true. Here's a new vulnerability:

            On Tuesday, two separate academic teams disclosed two new and distinctive exploits that pierce Intel's Software Guard eXtension, by far the most sensitive region of the company's processors.

          • Privacy/Surveillance

            • Palantir to File IPO in Weeks For Possible Fall Debut

              The Palo Alto, California-based company is preparing to register an S-1 filing confidentially with the U.S. Securities and Exchange Commission, said the people, who asked to not be identified because the matter isn’t public.

              Palantir is working with bankers to organize a tender offer for private shareholders to help clean up its capital structure ahead of an initial public offering, the people said. It’s also working with an IPO readiness consultant, they said.

            • Senator fears Clearview AI facial recognition could be used on protesters

              "As demonstrators across the country exercise their First Amendment rights by protesting racial injustice, it is important that law enforcement does not use technological tools to stifle free speech or endanger the public," Markey said in a letter to Clearview AI CEO and co-founder Hoan Ton-That.

              The threat of surveillance could also deter people from "speaking out against injustice for fear of being permanently included in law enforcement databases," he said.

            • Senator fears Clearview AI facial recognition could be used on protesters

              "As demonstrators across the country exercise their First Amendment rights by protesting racial injustice, it is important that law enforcement does not use technological tools to stifle free speech or endanger the public," Markey said in a letter to Clearview AI CEO and co-founder Hoan Ton-That.

              The threat of surveillance could also deter people from "speaking out against injustice for fear of being permanently included in law enforcement databases," he said.

            • Zoom Says China Asked It to Censor Pro-Democracy Activists

              Chinese officials reached out to Zoom in May and early June about four videoconference calls that were publicized on social media to commemorate Tiananmen Square protests, the San Jose, California-based company said Thursday in a blog post. Zoom said that China “demanded” the company terminate the meetings and host accounts because of the activity, which it deemed illegal.

            • Zoom Blocks Activist in U.S. After China Objects to Tiananmen Vigil

              Suspensions similar to Mr. Zhou’s appeared to affect the accounts of a Hong Kong politician, Lee Cheuk Yan, and Wang Dan, a student leader during the Tiananmen protests.

              Late Thursday, Zoom acknowledged that the Chinese government had contacted it about four meetings that would be hosted on the site to commemorate the Tiananmen Square crackdown. The government asked Zoom to terminate the sessions and the accounts hosting the calls, which it did in three of the cases, according to a company statement.

            • Zoom confirms Beijing asked it to suspend activists over Tiananmen Square meetings

              U.S. video conferencing company Zoom issued a statement on Thursday acknowledging that the Chinese government requested that it suspend the accounts of several U.S.- and Hong Kong-based Chinese activists for holding events commemorating the anniversary of the 1989 Tiananmen Square massacre.

              The big picture: Zoom claims that it only took action because the Chinese government informed the company that "this activity is illegal in China" and that meeting metadata showed "a significant number of mainland China participants." Zoom said it does not have the ability to block participants from a certain country, and so it made the decision to end some of the meetings and suspend the host accounts.

    • Defence/Aggression

      • Death of Young Kurdish Man Sparks Hate Crime Debate in Turkey

        Baris Cakan, 20, was fatally stabbed in the Etimesgut neighborhood park of Ankara on May 31. His death soon fueled fury in Turkey after his family first announced he was killed by three nationalist Turks over listening to Kurdish music.

      • Yemen: Saudi Arabia Attacks Civilians With Cluster Bombs

        The Riyadh-led alliance launched several cluster bomb attacks on Wednesday against the Al-Sabah region in western Sana'a, the capital of Yemen.

        Four people, including two children and a woman, were injured when the house they lived in was destroyed in the attack.

        Cluster bombs are prohibited under the Convention on Cluster Munitions (CCM) because of the humanitarian consequences caused to civilians by this type of weapon.

      • Christians shot at and wounded for buying a house in a Muslim neighbourhood in Peshawar

        On the day of the attack, Khan showed up at the Christian house giving the residents a 24-hour ultimatum. Nadeem Joseph replied that he and his family had the right to live where they wanted and that they would not go away.

        Noticing that Khan and his sons had guns, Joseph tried to call the police, but was shot in the belly before he could do so. The attackers then turned their weapons on other members of the Christian family, wounding Joseph’s mother-in-law in the shoulder.

        No neighbour intervened to help the Christians. After calling the emergency ambulance service, Joseph and his mother-in-law were taken to Lady Reading Hospital, where they are still recuperating, and out of danger.

      • Pakistan's Asia Bibi's Brother-In-Law's Body Found With Throat Slit

        Recounting the hellish conditions of eight years spent on death row on blasphemy charges but also the pain of exile, Asia Bibi recently broke her silence to give her first personal insight into an ordeal that caused international outrage.

        French journalist Anne-Isabelle Tollet, who has co-written a book about her, was once based in the country where she led a support campaign for her.

      • Assyrians Fear for Their Future in Turkey

        They are among the nearly 4,000 Assyrians left in the region after violence and poverty forced the community to leave Turkey in the 20th century.

        They are now scattered across Europe, with over 100,000 living in Germany, nearly 100,000 in Sweden and tens of thousands in Belgium, France and the Netherlands.

      • Myanmar Cautioned About Costly Borrowing From China

        As Myanmar’s largest lender, China holds considerable leverage over the underdeveloped and largely impoverished country. China also is the nation’s biggest trading partner and one of its largest sources of inward investment in its southwestern neighbor.

        Myanmar’s current national debt stands at about U.S. $10 billion, of which U.S. $4 billion is owed to China, Auditor General Maw Than told a news conference in Naypyidaw on Monday.

      • Denmark Summons Saudi Envoy Over Spying And Terror Plot

        In a tweet on June 10 Kofod said he has spoken with Saudi Arabia's foreign minister and made it "crystal clear that the Danish government does not accept any terror-related activities on Danish soil and that the government considers the matter with the greatest seriousness".

