Bonum Certa Men Certa

Links 8/4/2021: GnuPG 2.3.0, Xen 4.15, Xfdashboard 0.9.2



  • GNU/Linux

    • Desktop/Laptop

      • 10 Reasons Why You Should Switch From Windows To Linux

        Raise your hand if you have been experiencing countless Windows updates, virus attacks, malware, ransomware, being limited with everything, or just looking for some good options aside from Windows or Apple? If you’re out there looking for some answers, worry no more.

      • System76 Spotlight with Adam Balla

        When my roommate introduced me to Slackware in 1999, he was working as a Linux system admin and he really got me interested in Linux. I was going to the Art Institute of Houston at the time for a Multimedia Design degree, and the thought that you could create your own desktop operating system really appealed to me. I didn’t need to stare at the same old tacky operating system I’d used for years.

        I found myself, like many nerds of the era, at a Micro Center in the early 2000s rummaging through the discount software bins, trying to snag up multi-CD Linux distributions. This journey exposed me to several of today’s most popular Linux distros. One of those was SUSE Linux 5.3, of which I still keep the tattered book on a bookshelf as a reminder. I did however finally find my place in the world of Debian, which is where I essentially live today. Honestly not much has really changed other than using Pop!_OS as my main distribution—though like any Linux diehard, I still love to download, test, and sometimes install all the Linux.

    • Server

    • Audiocasts/Shows

      • Ubuntu Podcast S14E05 – Newspaper Scoop Carrots

        This week we’ve been spring cleaning and being silly on Twitter. We round up the news from the Ubuntu community and discuss our favourite stories from the tech news.

        It’s Season 14 Episode 05 of the Ubuntu Podcast! Alan Pope, Mark Johnson and Martin Wimpress are connected and speaking to your brain.

      • BSDNow 397: Fresh BSD 2021

        Customizing the FreeBSD Kernel, OpenBSD/loongson on the Lemote Fuloong, how ZFS on 397: Fresh BSD 2021 Linux brings up pools and filesystems at boot under systemd, LLDB: FreeBSD Legacy Process Plugin Removed, FreshBSD 2021, gmid, Danschmid’s Poudriere Guide in english, and more

      • The Linux Link Tech Show Episode 901

        github actions, 3d printing woes, mesh networking, cooking

    • Kernel Space

      • Patching until the COWs come home (part 2)

        Part 1 of this series described the copy-on-write (COW) mechanism used to avoid unnecessary copying of pages in memory, then went into the details of a bug in that mechanism that could result in the disclosure of sensitive data. A patch written by Linus Torvalds and merged for the 5.8 kernel appeared to fix that problem without unfortunate side effects elsewhere in the system. But COW is a complicated beast and surprises are not uncommon; this particular story was nowhere near as close to an end as had been thought.

        Torvalds's expectations quickly turned out to be overly optimistic. In August 2020, a bug was reported by Peter Xu; it affected userfaultfd(), which is a subsystem for handling page faults in a user-space process. This mechanism allows the handling process to (among other things) write-protect ranges of memory and be notified of attempts to write to that range. One use case for this feature is to prevent pages from being modified while the monitoring process writes their contents to secondary storage. That write can, however, result in a read-only get_user_pages() (GUP) call on the write-protected pages, which should be fine. Remember, though, that Torvalds's fix worked by changing read-only get_user_pages() calls to look like calls for write access; this was done to force the breaking of COW references on the pages in question. In the userfaultfd() case, that generates an unexpected write fault in the monitoring process, with the result that this process hangs.

        The initial version of Xu's fix went in the direction of more fine-grained rules for breaking COW by GUP, as had been anticipated in the original fix, and added some userfaultfd()-specific handling. But during the discussion, Torvalds instead proposed a completely different approach, which resulted in another patch set from Xu. These patches essentially revert Torvalds's change and abandon the approach of always breaking COW for GUP calls. Instead, do_wp_page(), which handles write faults to a write-protected page, is modified by commit 09854ba94c6a ("mm: do_wp_page() simplification") to more strictly check if the page is shared by multiple processes.

      • Lockless patterns: some final topics

        So far, this series has covered five common lockless patterns in the Linux kernel; those are probably the five that you will most likely encounter when working on Linux. Throughout this series, some details have been left out and some simplifications were made in the name of clarity. In this final installment, I will sort out some of these loose ends and try to answer what is arguably the most important question of all: when should you use the lockless patterns that have been described here?

        [...] ions are. In these cases, applying lockless techniques to the fast path can be valuable.

        For example, you could give each thread a queue of requests from other threads and manage them through single-consumer linked lists. Perhaps you can trigger the processing of requests using the cross-thread notification pattern from the article on full memory barriers. However, these techniques only make sense because the design of the whole system supports them. In other words, in a system that is designed to avoid scalability bottlenecks, common sub-problems tend to arise and can often be solved efficiently using the patterns that were presented here.

        When seeking to improve the scalability of a system with lockless techniques, it is also important to distinguish between lock-free and wait-free algorithms. Lock-free algorithms guarantee that the system as a whole will progress, but do not guarantee that each thread will progress; lock-free algorithms are rarely fair, and if the number of operations per second exceeds a certain threshold, some threads might end up failing so often that the result is a livelock. Wait-free algorithms additionally ensure per-thread progress. Usually this comes with a significant price in terms of complexity, though not always; for example message passing and cross-thread notification are both wait-free.

        Looking at the Linux llist primitives, llist_add() is lock-free; on the consumer side, llist_del_first() is lock-free, while llist_del_all() is wait-free. Therefore, llist may not be a good choice if many producers are expected to contend on calls to llist_add(); and using llist_del_all() is likely better than llist_del_first() unless constant-time consumption is an absolute requirement. For some architectures, the instruction set does not allow read-modify-write operations to be written as wait-free code; if that is the case, llist_del_all() will only be lock-free (but still preferable, because it lets the consumer perform fewer accesses to the shared data structure).

        In any case, the definitive way to check the performance characteristics of your code is to benchmark it. Intuition and knowledge of some well-known patterns can guide you in both the design and the implementation phase, but be ready to be proven wrong by the numbers.

      • GDB and io_uring

        A problem reported when attaching GDB to programs that use io_uring has led to a flurry of potential solutions, and one that was merged into Linux 5.12-rc5. The problem stemmed from a change made in the 5.12 merge window to how the threads used by io_uring were created, such that they became associated with the process using io_uring. Those "I/O threads" were treated specially in the kernel, but that led to the problem with GDB (and likely other ptrace()-using programs). The solution is to treat them like other threads because it turned out that trying to make them special caused more problems than it solved.

        Stefan Metzmacher reported the problem to the io-uring mailing list on March 20. He tried to attach GDB to the process of a program using io_uring, but the debugger went "into an endless loop because it can't attach to the io_threads". PF_IO_WORKER threads are used by io_uring for operations that might block; he followed up the bug report with two patch sets that would hide these threads in various ways. The idea behind hiding them is that if GDB cannot see the threads, it will not attempt to attach to them. Prior to 5.12, the threads existed but were not associated with the io_uring-using process, so GDB would not see them.

        It is, of course, less than desirable for developers to be unable to run a debugger on code that uses io_uring, especially since io_uring support in their application is likely to be relatively new, thus it may need more in the way of debugging. The maintainer of the io_uring subsystem, Jens Axboe, quickly stepped in to help Metzmacher solve the problem. Axboe posted a patch set that included a way to hide the PF_IO_WORKER threads, along with some tweaks to the signal handling for these threads; in particular, he removed the ability for them to receive signals at all.

      • AMD Finally Flipping On ASPM For Navi 1x To Lower Power Consumption - Phoronix

        AMD engineers have a patch pending to improve the idle power consumption for Radeon RX 5000 "Navi 1x" GPUs on Linux.

        While the Radeon RX 6000 "Navi 2x" hardware already can enjoy Active State Power Management (ASPM) on Linux, the AMDGPU kernel driver up to now hasn't enabled ASPM for Navi 1x graphics processors. That though looks to be changing with a pending patch that would allow these original Navi GPUs to enjoy this important PCIe power-savings feature.

      • Reiser4 Ported Early To The Linux 5.12 Kernel - Phoronix

        Normally we don't see the out-of-tree Reiser4 file-system ported to new Linux kernel releases until after the inaugural stable release, but this time around Reiser4 has seen an early port to the near-final Linux 5.12 kernel.

        Reiser4 didn't end up seeing a proper patch release to Linux 5.11 but now to succeed its Linux 5.10 port the code is now re-based against the current Linux 5.12 Git state.

      • BleedingTooth: Google drops full details of zero-click Linux Bluetooth bug chain leading to RCE

        A security researcher at Google has disclosed long-awaited details of zero-click vulnerabilities in the Linux Bluetooth subsystem that allow nearby, unauthenticated attackers “to execute arbitrary code with kernel privileges on vulnerable devices”.

        Dubbed ‘BleedingTooth’, the trio of security flaws were found in BlueZ, the open source, official Linux Bluetooth protocol stack found on Linux-based laptops and IoT devices.

      • Torvalds’ Bug Warning is a Lesson for Linux Users



        Linux does, occasionally, raise security concerns. While many users see it as the most secure, robust and versatile operating system available — that’s this writer’s opinion, as well — security precautions still have to be taken.

        A recent, widely publicized case illustrated this point; Linux creator himself, Linus Torvalds, warned against the use of the Linux 5.12 release. He described a “nasty bug,” and wrote that the situation is a “mess,” due to the use of swap files when adding Linux updates. This nasty bug, in fact, had the potential to destroy entire root directories.

        Some of the main takeaways following this “mess” include: tread very carefully when installing early Linux releases, especially those that involve swapping files instead of partitions, and especially, despite Linux’s well-known security advantages, avoid becoming complacent, because Linux security is not always foolproof.

      • Xen Project ships version 4.15 with Focus on Broader Accessibility, Performance, and Security

        The Xen Project, an open source hypervisor hosted at the Linux Foundation, today announced the release of Xen Project Hypervisor 4.15, which introduces a variety of features allowing for improved performance, security and device pass-through reliability. The Xen Project community continues to be active and engaged, with a wide range of developers from many companies and organizations contributing to this latest release. Additionally, community-wide initiatives, including Functional Safety, VirtIO for Xen and Xen RISC-V port, continue to make valuable progress.

      • Xen Project Hypervisor 4.15 now Available
      • Xen 4.15 Hypervisor Brings Live Updates To Xenstored

        Out today is version 4.15 of the open-source Xen hypervisor. The focus of Xen 4.15 is on "broader accessibility, performance and security" with a number of noteworthy additions.

        Among the work in store for the Xen 4.15 hypervisor is Arm support for device models in Dom0 as a tech preview, support for exporting Intel Processor Trace Data into tools within Dom0, Viridian enlightnements for guests with more than 64 vCPUs, Xenstored/Oxenstored now supports the "LiveUpdate" tech preview for deploying security fixes without restarting the host, a PV Shim mode for legacy PV guests on HVM-only systems, and support for unified boot images. With unified boot images, it's now possible to boot with a single EFI binary rather than going through GRUB multi-boot.

    • Applications

      • XScreenSaver 6.0 Released With Increased Security, Better EGL & GLSL/GLES 3.0 Support

        XScreenSaver as the open-source screensaver solution for Linux as well as macOS systems this last week reached version 6.0. With XScreenSaver 6.0 comes increased security and other enhancements.

        Jamie Zawinski announced XScreenSaver 6.0 back on 1 April, which turned out not to be an April Fools' prank. The greater XScreenSaver security comes by a major refactoring to the XScreenSaver daemon, and splitting up the code into separate xscreensaver / xscreensaver-gfx / xscreensaver-auth components.

      • Best Free and Open Source Software – March 2021 Updates

        For our entire collection, check out the categories below. This is the largest compilation of recommended software. The collection includes hundreds of articles, with comprehensive sections on internet, graphics, games, programming, science, office, utilities, and more. Almost all of the software is free and open source.

      • Myxer – A Modern GTK Volume Mixer for PulseAudio

        Myxer is a modern new volume mixer application for the PulseAudio sound server. It’s a lightweight and powerful replacement for your system Volume Mixer written in Rust with GTK toolkit.

        Myxer can manage audio devices, streams, and even card profiles. And it offers option to show individual audio channels.

      • Protect external storage with this Linux encryption system | Opensource.com

        Many people consider hard drives secure because they physically own them. It's difficult to read the data on a hard drive that you don't have, and many people think that protecting their computer with a passphrase makes the data on the drive unreadable.

        This isn't always the case, partly because, in some cases, a passphrase serves only to unlock a user session. In other words, you can power on a computer, but because you don't have its passphrase, you can't get to the desktop, and so you have no way to open files to look at them.

        The problem, as many a computer technician understands, is that hard drives can be extracted from computers, and some drives are already external by design (USB thumb drives, for instance), so they can be attached to any computer for full access to the data on them. You don't have to physically separate a drive from its computer host for this trick to work, either. Computers can be booted from a portable boot drive, which separates a drive from its host operating system and turns it into, virtually, an external drive available for reading. The answer is to place the data on a drive into a digital vault that can't be opened without information that only you have access to.

        Linux Unified Key Setup (LUKS) is a disk-encryption system. It provides a generic key store (and associated metadata and recovery aids) in a dedicated area on a disk with the ability to use multiple passphrases (or key files) to unlock a stored key. It's designed to be flexible and can even store metadata externally so that it can be integrated with other tools. The result is full-drive encryption, so you can store all of your data confident that it's safe—even if your drive is separated, either physically or through software, from your computer.

      • Repo Review: MiniTube

        Minitube is a desktop YouTube client designed with privacy in mind, and with the intention of providing a more TV-like experience to YouTube, instead of simply duplicating the regular web interface. No Google account is required for adding subscriptions, and no ads will play when watching videos. Minitube has a well designed interface, making it very easy to watch videos without a lot of distractions.

        The main screen you're presented with when opening Minitube is the Search page. Below the search box, you can see the previous keywords you've searched for, and the channels that you have recently visited. From here you can also set the maximum video resolution, enable Restricted Mode to block videos containing inappropriate content, and set videos to only start playing manually, rather than automatically.

      • Xfdashboard 0.9.2 Is Released

        xfdashboard is a nice switcher and launcher primarily for the Xfce desktop environment. It looks a bit similar to the GNOME and macOS launchers. The latest release supports linear gradient, the algorithm for detecting what programs are running in open windows is improved and a bug that would cause xfdashboard to immediately crash in some cases, introduced in xfdashboard 0.9.1, is fixed.

      • The Apache Software Foundation Announces Apache€® DolphinSchedulerâ„¢ as a Top-Level Project

        The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today Apache€® DolphinSchedulerâ„¢ as a Top-Level Project (TLP).

        Apache DolphinScheduler is a distributed, extensible visual Big Data workflow scheduler system. The project was first created at Analysys in December 2017, and entered the Apache Incubator in August 2019.

        "We learned a lot about becoming a strong Open Source project during our time in the Apache Incubator," said Lidong Dai, Vice President of Apache DolphinScheduler. "Our incubation mentors helped guide us with developing our project and community the Apache Way. We are pleased to have graduated as an Apache Top-Level Project."

    • Instructionals/Technical

      • How To Install Pritunl VPN Server on Ubuntu 20.04 LTS

        In this tutorial, we will show you how to install Pritunl VPN Server on Ubuntu 20.04 LTS. For those of you who didn’t know, the Pritunl VPN server is a free, open-source enterprise VPN server that anyone can use to set up a secure VPN tunnel across networks. It provides a simple and user-friendly web interface and has the ability to create a wide range of cloud VPN networks. It provides an official client package and supports all OpenVPN clients for most devices and platforms.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Pritunl VPN Server on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

      • Ravgeet Dhillon: Deploy Strapi on VPS with Ubuntu, MySQL



        So you have built your Strapi project and the next thing you need to do is to deploy it on a production server. In this blog, we will learn about how to set up a Virtual Private Server(VPS) and then deploy our Strapi application.

      • How to use FreeRADIUS for SSH authentication

        You might have a large number of Linux machines in your data center, most of which are managed by a team of admins. Those admins probably use secure shell to access those servers. Because of that, you might want to use a centralized location to manage the authentication of those admins. For that, you can employ a FreeRADIUS server.

        FreeRADIUS is a tool for authentication that is used by over 100 million people daily. This tool includes support for more authentication protocols than any other open source service.

        I'm going to show you how to use FreeRADIUS for the authentication of SSH over your LAN.

      • How to deploy your own Docker registry to ease your cloud-native development

        If you're a cloud-native developer, you know how important a Docker registry can be. Without a registry, you'd have no place to store the images you'll use for Docker or Kubernetes deployment.

      • Install Flameshot Screenshot Tool in Ubuntu 20.04

        Flameshot is an open-source screenshot and annotation tool designed for Linux, macOS, and Windows systems. The best thing about this screenshot tool is that it operates with both the graphical user interface as well as the command-line interface. It is a very easy-to-use screenshot tool that provides the users with a high level of flexibility and customization. In today’s article, we will be installing Flameshot on a Ubuntu 20.04 system.

      • What is Shebang and How to Use this Character Sequence in Linux

        One of the best features of Linux is that you can easily create scripts that are designed to automate and simplify tasks. This can help when processing large groups of files, like log files if you’re a Systems Administrator or CSV and TXT files if you’re doing some kind of research. However, there’s one very specific set of characters that you have to understand to get scripting – the Shebang or #!. We answer all your questions about the Shebang in this tutorial, a guide on how to use this character set in Linux.

        [...]

        The Shebang, or #!, is a character set used to direct your system on which interpreter to use. If you’re not familiar with what an interpreter is, it’s basically the program that reads the commands you enter into the terminal on your Linux system. You probably know it as Bash, but you also could use Fsh, Zsh, or Ksh.

        This is a binary program that reads the commands you put into it, like ls or xargs, and figures out what to do with them. The full path is usually /bin/bash or something like that. Check out our guide on the Linux virtual directory structure if you’re confused what that means.

      • How To Install Telegram In Ubuntu

        In this video tutorial we are going to install telegram on ubuntu linux. Telegram delivers messages faster than any other application. Powerful. Telegram has no limits on the size of your media and chats.

      • How to Customize Crostini Linux Terminal on a Chromebook

        If you use Crostini on a Chromebook in order to work on Linux, you might wonder how to change the terminal settings such as the fonts, colors, or even terminal behavior.

        Here in this article, we will discuss in brief customizing the Linux terminal on a Crostini Linux installation.

      • How to Install Nessus on Kali Linux Complete Guide for Beginners

        We are studying of Penetration Testing Tutorial This article will cover how to download, install, activate, and access the web interface of Nessus on Kali Linux.

        This post is origin How to Install Nessus on Kali Linux Move forward and start your tutorial. In a previous post you have completed Nessus Vulnerability Scanner Tutorial If you did not read it, please read now.

      • How to get your submicron wallpapers back and install the new mirrorlist for pacman.conf | ArcoLinux

        You can still install the old wallpapers from Submicron. The repository still exists.

        It is just not in the /etc/pacman.conf anymore for one obvious reason. Everyone has their own set of wallpapers.

        You will need to change your /etc/pacman.conf if you want to install them via pacman.

      • How to Fix WordPress Error Missing MySQL Extension Problem

        If you have received the “Your PHP installation appears to be missing the MySQL extension which Is required by WordPress” error, then this tutorial will be able to help you fix that. This error is triggered when the PHP code in your site is not compatible with the version of PHP your WordPress site is currently using.

        More specifically, this problem is related to the outdated MySQL extension which was removed as of PHP 7.0. In this tutorial, we will help you fix the problem with the PHP missing MySQL extension error, and help you complete the WordPress installation successfully.

      • MySQL SHOW USERS: List All Users in a MySQL Database

        A common question that most beginner MySQL users ask is “How do I see all of the users in my MySQL server?” Most of them assume that there is a show users command in MySQL, but there isn’t one. This is a common mistake because there are other MySQL commands for displaying information about the database. For example, SHOW DATABASES will show us all of the databases that are present in our MySQL Server, and SHOW TABLES will show us all the tables in the MySQL database that you have selected.

        It’s not unusual for people to assume that there should be a SHOW USERS command in MySQL. Even though there isn’t a specific command for it, there are several ways to actually see the list of users and even filter them to see exactly what you need. This can all be done with the MySQL command line tool – let’s get started.

        Once you are logged in to your Linux server, execute the following command to log in to the MySQL command line interface.