    • Transparency/Investigative Reporting

      • Twitter is Calling You Out for Sharing Articles You Haven't Read

        Twitter is testing out a new feature on Android that ask users if they want to click and actually read the dang article they’re planning to retweet.

        “Sharing an article can spark conversation, so you may want to read it before you Tweet it,” reads a brief update from the company’s Twitter Support account.

      • Police Intelligence Document Spreads Antifa Conspiracy Theory

        In an interagency communication sent to local police departments earlier this month, an official with a Washington-state fusion center told cops to look out for members of Antifa traveling to their cities to potentially riot. These claims are unsubstantiated and have largely been debunked across the country.

    • Environment

      • Environmentalists Targeted Exxon Mobil. Then [Attackers] Targeted Them.

        Three years ago, several environmental groups noticed that they had been receiving suspicious emails with fake Google News articles and other links related to their climate-change campaign against Exxon Mobil. The emails came from accounts that impersonated their own colleagues and lawyers.

        Those phishing emails have now led to a federal criminal investigation into a sprawling [cr]acking-for-hire operation that for years has targeted the email accounts of government officials, journalists, banks, environmental activists and other individuals, according to people briefed on the inquiry.

      • Indonesian journalist held since early May on criminal defamation charge

        Sukirman’s complaint against Banjar Hits and Kumparan, the Indonesian blogging platform that hosted Banjar Hits, stated that he was misquoted in a story written and published by Diantara about a land dispute between the indigenous Dayak community and a palm oil company, and said the misquotation was defamatory and could cause ethnic tensions, MongaBay reported.

        Sukirman said that he believed the land dispute could be settled amicably or through the courts, but was misquoted as saying that the dispute could trigger ethnic tensions between the Dayak and Bugis communities, according to that report.

      • 10 beaches receive Blue Flag designation for a total of 63

        Among other requirements, Blue Flag beaches must offer environmental education activities, display a code of conduct, and provide information about water quality. Garbage cans, water, and restrooms are required, and lifeguards and first aid services must also be in place.

        In municipalities with multiple Blue Flag beaches, at least one must be accessible for people with disabilities.

      • Toward an Equitable Dark Sky Movement

        Toward an equitable dark sky movement, we commit ourselves to the following:

        Pursue relationships with people and organizations to learn from and empower diverse voices;

        Conduct an independent audit of all internal and public facing policies, programs, and procedures to identify barriers to inclusion;

        Implement a public and time-bound plan to break down these barriers.

      • Energy

        • The Bicycle as a Vehicle of Protest

          Bicycle politics, the causes championed by cycling advocates and activists, are often dismissed by critics as esoteric or élitist. But transportation issues are social-justice issues. The toll of bad transit policies and worse infrastructure—trains and buses that don’t run well and badly serve low-income neighborhoods, vehicular traffic that pollutes the environment and endangers the lives of cyclists and pedestrians—is borne disproportionately by black and brown communities.

        • Turning Your Car Into an Electric Bike for the Mid-Pandemic Commute

          Demand for e-bikes is rising sharply. Sales in April were up almost 300% over the same month a year ago. That’s not to suggest business was small last year—Radenbaugh says his company had sales of almost $100 million in 2019—just that the virus has created a new rationale for the bikes. “People are looking for a social distancing option,” he says.

      • Overpopulation

        • Armed gangs in northwest Nigeria kill dozens in string of attacks

          The unrest, which experts say has been spurred by overpopulation and climate change, has seen an estimated 8,000 people killed since 2011 and 200,000 flee their homes.

        • Earth Overshoot Day is August 22, more than three weeks later than last year

          Earth Overshoot Day 2020 lands on August 22, more than three weeks later than in 2019, according to Global Footprint Network. The date reflects the 9.3% reduction of humanity’s Ecological Footprint from January 1st to Earth Overshoot Day compared to the same period last year, which is a direct consequence of the coronavirus-induced lockdowns around the world. Decreases in wood harvest and CO2 emissions from fossil fuel combustion are the major drivers behind the historic shift in the long-term growth of humanity’s Ecological Footprint.

          The sudden year-over-year Ecological Footprint contraction, however, is a far cry from the intentional change which is required to achieve both ecological balance and people’s well-being, two inextricable components of sustainability. At Global Footprint Network, we envision a world where humanity lives on our planet’s ecological budget by design rather than by disaster, so that all thrive within the means of Earth.

    • AstroTurf/Lobbying/Politics

      • Tucker Carlson Is Freaking Out About Elmo the Antifa Overlord And His Left-Wing Rage Mob
      • Twitter deletes over 170,000 accounts tied to Chinese propaganda efforts

        Twitter announced Thursday that it had deleted more than 170,000 accounts tied to a Chinese state-linked operation that were spreading deceptive information around the COVID-19 virus, political dynamics in Hong Kong, and other issues.

        Almost 25,000 of the accounts that were deleted formed what Twitter described as the “core network,” while around 150,000 accounts were amplifying messages from the core groups.

      • Tibetan Applicants For Police Work Turned Away Over Political Concerns: Report

        Tibetans seeking work as auxiliary police officers in Tibetan areas of China are being barred from employment over a wide range of concerns, with recruiters told to disqualify anyone engaging in “separatist activities” or having family members who have left Tibet to go into exile abroad, a Tibetan advocacy group said on Thursday.

        To be considered now for employment, applicants must never have participated in protests against Chinese policies in Tibetan areas or spread “rumors and false information that undermine social stability,” the Washington-based International Campaign for Tibet said in a June 11 report.

    • Censorship/Free Speech

      • Rights group says Zoom shut down its account after Tiananmen Square anniversary event

        Zoom said in a blog post later on Thursday that it was informed by the Chinese government about four separate Zoom gatherings to commemorate the June 4 anniversary that were being publicized on social media.