      • Head And Tail Commands In Linux Explained With Examples

        Getting a portion of text from input files in Linux is a common operation. However, sometimes, we are interested in viewing only a few lines of a file. Linux provides us the head and tail commands to print only the lines in which we are interested in.

        Linux head and tail commands are very similar. They are by default, installed in all Linux distributions. Let’s first understand what they are and what they are used for.

      • 5 commands to level-up your Git game | Opensource.com

        If you use Git regularly, you might be aware that it has several reputations. It's probably the most popular version-control solution and is used by some of the biggest software projects around to keep track of changes to files. It provides a robust interface to review and incorporate experimental changes into existing documents. It's well-known for its flexibility, thanks to Git hooks. And partly because of its great power, it has earned its reputation for being complex.

        You don't have to use all of Git's many features, but if you're looking to delve deeper into Git's subcommands, here are some that you might find useful.

      • How to Host a Website on NGINX Web Server

        NGINX (pronounced as Engine-X) is a free and open-source web server software, load balancer, and reverse proxy optimized for very high performance and stability. NGINX offers low memory usage and high concurrency — which is why it is the preferred web server for powering high-traffic websites.

      • Exploring the new Podman secret command | Enable Sysadmin

        Use the new podman secret command to secure sensitive data when working with containers.

      • Comparing SSH Keys - RSA, DSA, ECDSA, or EdDSA?

        What makes asymmetric encryption powerful is that a private key can be used to derive a paired public key, but not the other way around. This principle is core to public-key authentication. If Alice had used a weak encryption algorithm that could be brute-forced by today’s processing capabilities, a third party could derive Alice’s private key using her public key. Protecting against a threat like this requires careful selection of the right algorithm.

        There are three classes of these algorithms commonly used for asymmetric encryption: RSA, DSA, and elliptic curve based algorithms. To properly evaluate the strength and integrity of each algorithm, it is necessary to understand the mathematics that constitutes the core of each algorithm.

      • How To Install TensorFlow Machine Learning System on Ubuntu Linux

        In advanced mathematics, the word Tensor is a multi-dimensional array, and flow is the operations graph. The TensorFlow machine learning system is an open-source library function tool for machine learning. It is used to create models using data, create graphs with nodes, edges, and multi-dimensional arrays. You can install the TensorFlow machine learning system on Ubuntu without any special hardware. Integrated functions are also available to use Tensorflow with the Anaconda Navigator or Jupyter notebook on a Linux system.

      • Inkscape Tutorial: Chrome Text

        I saw this tutorial a few months ago and thought it was nice. When you get finished, your text should look like polished chrome.

        First, open Inkscape and select a font. My example uses "God of War" stretched to 144 points. The original tutorial used Impact. This probably works better on a thicker, poster-type font, rather than a thin, handwriting-type font, but try whatever you want!

        The original tutorial put each text clone on a separate layer. Layer 1 will be the basic text. After you get it written, select your basic text and choose Path > Linked Offset from the path menu (the paths tool will have to be on). This will create a 'cloned' offset attached to your basic text. Inkscape will locate the clone below the basic shape. After selecting the clone, fill it with pure white and raise it to the top of the stack. I gave it a hairline black stroke, too, but you do what you want. Cut this object and paste it into a new Layer 2 above Layer 1. Create a three dimensional effect by slightly shifting the white object up and to the left.

      • FTP With Double Commander: How-To

        Despite its spartan, old-school GUI, the program is fast and sophisticated. It incorporates a powerful search tool (Alt+F7). It can perform complex tasks, such as copying files from directories which have a certain extension or file size, or have a certain text pattern in them. Double Commander is also highly customizable. Most functions have a keyboard shortcut to increase efficiency and allow you to configure DC the way it suits you best.

        Below is a tutorial on configuring Double Commander for FTP use. In all of the screenshots, I opted to have the FTP activity take place in the left-hand panel.

      • Analog Video Archive Project

        Today, modern DSLR cameras shoot video content as easily as they shoot stills. Video data can be loaded directly into an editor like Kdenlive, or Openshot for final preparation of rendering and viewing. However, not so long ago, shooting video meant also using the available media of the day. Back then, that meant plastic magnetic analog tape. At first for consumers, it came in large VHS cassettes, and then later in smaller forms VHS-C and then 8mm. By the time 8mm was popular, here came Digital Video over the horizon.

        Most people shoot and record memories on still cameras and video cameras. This process has a habit of getting out of control very quickly. In a few short years, folks are left with more than a few issues about how to easily display and save their precious memories for future generations to enjoy.

        Let's first look at the display options. In the past, pictures and photos were either framed and hung up, or they languished in a shoebox until future generations showed an interest in them. Depending on how much effort they want to put into the project, they save some in an album, and either toss the remainder or return them to the shoebox for more time travelling.

        Today, with computers, there's many more ways to display and use still images. With video memories, we have the option to connect the camera to the TV for viewing, or maybe saving the data to a networked drive for later streaming, or up to social media.

        [...]

        So there I was, believing I was ready to get started capturing memories from the tapes. After doing some research about what software to use, and trying some testing to determine which was best to depend on, I opted for a Linux command line program by the name dvgrab. It's a small application that does what it was designed to do, very well. Dvgrab is in the PCLinuxOS repo and has a powerful set of options to use with the basic command.

      • What is the best file format for web shortcuts

        Links primarily exist on the web, but they can also exist as files in your local file system. There are several formats for storing links as files that open in your web browser. Here’s a quick comparison of the available formats, and a recommendation for which to use for your link files.

        Link files — not to be confused with file system links (“symlinks”) — are plain-text files in a structured format that compatible programs can open. The user profile folder in Windows comes with two default folders for storing such links — Links and Favorites — but they’re just regular files that can be stored anywhere on your file system.

        The different operating systems call these different things; including Internet Shortcuts, Web Location files, and Web Link files. Windows has its .url files; macOS has its .webloc, .webbookmark, and .webhistory files; and Linux has .desktop files. They’re essentially the same thing.

    • Games

      • Tyrant's Blessing will offer up slick tactical battles inspired by Into the Breach

        Into the Breach is a fantastic game that really hits the mark for turn-based strategy fans and now Mercury Game Studio are doing their own take on that style with Tyrant's Blessing.

        Set on a fantasy island of Tyberia, the focus of the game is the tactical combat with you being able to choose from a roster of unique heroes to fight against some sort of undead army. You will need to use the environment to your advantage while you work out enemy weaknesses and eventually take down the enemy Tyrant.

      • 2D first-person point-and-click adventure The Wild Case is out now | GamingOnLinux

        2D and yet first-person? Imagine playing a hidden object game but it's a point and click adventure, that's sort of what you get with the new release of The Wild Case. Developed by a small indie outfit from Ukraine, Specialbit Studio, the same team behind Angelo and Deemon: One Hell of a Quest.

        In The Wild Case you follow the adventures of a sort of paranormal detective, on a journey to a remote village deep in the forest, where strange creatures with glowing eyes terrorize the inhabitants. Sounds pretty spooky overall and it does have some pretty great artwork.

      • Upcoming cyberpunk point and click Invasive Recall has an awesome vibe to it

        Another high quality point and click adventure has been announced with Invasive Recall, a cyberpunk game set in the not-so-distant future where there's a device that can scan and interpret thoughts of the human mind. Sadly though, it appears this device completely screws with peoples minds and so they become completely demented or insane - sounds pretty rough.

        [...]

        The full game is due out in 2022, with Linux support confirmed nice and clearly.

      • Game Zone: Streets Of Rage 4: Finally On PCLinuxOS!

        Nostalgia... Ahhh, nostalgia. The whole world looks different with nostalgia glasses. Let's intoxicate ourselves with nostalgia now. Ladies and gentlemen, finally, Streets of Rage 4, review, from the version sold on GOG, running natively on PCLinuxOS!

        Streets of Rage 4, a game that took (too) long to come out...

        Twenty-five years. This is how long it has been since Streets of Rage 3 (Bare Knuckle 3 in Japan) was released for the MegaDrive. The saga developed its three main chapters in a very short period of time, from 1991 to 1994. From then on, nothing was done, except for the conversions that were made for other systems. Fans of the franchise received a pleasant surprise in August 2018, when DotEmu, a studio specialized in retro titles, officially announced that it was working on a new chapter, Streets of Rage 4.

      • Classic Zelda-styled multiplayer brawler Steelbreakers is out now and free

        Out for your next local multiplayer experience? Steelbreakers takes the style of classic Zelda games and turns it into an arena-styled brawler with different maps and modes. Covered by us last Summer when it had a demo up, the development on it continued and a 1.0 release is out now.

        An extremely charming and polished little brawler and one that's a lot of fun if you manage to get someone to play with. One that shouldn't need much of an introduction. It's a 2D fighting game where you pick your map, mode, character and weapons and then go head-to-head to see who is the best. It looks absolutely fantastic and really brings back the feel of some classics with nice little modern touches.

      • Arcade Spirits: The New Challengers announced as a follow-up to 2019's Arcade Spirits | GamingOnLinux

        Ready for a little romance and some classic arcade gaming? Well, Fiction Factory Games and PQube Limited recently announced Arcade Spirits: The New Challengers as a follow-up to the 2019 title Arcade Spirits.

        In the previous game you worked in an arcade while trying to find friendship and romance but this time around, you're playing in an arcade so it's all been flipped around. Not only is it giving a different perspective but you will also be able to import decisions made from the original game to shape the world. It's a standalone game though and can be played entirely by itself.

        [...]

        The developer continues using the great open source Ren'Py, so it should all work nicely on Linux. The full game is due out sometime in early 2022.

      • Fast-paced futuristic Wipeout-like racer Metric Racer adds Linux support

        If you need a new fast-pacing racing fix, check out the promising looking Early Access game Metric Racer which has recently added Linux support on Steam. A game that looks a lot like Wipeout and BallisticNG, it's nice to see more developers attempt such a racer as there's not all that many.

        Metric Racer offers up a highly stylized version with a fancy cartoon-like visual style for the ships, along with plenty of customization options to really make it your own. There's also a full level editor so you can let out your creative side with Steam Workshop support.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • KDE Is Now Offering A Qt 5.15 LTS Branch Patch-set For The Free Software Community

          The Qt Company, the corporation behind the Qt toolkit used by the KDE desktop environment and numerous other free software projects, has been restricting updates to Qt Long Term Support (LTS) releases to paying customers since January 2020. KDE e.V. has announced that they will be maintaining their own Qt 5 "patch collection" for free software users and projects using the Qt 5.15 LTS release.