        "The Chinese government informed us that this activity is illegal in China and demanded that Zoom terminate the meetings and host accounts," the company said.

      • Tiananmen activists locked out of Zoom

        US and Hong Kong-based activists have reportedly had their Zoom account temporarily suspended following Tiananmen commemorations. Zoom said participants are required to comply with their respective local laws.

      • Zoom Shuts Down Account of U.S.-based Group After Tiananmen Anniversary

        Humanitarian China said its account was closed on June 7 at around 10.00 p.m. local time, a week after it had used the platform to host an international event commemorating the weeks-long pro-democracy movement that ended when Chinese leaders ordered the People's Liberation Army (PLA) to kill civilians with tanks and machine guns on the night of June 3-4, 1989.

        "Zoom has not responded to our requests for an explanation," the group said in a statement on its website.

      • The practical people problem with instance diversity in the Fediverse

        Finally, if you're trying to actively pick a good instance, most people have the twin problems that they don't know what they care about (or should care about) in instances, and even if they do know they have things they care about they don't know enough to how to evaluate instances. Oh, you can read an instance's policies and poke around a bit, but that may not give you clear and honest answers, and on top of that a lot of things in the Fediverse are only clear to people who are immersed in the Fediverse already. To put it one way, there are a lot of problems with instances (and problem instances) that aren't obvious and clear to outsiders.

        All of this should be unsurprising, because it's all a version of the problem of forcing users to make choices in security. People mostly don't care, and even if they do care they mostly don't know enough to make good choices. This is especially the case if they're new to the Fediverse.

      • Whoopi Goldberg, Megyn Kelly criticize HBO Max’s temporary removal of 'Gone With the Wind'

        On Wednesday, Whoopi Goldberg led "The View" panelists in a discussion over how, as she saw it, censoring "Gone With the Wind" is unhelpful, but educating viewers on the film's context is.

        "If you start pulling every film, you're going to have to pull ... a very long list of films," said Goldberg, the second black woman to win an acting Oscar after "Gone With the Wind" actress Hattie McDaniel won for playing Mammy.

      • Zoom closed account of U.S.-based Chinese activist “to comply with local law”

        The U.S. video-conferencing company Zoom closed the account of a group of prominent U.S.-based Chinese activists after they held a Zoom event commemorating the 31st anniversary of the June 4 Tiananmen Square Massacre, Axios has learned.

      • Wikipedia formally censors The Grayzone as regime-change advocates monopolize editing

        Internet encyclopedia giant Wikipedia is censoring independent news websites by adding them to an official blacklist of taboo “deprecated” media outlets.

        The Grayzone is among the news websites targeted by the censorship campaign. Others include leftist and anti-imperialist outlets like MintPress News and the Latin American news broadcaster Telesur, along with several prominent right-wing political sites, including the Daily Caller.

        The campaign to blacklist The Grayzone was initiated by Wikipedia editors who identify as Venezuelans and openly support the country’s right-wing, US-backed opposition. These users obsessively monitor Venezuela-related articles, aggressively pushing a regime-change line and working to excise any piece of information or opinion that interferes with their agenda.

      • Upper East Side Mom Group Implodes Over Accusations of Racism and Censorship

        Ms. Brady noticed that often, when black women weighed in on such topics, their comments would quickly disappear. When she brought this up to the group, she saw her comments vanish too.

    • Freedom of Information/Freedom of the Press

      • Trump, U.S. governors must stand up for press freedom, CPJ and other groups say

        Since protests demanding an end to police brutality and calling for social justice broke out on May 26, the U.S. Press Freedom Tracker has received reports of at least 400 incidents across the country, including assaults and arrests of journalists. CPJ swiftly condemned the attacks and has called for accountability and justice at all levels.

      • International groups call on Trump to speak up for press freedom

        We are writing to you as journalists, press freedom organizations, and industry groups to express our deep dismay at the recent violence perpetrated against journalists in the United States as they have sought to report on mass protests across the country. On behalf of the 72 groups listed below, we urge you to speak out forcefully against these attacks and in support of the rights of journalists to report freely, as guaranteed by the First Amendment of the U.S. Constitution.

      • A journalist sued the city of Minneapolis, saying she was blinded after being shot in the face by police during a George Floyd protest

        A journalist who was blinded in her left eye after being shot in the face with a "non-lethal" projectile is suing the city of Minneapolis, telling Insider that she hopes the litigation will lead to better standards for law enforcement and safer protests for members of the media and others exercising their right to free speech.

        Linda Tirado, a journalist who has written best-selling books and articles for The Guardian and The Daily Beast, was prepared for the worst when she drove from her home in Tennessee to Minnesota following the death of George Floyd. But she says her personal protective equipment — goggles around her eyes, credentials around her neck announcing her as "PRESS," and a professional-grade Nikon in hand — proved incapable of safeguarding her from the Minneapolis police.

      • Court challenge awaits Duterte-backed anti-terror legislation

        During an online forum on Monday night covered by Al Jazeera, Senator Francis Pangilinan, the other opponent of the bill, said "there are serious constitutional questions" that it raises, "particularly on the respect for fundamental rights" of Filipino citizens.

        The most contentious provisions include those for warrantless arrest and the 14-day detention of suspected "terrorists", extendible for another 10 days.

        According to the legislation, a warrantless arrest can be ordered by the so-called anti-terror council, under the president, meaning the council could be tasked to determine what constitutes terrorism - a role exclusively reserved for the courts as defined in the Constitution.

      • Hong Kong to Prosecute Media Mogul Jimmy Lai, Organizers Over Tiananmen Vigil

        Authorities in Hong Kong will prosecute four prominent pro-democracy figures including media mogul Jimmy Lai for their involvement in a public commemoration of the Tiananmen massacre anniversary on June 4.