          [...]

          Qt 6.0 was released in December 2020 and the last Qt 5 version, Qt 5.15, is now a in practice unsupported Qt version.

          Free free software users were faced with two choices when Qt 5 became a LTS release: They could either run a potentially insecure Qt 5.15 version without the latest security patches, or switch to the latest Qt 6 branch. The latter is not a realistic alternative if you are using a piece of software meant to be built against Qt 5 since there are significant differences between Qt 5 and Qt 6. You can port Qt 5 software to Qt 6, but you can't just replace Qt 5 with Qt 6 and expect that to work without a hassle.

          The KDE e.V. foundation, in partnership with the now very profitable Qt Company, is now offering free software users a third option: A Qt5PatchCollection repository for Qt 5.15 with fixes for security issues, crashes and "functional defects".

      • GNOME Desktop/GTK

        • Floating Dock Is the Perfect Dock for the GNOME 40 Desktop

          Floating Dock is not a new extension for the GNOME desktop, but it was recently updated by its creator to work on the latest GNOME 40 desktop environment, allowing you to have an always visible (or hidden) dock on your screen for launching apps.

          As you may be aware, the GNOME 40 desktop environment comes with a major redesign of the Activities Overview that also moves the dock from left side of the screen to the bottom. For me, that makes navigating much easier, but I have to admit that I miss having an always-on dock.

        • New GNOME Designs Explore a ‘Bottom Bar’ Layout for GNOME Shell

          For the past 10 years GNOME shell has been based around a single panel stripped across the top of user’s screens — but is this fundamental feature about to change?

          Well, to quell whatever dim intrigue I just stirred: no, it’s not. However, GNOME designer Tobias Bernard, a key architect of the well-received GNOME 40 release, is playing around with a concept in which —get this— GNOME’s famous top bar is moved to the bottom of the screen.

          Kind of crazy, huh? It’d be the most major ‘major’ design change made to GNOME Shell since it debuted. After all, the top bar is an anchor in the GNOME Shell experience. It’s where the status menu, notification center, clock/calendar applet, app menu, and oh-so-important Activities button all sit.

        • 10 Awesome gedit Text Editor Features to Make You More Productive

          Here's a list of the top 10 cool gedit features which you probably not aware of, until now. Take a look.

    • Distributions

      • 5 Exciting Linux Distro Updates to Look Forward to in 2021

        We're four months into 2021 and a lot of major Linux distribution updates are right around the corner after constant development over the past few months.

        These updates are expected to bring an assortment of new features, performance improvements, and better hardware support alongside the latest Linux kernel.

        Here are some of the most exciting Linux distribution updates to look forward to this year.

      • Reviews

        • Hands-On with Kali Linux on the Raspberry Pi 4: A Match Made in Heaven

          think everyone knows Kali Linux these days, so let’s get straight on with the review, shall we? Kali Linux supports a wide-range of ARM (32-bit and 64-bit) devices, among which the popular Raspberry Pi family of single-board computers (SBCs).

          For Raspberry Pi 4 devices, Kali Linux is available in two variants, a 32-bit image and a 64-bit image. For this review, I’ve downloaded the 64-bit (AArch64/ARM64) image due to the obvious reason that the 64-bit processor in Raspberry Pi 4 performs best with 64-bit software, and my model has 8GB of RAM.

      • BSD

        • [Older] WireGuard Is Coming To Your pfSense Router

          Even after a herculean amount of effort by Wireguard’s founder, Jason Donenfeld and developers Kyle Evans and Matt Dunwoodie, WireGuard will not be included in the upcoming release of FreeBSD 13.0. This will also mean that Netgate’s announcement of the inclusion of WireGuard in the next release of pfSense was premature, as that router OS is based off of FreeBSD. All three developers did their best to polish the existing code and bring it up to their high standards but unfortunately there was simply not enough time.

          If you haven’t run into WireGuard before, it is an open source VPN similar to OpenVPN or closed source ones, with a bit of a difference. The developers of WireGuard take their coding very seriously, while OpenVPN consists of 400,000 lines of code added to the kernel, WireGuard is a mere 4000. This makes it significantly faster and more robust than OpenVPN or other VPN programs, but is also why the release is delayed. Until the crew can reduce the current footprint of WireGuard they are not comfortable adding it.

      • PCLinuxOS/Mageia/Mandriva/OpenMandriva Family

      • SUSE/OpenSUSE

      • IBM/Red Hat/Fedora

        • Fedora 35 Looking To Make Use Of Debuginfod By Default

          Red Hat engineers spearheaded the work on Debuginfod for being able to fetch debuginfo/sources from centralized servers for a project to cut-down on manually having to install the relevant debug packages manually on a system as well as that occupying extra disk space and just being a hassle. The Fedora project is now getting their Debuginfod server off the ground and for Fedora Linux 35 are planning to make use of it by default.

          Debuginfod was plumbed last year into GNU Binutils and has seen support by the likes of the GNU debugger and other toolchain components. Debuginfod is quite nice for the reasons mentioned around transparently getting necessary debugging data and source code on-demand rather than dealing with the mess of debug packages.

        • Fedora Community Blog: Help wanted: program management team

          I’d love to spend time in different Fedora teams helping them with program management work, but there’s only so much of me to go around. Instead, I’m putting together a program management team. At a high level, the role of the program management team will be two-fold. The main job is to embed in other teams and provide support to them. A secondary role will be to back up some of my duties (like wrangling Changes) when I am out of the office. If you’re interested, fill out the When Is Good survey by 15 April, or read on for more information.

          [...]

          Fill out the When Is Good survey by 15 April to indicate your availability for a kickoff meeting. This will be a video meeting so that we can have a high-bandwidth conversation. I’m looking for four or five people to start, but if I get more interest, we’ll figure out how to scale. If you’re not sure if this is something you want to do, come to the meeting anyway. You can always decide to not participate.

        • sevctl available soon in Fedora 34

          sevctl is an administrative utility for managing the AMD Secure Encrypted Virtualization (SEV) platform, which is available on AMD’s EPYC processors.

        • Partner Experience at Red Hat Summit

          Each year at Red Hat Summit we look forward to showcasing unique partner stories and our joint successes in helping customers achieve open hybrid cloud innovation. This year, we are pleased to introduce the Partner Experience: an integrated, immersive experience for partners within the Red Hat Summit 2021 event. Partner Experience provides partner-centric messages and content throughout each part of Red Hat Summit for partners to expand their knowledge and understanding around Red Hat’s portfolio.

          Partner Experience is an opportunity for partners to access tailored content, share insights and hear directly from Red Hat leaders on key initiatives and updates. Here is an overview of the Partner Experience at Red Hat Summit and tips for navigating this year’s event.

      • Debian Family

        • Two developers in race for Debian project leader post

          Two of the three candidates who contested last year's election for the post of Debian project leader are set to fight it out again this year.

          Jonathan Carter won the election last year and is running for re-election, while Sruthi Chandran has opted to take another tilt at becoming the project's first female leader.

          Voting began on 4 April and will wind up on 17 April. The new term for the project leader will begin on 21 April.

          In her platform statement, Chandran said she was running because she was concerned about the skewed gender ratios within the free software community.

        • How To Install Brave Browser on Debian 10 - idroot

          In this tutorial, we will show you how to install Brave Browser on Debian 10. For those of you who didn’t know, Brave is adapted from the Chromium project and runs smoothly on Linux Distributions. Brave browser is a free and open-source browser. it’s Fast, speed, security, and privacy by blocking trackers and still based on chromium so you have all the extension and features you might be looking for.

          This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Brave browser on a Debian 10 (Buster).

        • Thorsten Alteholz: My Debian Activities in March 2021

          Things never turn out the way you expect, so this month I was only able to accept 38 packages and rejected none. Due to the freeze, the overall number of packages that got accepted was 88.

      • Canonical/Ubuntu Family

        • Time to get testing Ubuntu 21.04 ahead of release, plus Canonical loses another face

          We seem to have missed the actual Ubuntu Testing Week but a late reminder is better than none at all right? With Ubuntu 21.04 coming soon it's time to report the bugs.

          Now is a good time to get testing, as the Beta version is out now and a Release Candidate is due around April 15 so this is your chance to make one of the top Linux desktop distributions as good as possible for the 21.04 release due on April 22. According to Steam stats and our own stats, Ubuntu is in the top three most used for gaming.

          [...]

          Additionally, announced today, is that Alan Pope is set to leave Canonical. Pope has been a huge force in the Ubuntu community over the years and recently as a Developer Advocate, along with their work on Snap packages and much more. Good luck for the future popey! This follows on from Canonical losing Martin Wimpress, their previous desktop lead back in February.

        • How to make your first snap

          Snaps are a way to package your software so it is easy to install on Linux. If you’re a snap developer already or you’re a part of the Linux community, and you care about how software is deployed, and you’re well versed in how software is packaged, and are tuned into the discussions around packaging formats, then you know about snaps and this article isn’t for you. If you’re anyone who is not all of those things, welcome. Let me tell you how I packaged my first snap to make it easier for people to install on Linux.

        • Canonical announces full enterprise support for Kubernetes 1.21

          Canonical, the firm behind the Ubuntu operating system, has announced full enterprise support for Kubernetes 1.21. It said that support ranges from public cloud to edge and covers Charmed Kubernetes, MicroK8s, and kubeadm. According to Canonical, MicroK8s is suited for workstations, DevOps, edge and IoT, Charmed Kubernetes is aimed at multi-cloud clusters, and kubeadm is designed for manual operations.

          Notable changes in Kubernetes 1.21 include a memory manager which will improve the performance of some applications, new scheduler features, improvements to ReplicateSet downscaling, support for indexed jobs, and the deprecation of Pod Security Policy before its complete removal in Kubernetes 1.25.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Web Browsers

        • Mozilla

          • Reflections on One Year as the CEO of Mozilla

            If we want the internet to be different we can’t keep following the same roadmap.

            I am celebrating a one-year anniversary at Mozilla this week, which is funny in a way, since I have been part of Mozilla since before it had a name. Mozilla is in my DNA–and some of my DNA is in Mozilla. Twenty-two years ago I wrote the open-source software licenses that still enable our vision, and throughout my years here I’ve worn many hats. But one year ago I became CEO for the second time, and I have to say up front that being CEO this time around is the hardest role I’ve held here. And perhaps the most rewarding.