        Lai, along with trade unionist Lee Cheuk-yan, rights lawyer Albert Ho, and veteran democracy activist Richard Tsoi will be charged with "incitement to join an illegal assembly" after thousands defied a police ban to gather in Victoria Park for the traditional candlelight vigil marking the 1989 bloodshed in Beijing.

        The vigil was organized by the Hong Kong Alliance in Support of Patriotic Democratic Movements in China, which is run by Lee, Tsoi, and Ho.

        Lee said he was informed of the decision to prosecute in a phone call from police on Thursday evening.

      • Mexico is a deadly place to be a journalist but sophisticated bot attacks are increasing the danger

        It’s about attacking the messenger.

        Mexico is already the most dangerous country on the continent for journalists. More regional reporters have been killed here than any other place on the Western Hemisphere. To this alarming situation, we add the sophisticated digital campaigns to discredit their work, which also puts their lives in danger.

      • Nigerian journalist in hiding after police arrest and question 5 reporters about his whereabouts

        “Nigeria’s police must stop detaining and questioning journalists, and should disclose the reason they are pursuing journalist Cletus Opukeme,” said Angela Quintal, CPJ’s Africa program coordinator, in New York. “The Nigerian press must be allowed to work freely, without police or other state agents harassing, arresting, and interrogating them.”

    • Civil Rights/Policing

      • Defund the Police, Invest in Communities

        Local governments have a revenue problem, while America has a policing problem. There’s a simple solution.

      • Louisville bans "no knock" warrants through "Breonna's Law"

        Why it matters: That warrant allows law enforcement to enter homes without warning, and was reportedly obtained by the officers who shot Louisville resident Breonna Taylor in her home on March 13. Her death has been protested by Black Lives Matter demonstrators following the police killing of George Floyd in Minneapolis.

      • Top general apologizes for appearing in photo-op with Trump after forceful removal of protesters

        "I should not have been there. My presence in that moment and in that environment created a perception of the military involved in domestic politics. As a commissioned uniformed officer, it was a mistake that I have learned from, and I sincerely hope we all can learn from it," he added.

      • The Police Will Do Everything They Can to Resist Accountability — They Have to Be Defunded and Demilitarized

        We can take comfort from the fact that police play little role in determining the crime rate. When the NYPD went on their slowdown in 2014–15, crime actually went down, not up. We need to push to defund the police. This has to be at the center of what we demand of candidates for local office. In Democratic-run cities, we can run candidates in Democratic primaries who are committed to defunding, and if that fails, support third-party candidates. However, as the example of de Blasio makes clear, finding good candidates and getting them elected is not enough.

        We will need to engage in repeated direct action and be clear on our demands. The police have to be demilitarized. Police forces need to stop accepting surplus military weaponry and get rid of what they already have. For the most part, police should be replaced with volunteers who reflect and will respond to the needs of their neighborhoods. We need to elect district attorneys who will not defer to police, and who see reducing the incarceration rate as their central goal. The rapid accomplishments of recently elected progressive DAs in Philadelphia, Boston, San Francisco, Houston, and elsewhere are examples of the importance of targeting that office.

      • [Old] Marvel's the Punisher Lays the Beatdown on Cops Who Use His Skull Symbol for 'Blue Lives Matter' Movement

        Hayden repeated Conway's statement that "the Punisher represents a failure of the justice system."

      • ‘Live PD’ says it destroyed video of Javier Ambler II's death during 2019 Texas police stop

        Video filmed by a “Live PD” crew of an in-custody death of a black man last year has been destroyed and can no longer be turned over to Austin investigators, representatives of the reality TV show said Tuesday.

        The disclosure by A&E Networks came a day after the Austin American-Statesman and KVUE-TV first reported details of the March 2019 death of Javier Ambler while being arrested by Williamson County sheriff’s deputies in connection with a traffic violation. The Austin American-Statesman is part of the USA TODAY Network.

        A&E confirmed Tuesday that “video of the tragic death of Javier Ambler was captured by body cams worn on the officers involved as well by the producers of Live PD who were riding with certain officers involved.”

      • A White Woman, Racism and a Poodle

        There were plenty of times black men pulled up next to me when Merlin was in the passenger seat and said, “Hey, a brother dog.” I should have known. John Steinbeck wrote in “Travels with Charley,” Charley was also a Poodle, that he had to be careful driving in the South. He got in trouble a few times because people thought Charlie was a black man. How could I be so stupid!

        I stood behind my van with Merlin in the passenger seat and could see how he was mistaken for a black man. I wish I had a photograph.

        This happened to me 5 times in the span of about a year. I cannot imagine having it happen several times a week my entire life. As a white woman, getting stopped by the police is scary; it makes my heart race and my stomach hurt. I’m sure a black person’s fear and rage is a hundred times greater.

        Since Merlin died, I have not been pulled over once.

      • AWS Ruins Own Attempt at Sabotage

        Other takeaways to keep in mind: They’re never nicer to you then when they’re trying to hire you. If they mock your concerns about the non-compete? RUN. Amazon is apparently incredibly easily scorned. They will hurl fire after departed employees and use their own reputation as kindling. Brian Hall is the greatest cloud marketer in the world. He hasn’t even started yet, and he’s already made a Google job offer more compelling than its equivalent at AWS by a landslide. He’s gotten me saying nice things about Google—and that shouldn’t be possible! Non-competes are clearly being used to provide a chilling effect for their existing employees. Very few companies will go up against Amazon in a courtroom; it’s far easier for most to simply withdraw the offer and select another candidate. I can’t abide a bully. If, after losing your job, you can’t afford to weather an 18-month period in which your ability to work for any company Amazon deems to be a competitor, you should probably look into working elsewhere. There’s absolutely nothing in the non-compete that says your departure must be voluntary. If AWS had decided to fire Brian for any reason, they could just have easily have brought this same suit against him. Both Brian and I are the very whitest of guys, steeped in the purest expression possible of techbro privilege. If this is how it plays out when someone with that overwhelming accelerator pushes back, imagine how it might impact people of color, women, and other folks who aren’t dramatically overrepresented.