            On this anniversary, I want to open up about what it means to be the CEO of a mission-driven organization in 2021, with all the complications and potential that this era of the internet brings with it. Those of you who know me, know I am generally a private person. However, in a time of rapid change and tumult for our industry and the world, it feels right to share some of what this year has taught me.

          • Mozilla weighs in on political advertising for Commission consultation

            Later this year, the European Commission is set to propose new rules to govern political advertising. This is an important step towards increasing the resilience of European democracies, and to respond to the changes wrought by digital campaigning. As the Commission’s public consultation on the matter has come to a close, Mozilla stresses the important role of a healthy internet and reiterates its calls for systemic online advertising transparency globally.

            In recent years political campaigns have increasingly shifted to the digital realm – even more so during the pandemic. This allows campaigners to engage different constituencies in novel ways and enables them to campaign at all when canvassing in the streets is impossible due to public health reasons. However, it has also given rise to new risks. For instance, online political advertising can serve as an important and hidden vector for disinformation, defamation, voter suppression, and evading pushback from political opponents or fact checkers. The ways in which platforms’ design and practices facilitate this and the lack of transparency in this regard have therefore become subject to ever greater scrutiny. This reached a high point around the U.S. presidential elections last year, but it is important to continue to pay close attention to the issue as other countries go to the polls for major elections – in Europe and beyond.

            At Mozilla, we have been working to hold platforms more accountable, particularly with regard to advertising transparency and disinformation (see, for example, here, here, here, and here). Pushing for wide-ranging transparency is critical in this context: it enables communities to uncover and protect from harms that platforms alone cannot or fail to avert. We therefore welcome the Commission’s initiative to develop new rules to this end, which Member States can expand upon depending on the country-specific context. The EU Code of Practice on Disinformation, launched in 2019 and which Mozilla is a signatory of, was a first step in the right direction to improve the scrutiny of and transparency around online advertisements. In recent years, large online platforms have made significant improvements in this regard – but they still fall short in various ways. This is why we continue to advocate the mandatory disclosure of all online advertisements, as reflected in our recommendations for the Digital Services Act (DSA) and the European Democracy Action Plan.

          • This Week in Rust 385
      • FSF

        • GNU Projects

          • GnuPG 2.3 Released With New Experimental Key Database Daemon, TPM 2.0 Daemon

            Werner Koch announced the availability today of GnuPG 2.3 as the start of the (fairly stable, effectively production ready) test releases leading up to the GnuPG 2.4 stable update.

            GnuPG 2.3 introduces a new experimental key database where the keys are stored in an SQLite database and allow for much faster key look-ups. This experimental key database can be enabled with the "use-keyboxd" option.

            Also significant with GnuPG 2.3 is the new "tpm2d" daemon to allow physically binding keys to the local machine using Trusted Platform Module 2.0 (TPM2) hardware. This new GnuPG 2.3 functionality allows leveraging of TPM 2.0 hardware for protecting private keys as a nice security improvement that can be enjoyed with most modern systems.

          • GnuPG 2.3.0 released
            Hello!
            
            

            We are pleased to announce the availability of a new GnuPG release: version 2.3.0. This release marks the start of public testing releases eventually leading to a new stable version 2.4.

            Although some bugs might linger in the 2.3 versions, they are intended to replace the 2.2 series. 2.3 may even be used for production purposes if either the risk of minor regressions is acceptable or the new features are important.

            What is GnuPG =============

            The GNU Privacy Guard (GnuPG, GPG) is a complete and free implementation of the OpenPGP and S/MIME standards.

            GnuPG allows to encrypt and sign data and communication, features a versatile key management system as well as access modules for public key directories. GnuPG itself is a command line tool with features for easy integration with other applications. The separate library GPGME provides a uniform API to use the GnuPG engine by software written in common programming languages. A wealth of frontend applications and libraries making use of GnuPG are available. As an universal crypto engine GnuPG provides support for S/MIME and Secure Shell in addition to OpenPGP.

            GnuPG is Free Software (meaning that it respects your freedom). It can be freely used, modified and distributed under the terms of the GNU General Public License.

            Three different versions of GnuPG are actively maintained:

            - This version (2.3) is the latest development with a lot of new features. This announcement is about the first release of this version.

            - Version 2.2 is our LTS (long term support) version and guaranteed to be maintained at least until the end of 2024. See https://gnupg.org/download/index.html#end-of-life

            - Version 1.4 is maintained to allow decryption of very old data which is, for security reasons, not anymore possible with other GnuPG versions.

            Noteworthy changes in version 2.3.0 (2021-04-07) ================================================

            * A new experimental key database daemon is provided. To enable it put "use-keyboxd" into gpg.conf and gpgsm.conf. Keys are stored in a SQLite database and make key lookup much faster.

            * New tool gpg-card as a flexible frontend for all types of supported smartcards.

            * New option --chuid for gpg, gpgsm, gpgconf, gpg-card, and gpg-connect-agent.

            * The gpg-wks-client tool is now installed under bin; a wrapper for its old location at libexec is also installed.

            * tpm2d: New daemon to physically bind keys to the local machine. See https://gnupg.org/blog/20210315-using-tpm-with-gnupg-2.3.html

            * gpg: Switch to ed25519/cv25519 as default public key algorithms.

            * gpg: Verification results now depend on the --sender option and the signer's UID subpacket. [#4735]

            * gpg: Do not use any 64-bit block size cipher algorithm for encryption. Use AES as last resort cipher preference instead of 3DES. This can be reverted using --allow-old-cipher-algos.

            * gpg: Support AEAD encryption mode using OCB or EAX.

            * gpg: Support v5 keys and signatures.

            * gpg: Support curve X448 (ed448, cv448).

            * gpg: Allow use of group names in key listings. [e825aea2ba]

            * gpg: New option --full-timestrings to print date and time.

            * gpg: New option --force-sign-key. [#4584]

            * gpg: New option --no-auto-trust-new-key.

            * gpg: The legacy key discovery method PKA is no longer supported. The command --print-pka-records and the PKA related import and export options have been removed.

            * gpg: Support export of Ed448 Secure Shell keys.

            * gpgsm: Add basic ECC support.

            * gpgsm: Support creation of EdDSA certificates. [#4888]

            * agent: Allow the use of "Label:" in a key file to customize the pinentry prompt. [5388537806]

            * agent: Support ssh-agent extensions for environment variables. With a patched version of OpenSSH this avoids the need for the "updatestartuptty" kludge. [224e26cf7b]

            * scd: Improve support for multiple card readers and tokens.

            * scd: Support PIV cards.

            * scd: Support for Rohde&Schwarz Cybersecurity cards.

            * scd: Support Telesec Signature Cards v2.0

            * scd: Support multiple application on certain smartcard.

            * scd: New option --application-priority.

            * scd: New option --pcsc-shared; see man page for important notes.

            * dirmngr: Support a gpgNtds parameter in LDAP keyserver URLs.

            * The symcryptrun tool, a wrapper for the now obsolete external Chiasmus tool, has been removed.

            * Full Unicode support under Windows for the command line. [#4398]

            Release-info: https://dev.gnupg.org/T5343

            Getting the Software ====================

            Please follow the instructions found at <https://gnupg.org/download/> or read on:

            GnuPG 2.3.0 may be downloaded from one of the GnuPG mirror sites or direct from its primary FTP server. The list of mirrors can be found at <https://gnupg.org/download/mirrors.html>. Note that GnuPG is not available at ftp.gnu.org.

            The GnuPG source code compressed using BZIP2 and its OpenPGP signature are available here:

            https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.3.0.tar.bz2 (7380k) https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.3.0.tar.bz2.sig

            An installer for Windows without any graphical frontend except for a very minimal Pinentry tool is available here:

            https://gnupg.org/ftp/gcrypt/binary/gnupg-w32-2.3.0_20210407.exe (4560k) https://gnupg.org/ftp/gcrypt/binary/gnupg-w32-2.3.0_20210407.exe.sig

            The source used to build the Windows installer can be found in the same directory with a ".tar.xz" suffix.

            A new version of Gpg4win featuring this version of GnuPG will be released soon. In the meantime it is possible to install this GnuPG version on top of Gpg4win 3.1.15.

            Checking the Integrity ======================

            In order to check that the version of GnuPG which you are going to install is an original and unmodified one, you can do it in one of the following ways:

            * If you already have a version of GnuPG installed, you can simply verify the supplied signature. For example to verify the signature of the file gnupg-2.3.0.tar.bz2 you would use this command:

            gpg --verify gnupg-2.3.0.tar.bz2.sig gnupg-2.3.0.tar.bz2

            This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and made by one or more of the release signing keys. Make sure that this is a valid key, either by matching the shown fingerprint against a trustworthy list of valid release signing keys or by checking that the key has been signed by trustworthy other keys. See the end of this mail for information on the signing keys.

            * If you are not able to use an existing version of GnuPG, you have to verify the SHA-1 checksum. On Unix systems the command to do this is either "sha1sum" or "shasum". Assuming you downloaded the file gnupg-2.3.0.tar.bz2, you run the command like this:

            sha1sum gnupg-2.3.0.tar.bz2

            and check that the output matches the next line:

            44d06ef6625378e2d135420543e5fb06b62437ab gnupg-2.3.0.tar.bz2 6069b70870cb378b1937a79a752ccc3e9951e0a1 gnupg-w32-2.3.0_20210407.tar.xz 2c1a25a57a785cc96ae7ec317de9d1fb513161b7 gnupg-w32-2.3.0_20210407.exe

            Internationalization ====================

            This version of GnuPG has support for 26 languages with Chinese (traditional and simplified), Czech, French, German, Italian, Japanese, Norwegian, Polish, Russian, and Ukrainian being almost completely translated.

            Documentation and Support =========================

            The file gnupg.info has the complete reference manual of the system. Separate man pages are included as well but they miss some of the details available only in the manual. The manual is also available online at

            https://gnupg.org/documentation/manuals/gnupg/

            or can be downloaded as PDF at

            https://gnupg.org/documentation/manuals/gnupg.pdf

            You may also want to search the GnuPG mailing list archives or ask on the gnupg-users mailing list for advise on how to solve problems. Most of the new features are around for several years and thus enough public experience is available. https://wiki.gnupg.org has user contributed information around GnuPG and relate software.

            In case of build problems specific to this release please first check https://dev.gnupg.org/T5343 for updated information.

            Please consult the archive of the gnupg-users mailing list before reporting a bug: https://gnupg.org/documentation/mailing-lists.html. We suggest to send bug reports for a new release to this list in favor of filing a bug at https://bugs.gnupg.org. If you need commercial support go to https://gnupg.com or https://gnupg.org/service.html.

            If you are a developer and you need a certain feature for your project, please do not hesitate to bring it to the gnupg-devel mailing list for discussion.

            Thanks ======

            Since 2001 maintenance and development of GnuPG is done by g10 Code GmbH and still mostly financed by donations. Three full-time employed developers as well as two contractors exclusively work on GnuPG and closely related software like Libgcrypt, GPGME and Gpg4win.

            We like to thank all the nice people who are helping the GnuPG project, be it testing, coding, translating, suggesting, auditing, administering the servers, spreading the word, or answering questions on the mailing lists.

            The financial support of the governmental CERT of Luxembourg (GOVCERT.LU) allowed us to develop new and improved features for smartcards (Yubikey, PIV and Scute) as well as various usability features. Thanks.

            Many thanks also to all other financial supporters, both corporate and individuals. Without you it would not be possible to keep GnuPG in a good and secure shape and to address all the small and larger requests made by our users.

            Happy hacking,

            Your GnuPG hackers
        • Licensing/Legal

          • Proposal and Steps To Dual-License Gutenberg Under the GPL and MPL

            The GPL is so embedded into WordPress that it is not just the license the platform is under but a part of the community’s culture. Friends have been gained and lost over discussions of it. Bridges burned. Battles waged. People cast out to the dark corners of the web that “we don’t talk about.” There was even a time when one could expect a fortnightly GPL dust-up in which the inner WordPress world argued the same points over and over, ad nauseam.

            It might be hard to imagine a world where — outside of third-party libraries — direct contributions to the software are under anything other than the GPL. However, the wheels are now in motion. The Gutenberg project, which is the foundation of WordPress going forward, may soon be under both the GNU General Public License (GPL) v2 and the Mozilla Public License (MPL) v2.0.

          • Návody.Digital the Global Portal of the Slovenian Administration

            Licensed on GitHub under the EUPL-1.2 the portal Návody.Digital covers most life situations in Slovenia: health (and COVID-19), family, construction, taxation, employment, residence, wedding, mobility etc.

            The aim of the Slovenian eGovernment portal is to deliver electronic government services to all, at no or small legal cost, through comprehensive menu-driven selection, based on the various real life situations.

      • Public Services/Government

        • German Town Dortmund Will Use Open-Source Software Wherever Possible

          We have witnessed many German cities (like Munich) switching back and forth between open-source software and proprietary solutions for their administrative workplace and public offerings.

          Now, it looks like another German town “Dortmund” is going open-source and for all good reasons.

          It is interesting to note that it is the 8th largest city of Germany as per Wikipedia. Let’s take a brief look at what they had to say about it.

      • Programming/Development

        • dLeyna updates and general project things

          As for all the other things I do. I was trying to write many versions of this blog post and each one sounded like an apology, which sounded wrong. Ever since I changed jobs in 2018 I’m much more involved in coding during my work-time again and that seems to suck my “mental code reservoir” dry, meaning I have very little motivation to spend much time on designing and adding features, limiting most of the work on Rygel, GUPnP and Shotwell to the bare minimum. And I don’t know how and when this might change.

        • Qt for MCUs 1.8 released

          A new feature update of Qt for MCUs is now available. Download version 1.8 to get access to additional MCU platforms, more options to limit the memory footprint, new APIs to create advanced and scalable user interfaces, and a solution to simplify the integration of Qt into existing projects.

          Newcomers can get a free evaluation here, while others can run the Qt Installer to update to the latest version.

          The full list of changes included in version 1.8 can be found in the changelog in the online documentation. Continue reading for more information on the content of this release.

        • GCC 10.3 Compiler Released With AMD Zen 3 Tuning Backported, Nearly 200 Bug Fixes - Phoronix

          GCC 10.3 is out today as the latest stable release of the GNU Compiler Collection, weeks ahead of the GCC 11.1 feature release as the first stable version of GCC 11.

          GCC 10.3 back-ports various fixes to the GCC 10 stable series, which was minted last year. The brief release announcement for the GCC 10.3 compiler notes 178 bug fixes over the GCC 10.2 release from a half-year ago.

        • LLVM 12.0 Delays Drag On With RC5 Now Shipping - Phoronix

          LLVM 12.0 was supposed to ship at the start of March but now more than one month later and some 6,660+ commits to LLVM 13.0 already, LLVM 12.0 has not yet shipped but on Wednesday 12.0.0-rc5 was issued.

          Lingering bugs keep holding back the LLVM 12.0 release. The delay of more than one month is significant in that LLVM traditionally operates on a half-year release cadence and this code for v12.0 was branched all the way back towards the end of January, thus the 6k+ commits already accumulating for LLVM 13.0 this autumn.

        • A swarm in May is worth a load of hay, is it? JetBrains Code With Me collaborative programming tool released ● The Register

          JetBrains today pushed out Code With Me, formerly in preview, a plugin to support remote collaborative coding, as well as updates to its Java and Ruby IDEs.

          All the JetBrains IDEs are based on IDEA, a Java IDE, but the range is extensive and includes adaptions for Android (Java and Kotlin), Python, JavaScript, PHP, C#, C/C++, Ruby, and more. Google's Android Studio is based on the free Community Edition of IDEA.

          Code With Me lets two or more developers work in the same IDE using a remote connection. JetBrains competes with Microsoft's free Visual Studio Code, as well as Visual Studio, and the new feature is somewhat similar to Microsoft's Live Share, which supports collaborative coding, debugging and audio calls, with a web client in preparation.

        • IBM Creates a COBOL Compiler For Linux On x86

          IBM has announced a COBOL compiler for Linux on x86. "IBM COBOL for Linux on x86 1.1 brings IBM's COBOL compilation technologies and capabilities to the Linux on x86 environment," said IBM in an announcement, describing it as "the latest addition to the IBM COBOL compiler family, which includes Enterprise COBOL for z/OS and COBOL for AIX."

        • IBM COBOL for Linux on x86 1.1 brings COBOL capabilities to the Linux on x86 environment
        • Short Topix: New Linux Malware Making The Rounds: Despite Age, COBOL Remains Productive, Useful

          Despite getting its start in 1959, the COBOL computer language remains useful and productive nearly 62 years later. Partly based on Cmdr Grace Hopper's FLOW-MATIC language, COBOL (which stands for "common business-oriented language) has found a home on many mainframe computers. But, because of its age, COBOL doesn't attract the developers the way it used to, back in the 60s, 70s, and 80s.

          According to an article on TechRepublic, COBOL proved its value during the COVID-19 pandemic. Originally designed to handle large volumes of transactions and generate reports in the business world, its 220 billion lines of code would likely cost at least between $4 and $8 TRILLION to replace. And replace it with what?

          Most of the COBOL systems exist in the back offices of banks, insurance companies, brokerages, and government offices, continually churning out massive amounts of transactions quickly and efficiently. Many retail giants, such as Walmart, Home Depot, Target and many others, rely on COBOL running on mainframes to process point of sale credit card transactions. Replacing these massive software systems would be risky, as well. After 60 years, COBOL has these tasks handled. Easily.

          The COBOL language is very structured and the machines it runs on are typically fairly easy to maintain. COBOL's usefulness shined through in its use by various government agencies, who still rely on it to process large numbers of unemployment benefits. During the pandemic, the numbers of those seeking unemployment benefits exploded. So, the need for those mainframes that process those unemployment benefits soared right along with the exploding demand for unemployment benefits. Many of the programmers trained in COBOL are starting to reach retirement age, so the demand for COBOL programmers is rising. The median income for COBOL programmers is just over $92K per year, and those with 10 years or more of COBOL programming experience can expect wages around $100K per year. Those are not-too-shabby wages for knowing how to work with a 60+ year-old programming language.

        • Run one specific clang-tidy check on your entire codebase

          Recently I did a major refactor on a piece of code that involved thousands of lines of code which were in one way or another related to string handling. All of the code handled char* (C style character pointer arrays) and the concept of const or ownership was literally unknown in that part of the codebase. The refactored code uses std::string's, but due to the legacy nature, a large number of methods returned nullptr's instead of empty strings (like ""). I understand why this was done, but finding all those instances and the fact it only gives a runtime error was a bit of a bummer.

          Luckily clang-tidy is here to save the day. In my IDE, CLion, it gives a warning when you return a nullptr. It however does that only in the file you're currently editing, and since we're talking millions of files, I wasn't going to open them by hand. You can run clang-tidy easily on one file, and it's not hard to run it on an entire codebase as well, using the script run-clang-tidy.py, provided in their packages.

        • Update on git.php.net incident

          The following is a more detailed explanation of what happened and which actions were taken.

          When the first malicious commit was made under Rasmus' name, my initial reaction was to revert the change and revoke commit access for Rasmus' account, on the assumption that this was an individual account compromise. In hindsight, this action didn't really make sense, because there was (at the time) no reason to believe that the push occurred through Rasmus' account in particular. Any account with access to the php-src repository could have performed the push under a false name.

          When the second malicious commit was made under my own name, I reviewed the logs of our gitolite installation, in order to determine which account was actually used to perform the push. However, while all adjacent commits were accounted for, no git-receive-pack entries for the two malicious commits were present, which means that these two commits bypassed the gitolite infrastructure entirely. This was interpreted as likely evidence of a server compromise.

        • PHP project says security hiccup likely due to leak of main database
        • GNU Guix: Outreachy 'guix git log' internship wrap-up

          Magali Lemes joined Guix in December for a three-month internship with Outreachy. Magali implemented a guix git log command to browse the history of packaging changes, with mentoring from Simon Tournier and Gábor Boskovits. In this blog post, Magali and Simon wrap up on what's been accomplished.

        • Python

          • HPy: a better C API for Python?

            There are other efforts to improve the C API, notably, Victor Stinner's PEP 620 ("Hide implementation details from the C API"), but those have generally been incremental improvements, with the intent of keeping the existing extensions working. In some sense HPy is similar, because it does not seek to replace the existing API, at least anytime soon. But the project does seek to make sweeping changes to the API in pursuit of its goals.