        Non-competes are bad news for everyone. The incredibly talented folks at AWS deserve better, massive amounts of goodwill among AWS’s candidate pool are being torched by moves like this, and I fail to see any way that this situation benefits customers.

      • Another election, another mess: ‘Complete meltdown’ in Georgia is latest chapter in America’s electoral problems

        Martin stopped short of assigning blame, but two Georgia Democrats on Biden’s list of potential running mates pointed at Republican Secretary of State Brad Raffensperger, who led the selection of Georgia’s new voting machine system and invited every active voter to request an absentee ballot.

      • Georgia election chaos could have been avoided

        Georgia has been shaken in recent months by the vigilante-style death of Ahmaud Arbery and the threat of COVID-19. But its voters couldn’t have imagined the calamity it faced Tuesday, June 9 when they went out to vote or tried to secure absentee ballots.

        Alarm bells have been sounded in Georgia’s presidential primary and down-ballot elections as state and local officials reacted to the chaos as voters faced long lines and confusion as they attempted to cast their votes in-person. As of Tuesday evening, three-quarters of the calls received on the Lawyers’ Committee for Civil Rights Under Law’s 866-OUR-VOTE hotline came from African-American voters.

        Georgia’s secretary of state and the governor could have deployed resources to provide a smoother and more seamless voting experience for its citizens during Tuesday’s Election Day. In recent years, state officials have been charged with discriminatory voter purges, widespread polling place closures, and selective signature match requirements harming Black and low-income voters most.

      • Year of repression: How Hong Kong’s leaders twisted the protest narrative to strangle a movement

        One year on from that record-breaking rally, the mass movement that galvanized a generation is feeling the full weight of a relentless government assault. Beatings, tear gas and gunfire have been unleashed against overwhelmingly peaceful protests over the past 12 months. Renewed demonstrations in response to a terrifying national security law proposed by Beijing are being met with a familiar heavy-handed police response.

        But away from the turmoil of the streets, Hong Kong’s government is taking a more calculated approach. In addition to brute force, propaganda is the weapon it has chosen to try to crush a second successive summer of discontent before it can get going.

      • 'This is not just a Georgia problem': Primary election troubles foreshadow challenges for November

        "I'm very concerned about our country's preparations for the election," Guy Cecil, chairman of Priorities USA, the largest Democratic-aligned outside group, said during a press briefing with reporters on Wednesday, the day after the election. "This is not just a Georgia problem, it's not just a southern problem. This has been happening in states all across the country."

      • A New Wave of Reckoning Is Sweeping the Porn Industry

        She also said that she'd like to see more sets employ talent advocates, "someone to make sure that women are being treated fairly and respected on set so that these things don’t happen... I hope that moving forward, the industry learns from this. That we are better vigilant of the ways that women can be taken advantage of."

        In a moment when it can seem like every powerful person in an industry is suspect, it's important to acknowledge that abuses like Chu and Karter and the dozens more women coming out about their experiences still aren't the norm.

        "Consent is important everywhere, especially in porn," Chu said. "I hope that this situation with everyone coming out not only opens a dialogue of proper boundaries on and off set, but changes the power dynamic completely." Performers are realizing they have the power, Chu said—not producers or studios executives.

      • Father of Justine Ruszczyk Damond responds to death of George Floyd

        "We were satisfied that Justine's killer was found guilty, but we remained concerned that the police force, as an institution was deeply flawed," he said. "Both gentlemen said they would work to change the culture and behavior of officers with the goal of improving relations between the police and community. The fact that another person has died at the hands of the Minneapolis police using excessive force shows that they have not made adequate changes to their practices and training as we had been told they would after Justine's murder."

      • George Floyd's former partner grieves with man whose fiancée was killed by Minneapolis police

        Damond and Washington are hopeful that Floyd's death can bring about systemic change in policing in Minneapolis and across the world.

      • Leaked review exposes scale of aid corruption and abuse in Congo

        A review of fraud and corruption risks in the Democratic Republic of Congo – one of the world’s longest-running humanitarian crises – delivers a blistering assessment that could spark major changes to aid operations in a country where hundreds of millions of dollars of foreign aid are spent annually.

        The 70-page draft review – circulated last month to aid officials working in Congo and obtained by The New Humanitarian – looks at everything from corruption within the Ebola response to how women and girls are subjected to sexual exploitation. It also details how donor funds are siphoned off and how aid recipients ultimately lose out.

        The office of UN Secretary-General António Guterres is aware of the review, spokeswoman Zoe Paxton told TNH. “Once the report is published, we will carefully consider any recommendations made,” she said.

      • Where did ‘taking a knee’ come from?

        That sympathetic physician, Sir Thomas Browne, thought himself austere in conversation. ‘Yet, at my devotion,’ he confessed in Religio Medici (from the 1630s), ‘I love to use the civility of my knee, my hat, and hand, with all those outward and sensible motions which may express or promote my invisible devotion.’

        His hat he took off in church. His hand? Did he make the sign of the cross with it? His knee he probably bent to kneel in prayer, certainly at the reception of the Sacrament, as the Prayer Book directed.

        Today, there are two things odd about take the knee: the phrase itself and the gesture it describes. Neither was familiar in Britain.

        The phrase finds a history in American football, which I don’t play. An NFL rule declares: ‘An official shall declare the ball dead… when a quarterback immediately drops to his knee.’ This wastes time. It all took off in 1978. But if a player is injured, to take a (or the) knee is reckoned to show concern.