            The current Python C API is closely tied to the CPython implementation of the language, which is part of what makes it hard to adapt the API to other implementations, such as PyPy. The C API effectively embeds the reference-counting garbage collector into the language extensions, which means that alternative garbage-collecting approaches cannot be used (or only used painfully) when trying to run those extensions. It also holds back CPython because it is well-nigh impossible to, for example, remove or alter the global interpreter lock (GIL) without changing the API, thus requiring changes to the extensions.

            So HPy seeks to provide a more streamlined C API that is not intimately tied to CPython, but that can run extensions with the same performance as those that use the existing API. Extensions written to use HPy will be "much faster" on alternatives like PyPy or Python on GraalVM, according to the home page. HPy also provides a way to build "universal binaries" for extensions that will run unmodified on various Pythons, and a "debug mode" that is intended to catch common mistakes made in extensions.

            [...]

            In addition, HPy adds an explicit context parameter (an HPyContext) for each call in order to explicitly manage the local state of the interpreter. It is meant to allow future versions where different threads each have their own interpreter or a process contains multiple interpreters (such as different versions or implementations). It also allows current features like the universal binaries.

            [...]

            The ideas behind HPy seem sound, but it is a sprawling project that will require a great deal of development effort to get far. The existing Python C API has hampered a number of initiatives for Python, while, of course, that same API has contributed greatly to the huge and growing ecosystem around the language. In particular, though, projects aimed at improving the performance of Python tend to run aground on the need to support the API. HPy looks like a project to keep an eye on to see how things might change in that area down the road.

        • Java and JS

          • What’s happening in the Node.js community

            Curious about what’s going on in the Node.js community?

            Node.js 16 will be released in April 2021 and promoted to long-term support in October 2021. We’re also rapidly approaching the end-of-life date for Node.js 10. After April 2021, there will be no further patches or security fixes made available for the Node.js 10 release line. If you haven’t already, you should plan to upgrade to Node.js 12 or Node.js 14 as soon as possible. See the Node.js release schedule in Figure 1.

          • Edge computing optimization with open source technologies

            Optimizing Java code using Quarkus (an open source, Kubernetes-native Java framework) can help reduce runtime memory requirements by an order of magnitude while dropping initial startup times from seconds to milliseconds.

            Low startup times reduce infrastructure usage by making it practical to scale down significantly when an application or process is idle. Longer startup times necessitate an application or process remaining continuously "hot," executing in-memory and using resources even when idle.

          • Build even faster Quarkus applications with fast-jar - Red Hat Developer

            Quarkus is already fast, but what if you could make inner loop development with the supersonic, subatomic Java framework even faster? Quarkus 1.5 introduced fast-jar, a new packaging format that supports faster startup times. Starting in Quarkus 1.12, this great feature became the default packaging format for Quarkus applications. This article introduces you to the fast-jar format and how it works.

  • Leftovers

    • Shahid Buttar and Dan Kovalik - The Project Censored Show
    • Thick as Thieves

      In the soft light of what looks like early morning or the fleeting minutes before sunset, a woman stumbles out of a brick-walled, vine-covered house and struggles to find her footing. Her friend, sitting on the front steps, catches her and ushers her into a cab. It’s a familiar image of female camaraderie, but in Jacques Rivette’s Céline and Julie Go Boating, from 1974, familiar feelings emerge from otherworldly contexts.

      The stumbling woman is Céline (Juliet Berto); her friend, Julie (Dominique Labourier). This moment comes at the halfway mark of the sprawling 193-minute film, where, in the previous scenes, we’ve followed the daily lives of these Parisian women: Céline, a magician, and Julie, a librarian, meet, move in together, and frolic around the city and fool men. But then suddenly, their story is interrupted, depositing them into a possibly haunted mansion located at 7 bis, rue du Nadir-aux-Pommes, to which the two inexplicably keep returning. Here, cinematic hallucinations unfold, and afterward they are spit out from the house with bloody handprints on their bodies and a drug-like candy in their mouths, their memories foggy, left to piece together the happenings inside. In Proustian fashion, they ingest more of the candy to go deeper, not just into the mysterious house but into the corners of their shared dreams and memories. The closer Céline and Julie become, the more they “go boating” down their stream of collective consciousness. (The French title, Céline et Julie vont en bateau, is a pun; the phrase can also mean getting caught up in a story.) We also immediately get caught up in the women’s relationship.

    • Reaching Out

      Arlo Parks’s lyrics achieve what so many earnest, self-conscious adolescents aim for when they scribble solemnly in a journal, hoping to arrive at profundity by documenting the familiar confusions of youth. But while some teen diaries are heavy with self-indulgent melodrama, Parks is a quiet writer, and her observations tend to be plainspoken and disarming. “Let’s go to the corner store and buy some fruit,” she sings on “Black Dog.”

      The song, from her debut album Collapsed in Sunbeams, is a sincere message to a friend battling depression. “I would do anything to get you out your room / Just take your medicine and eat some food.” Her work has a private tenderness to it, as if it weren’t meant for our ears.

    • Protest Song Of The Week: ‘I Pity The Country’ By Leanne Betasamosake Simpson

      Leanne Betasamosake Simpson is an acclaimed novelist, poet, scholar, and singer. She is also a member of the Michi Saagiig Nishnaabeg people, native to southern Ontario, Canada. She recently released her stunning new album “Theory Of Ice.”

      One of the issues heavily dealt with on the album is climate change. For example, the opening track “Break Up” poignantly declares, “There is euphotic rising and falling / Orbits of dispossession and reattachment / Achieving maximum density: 39 degrees Fahrenheit.” Another example is the tragically gorgeous “Failure Of Melting,” where she sings, “The caribou sit measuring emptiness/The fish study giving up.”

    • Lianne La Havas: Tiny Desk (Home) Concert
    • Make Digital Preservation Easier

      But on the other hand, as digital preservationist David Rosenthal has pointed out, in the grand scheme, preservation is not really all that expensive. The Internet Archive has a budget—soup to nuts—of around $20 million or less per year, around half of which goes to pay for the salaries of the staff. And while they don’t get all of it (in part because they can’t!), they cover a significant portion of the entire internet, literally millions of websites. They have a fairly complex infrastructure, with some of its 750 servers online for as long as nine years and petabyte capacity in the hundreds, but given that they are trying to store decades worth of digitized content—including entire websites that were long-ago forgotten—it’s pretty impressive!

      So the case that it costs too much to continue to simply publicly host a site that contains years of historically relevant user-generated content is bunk to me. It feels like a way of saying “we don’t want to shoulder the maintenance costs of this old machine,” as if content generated by users can be upgraded in the same way as a decade-old computer.

    • Science

      • Journals fail to take action over ‘fatally flawed’ experiments

        In a paper in Scientometrics, researchers from Australia and France explain how they contacted 13 separate journals to report concerns over 31 published articles on genetics, all of which had relied on a control reagent from the same supplier that had been wrongly identified.

        According to the paper’s authors, the inadvertent use of the wrong chemical substance would “almost certainly invalidate any experiment that uses such reagents”, with the faulty results likely to be “incorporated into future studies, potentially leading to failed experiments”.

        While the identified error was deemed serious enough for 14 of the 31 papers to be retracted, author corrections were sufficient for seven of the papers while five papers were made subject to expressions of concern. However, for six of the papers, it was stated no action should be taken.

    • Education

      • The Future of Australian Universities

        His sombre words were recorded in The Age:€  “If we are serious about tackling climate change with technology, if we are serious about preventing more pandemics, then research and the study of science of technology need to be right up there as a national priority and properly funded.”€  Australia risked “becoming the bogans of the Pacific.”

        A touch harsh, perhaps, given that “bogan” is a word defined in the Australian National Dictionary as “an uncultured and unsophisticated person”, “boorish” and “uncouth”.€  But both meaning and consequence are clear enough.€ Australian teaching and research institutions are being ravaged by the razor ready commissars of administration who cite one alibi for their hazardous conduct: the pandemic.€  Little time is spent on focusing on why the Australian university sector, bloated as it is, began to cannibalise funding and focus on single markets, such as that of China, sacrificing, along the way, standards.

    • Health/Nutrition

      • 'We Must Do More': Hundreds of Advocacy Groups Urge Biden, G20, and IMF to Increase Pandemic Aid

        "Unless we take immediate action to solidify more aid and relief, we face lost decades of development and millions more will suffer."€ 

        As international financial institutions convene virtually to discuss the world's response to the ongoing coronavirus pandemic, 260 faith, labor, and development groups on Wednesday sent letters to U.S. President Joe Biden and the heads of the International Monetary Fund and G20 urging them to provide more aid to developing nations and enact policies to avert future crises and protect the environment.€ 

      • G20 Nations Slammed for Calling Covid Vaccines a 'Public Good' While Denying Them to the World

        "They should have taken this moment to commit to putting the health of people across the world ahead of Big Pharma's profits."

        Progressive campaigners on Wednesday denounced G20 nations for offering lip service to the importance of treating coronavirus vaccines as a "global public good" while simultaneously blocking an effort to lift restrictive patent protections and share vaccine recipes with the developing world.

      • The Broken Front Line

        It was 4:32 p.m. and Mike Diaz was almost halfway through another punishing 24-hour shift when the call came over the ambulance radio. Nine miles away, a man had lost consciousness. “We’re en route from Palmdale Regional,” Diaz told the dispatcher, pushing away the thought of grabbing some food, as he flicked on the lights and sirens and sped off into the suburban maze of the Antelope Valley. He had worked as an emergency medical technician here in the northernmost part of Los Angeles County for over a decade, but he still experienced the same thrum of adrenaline on urgent calls. Lately, however, on January afternoons like this one, his excitement was overpowered by a sense of futility and dread.

        A few minutes after the dispatcher’s call, Diaz backed the ambulance into the driveway of a single-story house with a white picket fence. He and his partner, Alexandra Sanchez, followed a paramedic from the fire department into a dim living room, where an old man was stretched out on a cot, grimacing in pain. As Diaz crouched to check the man’s vitals, a middle-aged woman said that she had first noticed her father, who was 88, becoming less coherent around a week ago. The man was more confused than usual, and contractures had stiffened his thin legs into tent poles. Their primary care doctor wasn’t picking up the phone. Still, the family held off on dialing 911 because they feared that sending him to the hospital would expose him to the coronavirus. Only now that his condition had worsened had they decided to make the call.