        In 2016 Colin Kaepernick, a quarterback, began taking a knee during the national anthem in protest at racism. It caused a stir. But it was less of a sledgehammer gesture than the black power salute of the clenched fist, which drew attention at the Mexico Olympic Games of 1968.

        The football tactic is also known as the genuflect offence (offense in American spelling). Yet Origen, the early Church father, thought genuflection absolutely necessary when asking God’s pardon for an offence. The gesture was so linked with penitence that in 325 the Council of Nicea forbade kneeling on Sunday, which was no day of penance but of rejoicing. On Good Friday, the leading fast day, people would creep the Cross, as Langland mentioned the 14th century, by advancing to adore it on their knees.

        The English knee, the Latin genu (hence genuflect) and Greek gonu all derive from an archaic word gneuo. But the gnu (called wildebeest by the Dutch) takes its name not from its knobbly knees but from the language of the San, whom we used to call Bushmen. It doesn’t take long to learn to say San instead, or to say take the knee and do it.

    • Monopolies

      • Patents

        • Sharp's blunt swords: two patents-in-suit against Daimler likely invalid, infringement cases got stayed

          Sharp is a contributor to the abusive Avanci patent pool that makes supra-FRAND royalty demands and declines to license component makers. It's more of a gang than a pool, and its level of coverage (of the cellular SEP landscape) is far lower than Avanci likes to pretend, as I'll discuss in another post very soon.

        • Huawei, Samsung top list of companies with 5G-essential patents in Amplified/GreyB study--Huawei, Qualcomm have highest essentiality ratios

          Today's IAM Sunday Supplement drew my attention to a June 2, 2020 article IAM summarized today as follows: "Essentiality analysis finds that so far just 26% of declared 5G SEP grants are core to the standard and claims Huawei, LG and Samsung lead the way." That article notes, among other things, that "[t]he researchers judged 34% of the Huawei patents they analysed to be ‘core’ patents – by far the best hit rate among the top six players." What is meant here by "hit rate" is the percentage of declared-essential 5G patents of a given company that actually come across as essential even upon closer look...

        • Traditionally bred plants and animals are no longer patent eligible at the European Patent Office – what is still protectable?

          On 14 May 2020, the Enlarged Board of Appeal (EBA) of the European Patent Office (EPO) provided their long-awaited opinion on the controversial G3/19 case relevant to the patent eligibility of traditionally bred plants and animals.

          This decision likely brings to a close a long running legal saga on this issue.

          [...]

          This apparent anomaly has been the subject of a protracted series of legal disputes with two previous decisions of the EBA (“Broccoli” – G2/12 and “Tomatoes II” – G2/12) finding that the exclusion should not be applied to the plants and animals produced.

          Following lobbying from the European Union, Rule 28(2) EPC was then introduced by the Administrative Council on 1 July 2017. This rule explicitly states that under Article 53(b) EPC European patents shall not be granted in respect of plants or animals exclusively obtained by means of an essentially biological process.

          However, because this apparently contradicted the earlier EBA decisions G2/12 and G2/13, and because articles are supposed to trump rules, an EPO Technical Board of Appeal (“Pepper” – T1063/18) then ruled that Rule 28(2) EPC should be ignored.

          With a view to resolving this ongoing conflict, and under pressure from various lobbyists, the President of the EPO made a referral of the issue to the EBA. Present G3/19 represents the EBA’s opinion on the issue.

        • European Patent Office COVID-19 provisions - as at 25 May 2020

          The EPO has recently issued further information regarding oral proceedings before examination and opposition divisions and before the Boards of Appeal. This article summarises all of the EPO’s COVID-19 related notices, information and decisions to date.

        • No More Automatic COVID-19 Extensions At The EPO

          In recent months, the EPO has announced various "COVID-19" extensions of time, allowing additional time for responding to certain time periods (see our blog post here). The final "COVID-19" extension period expires 2 June 2020, but most workplaces are still a long way from being back to "normal". What does the absence of a formal COVID-19 extension mean for EPO users?

          As noted in our previous blog post on this topic, many significant deadlines were excluded from this extension including the deadline for filing a divisional application, and the deadlines for filing written submissions.

          Rather than providing a blanket extension of time for most (but not all) EPO time periods, the expiry of the "COVID-19" extensions of time means that if a time limit is now missed after 2 June 2020, the onus is on applicants to demonstrate that the time limit is missed due to a dislocation in the delivery or transmission of mail caused by an exceptional occurrence affecting the locality where an applicant, a party or their representative resides or has his place of business. If there is disruption due to the pandemic, and any document received late will be deemed to have been received in due time if the person concerned offers evidence that on any of the ten days preceding the day of expiry of a period, it was not possible to observe the time limit due to this exceptional occurrence and that the mailing or the transmission was effected at the latest on the fifth day after the end of the disruption.

        • Episurf Medical: New European Patent Approval
        • Software Patents

          • Neonode provided key prior art against Apple's slide-to-unlock patent and is now suing Apple in Texas over swipe-to-open and QuickPath swipe typing features in latest iPhones

            The Neonode N1m smartphone didn't get much traction in the marketplace (with only a tiny number of units being sold in Sweden at the time), but it predated Apple's slide-to-unlock patent application, which is why it served as a key prior art reference in various disputes between Apple and Android device makers Samsung and Motorola Mobility. In a nutshell, the problem plaguing Apple's slide-to-unlock patent was that Apple itself had not invented slide to unlock per se, but merely the visual presentation ("slide-to-unlock image").

            The Federal Court of Justice of Germany (the highest court to hear patent infringement and validity cases in that country) determined that the Neonode N1m rendered Apple's slide-to-unlock patent non-novel. Prior to the five judges on that panel, ten other European judges had reached more or less the same conclusion.

            [...]

            Apple presumably had its reasons to reject Neonode's demands. Let's see how this infringement case unfolds. But after seeing the Neonode prior art mentioned in various Apple-Android disputes over the years, this is an ironic blast from the past.

      • Copyrights

        • BREAKING: CJEU rules that a functional shape may be protected by copyright in so far as it is original

          Since its seminal ruling Infopaq nearly 11 years ago [Kat-celebration here], the Court of Justice of the European Union (CJEU) has been contributing fundamentally to both shaping and placing the building blocks of copyright protection in the EU.

          [...]

          In its 39-paragraph ruling, the CJEU held that copyright protection is in principle available to products whose shape is, at least in part, necessary to obtain a technical result, insofar as "that product is an original work resulting from intellectual creation, in that, through that shape, its author expresses his creative ability in an original manner by making free and creative choices in such a way that that shape reflects his personality".

          In achieving this result, the Court reviewed earlier case law and, in line with the Cofemel holding, it confirmed that - for copyright protection to arise - it is "both necessary and sufficient" that the subject matter at hand is original, in the sense that it is its author's own intellectual creation that results from their free and creative choices and reflects their personality.

          As the CJEU had held in earlier case law, originality is not fulfilled where the realization of a subject matter has been exclusively dictated by technical considerations, rules or other constraints which have left no room for creative freedom.

        • The inexorable rise of streaming and the sunset of the cinema: celebration or sorrow?

          How should we view the decline of the movie theatre industry? This is hardly a new question—The Economist reported that America has 1,600 fewer cinemas than it did at the beginning of this century. Then, the average movie goer went to the cinema about five times a year; now, it is closer to three times a year. But the coronavirus epidemic, and the binging on streamed contents that it engendered, has exacerbated these trends in a way that portends a fundamental shift in how we may be viewing movies in the future.

          [...]

          Against this backdrop, CNN.com recently published a report that AMC has “substantial doubt” that it can continue in business. Consider the numbers: it estimates to have lost between $2.1 billion and $2.4 billion during Q1 2020, with Q2 looking even worse. In the words of the company, “we are generating effectively no revenue.” With a cash balance on hand, as of April 20, of $718.3 million, the company estimates that it can still manage to reopen its operations as late as August 2020. But thereafter, uncertainty, rising to the level of an existential threat, will only increase.

          So how might this change what films we see and where we view them? After all, copyright, since its inception, has sought to foster the distribution of creative contents against the balancing of the interests of creators and consumers. Regarding films, for decades, one was limited to viewing what was screened at the local cinema. Television expanded the viewing options a bit, but it was cable, video cassettes, CD’s and the like that enabled us to have home access to movies, most recently marked by the current surge of home streaming platforms.

        • What the Federal Court of Appeal Anti-Spam Law Case Means for the Interpretation of CASL

          The case stands as the most important CASL case to date, providing both guidance on interpreting some of the provisions found in the law and strongly affirming that the law is constitutional.

        • Medical Device Repair Again Threatened With Copyright Claims

          Medical providers face countless challenges in responding to the COVID pandemic, and copyright shouldn’t have to be one of them. Hundreds of volunteers came together to create the Medical Device Repair Database posted to the repair information website iFixit, providing medical practitioners and technicians an easy-to-use, annotated, and indexed resource to help them keep devices in good repair. The database includes documentation for mission-critical devices relevant to the COVID pandemic and has been widely praised as a tool for caregivers and those supporting them.

          Despite this, Steris Corporation contacted iFixit to demand that their products’ documentation be taken down on copyright grounds. As the name suggests, Steris makes sterilization-related devices used to prevent contamination and the spread of disease. Unlike disease, though, the spread of repair information enhances public health and Steris should leave it alone.

        • Team-Xecuter Accuses Nintendo of Censorship and Legal Scare Tactics

          Team-Xecuter is widely known for creating 'hacks' that bypass digital restrictions on Nintendo consoles. Nintendo sees these tools as a major piracy threat and recently sued several stores that sell the products. Speaking with TorrentFreak, Team-Xecuter refutes the piracy stigma while accusing Nintendo of censorship, monopolistic control, and legal scare tactics.



Recent Techrights' Posts

1901 Days in High-Security Prison (and 8 More Years in Severe Confinement) for the 'Crime' of Exposing War Crimes and Corruption
Julian Assange clip
Opensource.org = Microsoft Lobbying (Openwashing)
Here's the latest pair of blog posts
In Northern Mariana Islands, Where Julian Assange Pled Guilty 4 Weeks Ago, Windows Remains Second to Android, and GNU/Linux Still Grows in Oceania
It was the first month ever that statCounter saw more Web requests there from Android than from Windows
Good News About GNU/Linux, Geminispace, FSF, and Backlash Against Microsoft
here are a few quick takes
Backlash and Negative Press After Microsoft Tells Diversity, Equity, and Inclusion (DEI) People to DIE
Follow-up stories
Red Hat's Official Site Yesterday: Promoting 'Secure' Boot in Machines You Don't Own or Control Anyway
"To be clear, CentOS Linux no longer exist"
 
UEFI 'Secure Boot' Once Again Bricking PCs and Fake Security Models Are Perishing in Geminispace
Let's Encrypt has just fallen again
[Meme] Conservative (and Fake) Nuclear Physicist Bill Gates
Didn't even graduate from college, media treats him like a world-renowned expert in nuclear energy
The Gemini Capsule of Tux Machines Turns 2 in Six Days
Many people actually use Gemini, some participate in it by creating their own capsule (or capsules)
GNU/Linux Rises to 4% in Saudi Arabia, Says statCounter, Windows Has Fallen to 11% (Android Exceeds 60%)
Microsoft might soon fall below 10% in KSA (Saudi Arabia)
IRC Proceedings: Thursday, July 18, 2024
IRC logs for Thursday, July 18, 2024
GNU/Linux news for the past day
GNU/Linux news for the past day
If GitLab Gets Sold (Datadog and Google Named Among Potential Buyers), It'll Prove Our Point About GitLab
Beware the bait on the hook
Hot Summer: Microsoft Flirting With the "5% Windows" Club in Afghanistan
The share of Windows in Afghanistan has fallen to almost 5% (1 in 20 Web requests)
[Meme] Nothing Says "Independence Day" Like...
Firing DEI on Independence Day period
Links 18/07/2024: Hardware, Conflicts, and Gemini Leftovers
Links for the day
Links 18/07/2024: Retroactively Pseudonymised Litigant and Alberta’s Energy ‘War Room’
Links for the day
Gemini Links 18/07/2024: A Welcome to Gemini and Politics of Assassinations
Links for the day
Fabian Gruenbichler & Debian: former GSoC student added to keyring
Reprinted with permission from Daniel Pocock
Links 18/07/2024: ORG Complaint to ICO About Facebook, Korean Double Agent Unmasked
Links for the day
Joel Espy Klecker & Debian on Joe Biden's health and Donald Trump's assassination
Reprinted with permission from Daniel Pocock
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, July 17, 2024
IRC logs for Wednesday, July 17, 2024
Links 18/07/2024: Hostname Pedantry and Retro Coding
Links for the day
Fedora Week of Diversity (FWD) 2024 Attracting 0.01% of the IBM Staff "Was a Success"
They expect volunteers (unpaid slaves) to do the PR for them...
African's Largest Population (Nigeria) Approaching 80% Android "Market Share" Amid Steady Monthly Increases While Microsoft Has Mass Layoffs in Nigeria
Microsoft- and Apple-sponsored Western (or English-speaking) media chooses to ignore that or treat it as irrelevant (a racist disposition in its own right)
[Meme] The Warlord's Catspaw
Thugs that troll us
Microsoft Misogyny Will be the Fall of Microsoft (Covering Up for Misogynists is a Huge Mistake and Highly Misguided Short-term Strategy)
Microsoft's undoing may in fact be its attitude towards women
Microsoft's Bing Falls to Fourth in the Europe/Asia-Based Turkey, Share Halved Since LLM Hype, Now Only 1% (Sometimes Less)
Turkey (Eurasia) is another example of Microsoft failing with LLM hype and just burning a lot of energy in vain (investment without returns)
Red Hat Keeps Behaving Like a Microsoft Reseller (for Proprietary Stuff!), Microsoft Employees as Authors in redhat.com
In some ways this reminds us of Novell
Links 17/07/2024: New Attacks on the Press, European Patents Squashed Even at Kangaroo Court (UPC)
Links for the day
Gemini Links 17/07/2024: Proponents of Censorship and New Arrivals at Gemini
Links for the day
Links 17/07/2024: School Budget Meltdown and Modern Cars as Tracking Nightmares
Links for the day
This Should Certainly be Illegal, But the Person Who Helped Microsoft Do This is Still Attacking the Critics of It
perhaps time for an "I told you so post"
Censorship as Signal of Opportunity for Reform
It remains sad and ironic that Wikileaks outsourced so much of its official communications to Twitter (now X)
[Meme] A Computer With an Extra Key on the Keyboard Isn't Everyone's Priority
(so your telling me meme)
The World Wide Web Has Been Rotting for Years (Quality, Accuracy, and Depth Consistently Decreasing)
In the past people said that the Web had both "good" and "bad" and that the good outweighed the bad
Comoros: Windows Plunges to Record Low of About 6% in Country of a Million People (in 2010 Windows Was 100%)
Many of these people earn a few dollars a day; they don't care for Microsoft's "Hey Hi PC" hype
Africa as an Important Reminder That Eradicating Microsoft Doesn't Go Far Enough
Ideally, if our top goal is bigger than "get rid of Microsoft", we need to teach people to choose and use devices that obey them, not GAFAM
Billions of Computers Run Linux and Many Use Debian (or a Derivative of It)
many devices never get updated or even communicate with the Net, so exhaustive tallies are infeasible
The Mail (MX) Server Survey for July 2024 Shows Microsoft Collapsing to Only 689 Servers or 0.17% of the Whole (It Used to be About 25%)
Microsoft became so insignificant and the most astounding thing is how the media deliberate ignores it or refuses to cover it
[Meme] Microsoft is Firing
Don't worry, Microsoft will have some new vapourware coming soon
More DEI (or Similar) Layoffs on the Way, According to Microsoft Team Leader
What happened shortly before Independence Day wasn't the end of it, apparently
Windows Down From 98.5% to 22.9% in Hungary
Android is up because more people buy smaller mobile devices than laptops
Microsoft Windows in Algeria: From 100% to Less Than 15%
Notice that not too long ago Windows was measured at 100%. Now? Not even 15%.
[Meme] Many Volunteers Now Realise the "Open" in "OpenSUSE" or "openSUSE" Was Labour-Mining
Back to coding, packaging and testing, slaves
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, July 16, 2024
IRC logs for Tuesday, July 16, 2024
Microsoft Windows "Market Share" in New Zealand Plunges to 25%
Android rising
[Meme] Ein Factory
A choice between "masters" (or "master race") is a false choice that results in mass exploitation and ultimately eradication (when there's little left to exploit)
Links 17/07/2024: Open Source Initiative Lies and Dark Net Thoughts
Links for the day
SUSE Goes Aryan: You May Not Use the Germanic Brand Anymore (It's Monopolised by the Corporation)
Worse than grammar Nazis
Media Distorting Truth to Promote Ignorance
online media is rapidly collapsing
Gratis But Not Free as in Freedom: How Let's Encrypt is Dying in Geminispace
Let's Encrypt is somewhat of a dying breed where the misguided CA model is shunned