      • EU Regulator Endorses AstraZeneca Covid-19 Vaccine While Warning of 'Possible' Blood Clot Risk

        The European Medicines Agency assessment came the same day as the U.K. restricted use of the vaccine to people over age 30.

        The European Union's pharmaceutical regulatory agency on Wednesday endorsed continued use of the Oxford-AstraZeneca coronavirus vaccine for all adults, even while confirming a "possible link" to blood clots that, while "very rare," have killed a small number of people.€ 

      • Jailed ex-governor Sergey Furgal tests positive for COVID-19

        The Khabarovsk territory’s jailed former governor, Sergey Furgal, has been hospitalized in the medical unit of Moscow’s Matrosskaya Tishina remand prison after testing positive for COVID-19, RIA Novosti reported on Wednesday, April 7.

      • Kenya Lashes Out at UK Over 'Discriminatory' Travel Ban and 'Vaccine Apartheid'

        "This vaccine apartheid, coupled with the reckless calls for vaccine passports while not making the vaccines available to all nations, widens existing inequalities and makes it near impossible for the world to win the war against the pandemic," the ministry said.

        Kenya has sharply criticized the United Kingdom for eschewing "solidarity and collaborative partnership" in the fight against the global Covid-19 pandemic by instituting a "discriminatory" travel ban and accused the nation of carrying out "vaccine apartheid."

      • Opinion | Six Months to Prevent a Hostile Takeover of Food Systems, and 25 Years to Transform Them

        A misguided technological revolution is about to sweep through food systems, but civil society and social movements can stop it in its tracks.

        Imagine a world where algorithms are used to optimize growing conditions on every fertile square metre of land. Where whole ecosystems are re-engineered. Where drones and surveillance systems manage the farm. Where farmers are forced off the land into e-commerce villages .

      • Bolsonaro a 'Threat to the Planet,' Says Lula as Brazil's Daily Covid Death Toll Hits All-Time High

        "Unfortunately, our country is today considered a global threat, due to the uncontrolled circulation of the virus and the emergence of new mutations."

        Former Brazilian President Luiz Inácio Lula da Silva on Wednesday called far-right President Jair Bolsonaro a grave "threat to the planet" after the nation's daily Covid-19 death toll topped 4,000 for the first time since the pandemic began last year, a sign that the public health crisis is worsening as Bolsonaro continues to downplay the virus and undercut potential solutions.

      • Another Win for Health Insurers, a Big Loss for this Patient

        My OCD has cost me jobs and threatened my marriage and contributed to my divorce.

        When I heard about a relatively new therapy for treatment-resistant OCD patients called transmagnetic stimulation (TMS), I was excited. The treatment sounded promising. For the first time in decades there was hope that my days of suffering might soon be over. I am 57. Perhaps I could live my last ten or twenty years free from this terrible disorder.

      • Welcome From The Chief Editor

        Besides limited availability of the vaccines, the other driving force in the slow vaccination rates is people's hesitancy to get the vaccine. That hesitancy is rooted in a number of fallacies making the rounds, such as "it was developed too fast, with not enough testing," that it "alters our cellular DNA," and that it "contains microchips to track people," among others.

      • With COVID Cases Soaring in France, Macron can No Longer be in Denial

        The president may no longer be in denial, but the situation in some parts of France appears to be very much out of control. Daily Covid cases€  have reached 59,000€ compared with€  the UK’s 4,000, and hospitals are straining under the pressure; some doctors worry that they may soon need to start prioritising those who will have the greatest chance of€  successful treatment.

        The issue of intensive care bed capacity has been a thorn in Macron’s side for the past year. In March 2020, the health minister promised to increase the number of beds€  to 14,000. One year later, doctors and nurses are accusing the government of having largely broken its pledge. Most of these beds€  never materialised, and France’s hospitals appear unable to€  cope with the challenges€ of the pandemic.

    • Integrity/Availability

      • Proprietary

        • EU investigating ‘IT security incident’ involving multiple agencies

          Cybersecurity experts at the European Union are investigating an “IT security incident” involving multiple institutions, though “no major information breach” has been detected, EU officials said Tuesday.

          The scope and nature of the incident were not immediately clear, but a spokesperson for the European Commission, the EU’s executive branch, said the commission had set up a “24/7 monitoring service” in response to the incident.

        • Security

          • Concerns emerge about Facebook’s disclosure of user data breach

            New concerns have emerged about whether Facebook Inc. properly disclosed a data breach through which about 553 million of its users’ personal information ended up on hacker forums.

            The breach started making headlines after Business Insider reported it over the weekend. In a Tuesday blog post responding to the Business Insider report, Facebook stated that the “methods used to obtain this data set were previously reported in 2019.” However, a story published by Wired later on Tuesday raises the possibility that users and regulators may in fact not have been properly informed about the incident in 2019.

          • Facebook isn’t planning to tell you if you’re one of the 533 million people whose data leaked

            Facebook is responding to the recent news that data from 533 million accounts leaked online for free, but perhaps not in the way users might have hoped: the company doesn’t plan to notify the users whose data was exposed online, a Facebook spokesperson told Reuters.

            In the dataset, there’s apparently a lot of information that you might not want floating around the internet — including birthdays, locations, full names, and phone numbers — so it’s disappointing to hear that Facebook doesn’t plan to notify users that might be affected. The company cited two reasons to Reuters as to why it’s not telling users proactively: it says it’s not confident it would know which users would need to be notified, and that users wouldn’t be able to do anything about the data being online.

          • Facebook does not plan to notify half-billion users affected by data leak

            Facebook Inc did not notify the more than 530 million users whose details were obtained through the misuse of a feature before 2019 and recently made public in a database, and does not currently have plans to do so, a company spokesman said on Wednesday.

            Business Insider reported last week that phone numbers and other details from user profiles were available in a public database. Facebook said in a blog post on Tuesday that “malicious actors” had obtained the data prior to September 2019 by “scraping” profiles using a vulnerability in the platform’s tool for synching contacts.

          • Goodbye LastPass, Hello BitWarden!

            Well ... that didn't take long! To explain what I mean, we'll have to dive head first into some fairly recent history.

            Back in 2003, a company was created. It called itself LogMeIn. Over the years, it created such familiar cloud-based programs such as GoToMeeting, GoToConnect, GoToMyPC, Rescue, and of course, the namesake LogMeIn.

            In 2006, Xmarks (formerly Foxmarks) was created as a bookmark synchronizer for Firefox users. It later expanded to help manage the many unique passwords users were supposed to be creating when logging into websites.

            In 2010, LastPass purchased Xmarks. LastPass and Xmarks ran concurrently, until Xmarks was shut down on May 1, 2018. Then, in 2015, LogMeIn, Inc. purchased LastPass for $110 million (U.S.), and added it to their software offerings.

            Fast forward to December 2019, when two private investment capital firms teamed up to purchase LogMeIn for a reported $4.3 billion (U.S.). The sale was finalized in August 2020. The latest figures put LogMeIn's annual revenues around $1.3 billion (U.S.) per year, has around 3,500 employees, and approximately 200 million users across the globe.

            [...]

            Without a doubt, LastPass users are up in arms over the decision to extract money from them for something that they have enjoyed for free over the years, and rightfully so. But, in the process, they have found an alternative that is cheaper and does everything that LastPass does. That alternative, BitWarden, is also an open source solution. Around these parts, we like to support open source projects.

            I wonder how many of those 200 million users that the two investment firms are salivating over remain with LastPass after everything is said and done. LastPass users are fleeing in droves to BitWarden. That $4.3 billion investment may not have been all that good of an investment, after all. If you have no users, it's a bit difficult to recoup your investment.

          • Security updates for Thursday

            Security updates have been issued by Fedora (chromium, libldb, rpm, samba, and seamonkey), openSUSE (isync), Oracle (kernel), Red Hat (openssl and squid), SUSE (ceph, flatpak, libostree, xdg-desktop-portal, xdg-desktop-portal-gtk, fwupd, fwupdate, and openexr), and Ubuntu (curl, linux-lts-trusty, and lxml).

          • Microsoft's Windows 10, Exchange, and Teams hacked at Pwn2Own
          • Windows 10 hacked again at Pwn2Own, Chrome and Zoom also fall
          • eBook: Six best practices for effective Linux security management

            Securing endpoints can an overwhelming routine for system administrators, especially when they're remote. Considering much of the world is now working remotely and may continue to do so in the future, the demand for security has increased exponentially.

            Though Windows and Mac devices are popular targets for cyber criminals, Linux devices can fall victim as well; Linux-targeted malware can easily affect your critical devices. In some instances, Linux systems have been compromised and configured to distribute malware.

          • New Windows ransomware Cring attacks Fortigate VPN servers

            A relatively new strain of Windows ransomware known as Cring has been noticed attacking Fortigate VPN servers using a vulnerability which has the reference CVE-2018-13379.

            Vyacheslav Kopeytsev, a senior security researcher at global security firm Kaspersky's Industrial Control Systems Computer Emergency Response Team, said in a blog post that threat actors had conducted attacks using Cring in the first quarter of this year, but at that stage it was unclear as to what the infection vector was.

          • Privacy/Surveillance

            • Documents Show Hundreds Of Cops Have Run Clearview Searches, Often Without Their Employers' Knowledge Or Permission

              An impressive trove of public records obtained by BuzzFeed shows just how pervasive facial recognition tech is. Law enforcement agencies are embracing the tech, often with a minimum of accountability or oversight. That's how toxic tech purveyors like Clearview -- whose software relies on a multi-billion image database scraped from the web -- get their foot in the door to secure government contracts.

            • Cryptowars and migration: Great Britain continues to influence EU policy

              The British exit from the European Union strengthens cooperation in informal circles. One of these questionable alliances is now launching measures to decrypt secure communications. This also involves the US government.

            • How a 30-year-old technology - WiFi - will turn into our next big privacy problem

              Since then, WiFi has become an increasingly important part of modern life, with hotels, restaurants and many other venues providing it for free as an expected part of their services. Over the years, the technology has improved, mostly in terms of speed and range. But there is a new iteration of the WiFi standard being developed that will have massive implications for privacy and surveillance. It goes by the unmemorable name of 802.11bf. Here’s how the IEEE, the organization that is drawing up the new standard, describes it:

            • YouTube user growth outpaces social media rivals: poll

              YouTube’s popularity since 2019 has increased more than other social media sites, according to a new Pew Research Center poll.

              Eighty-one percent of respondents said they use the Google-owned video-sharing site, up from the 73 percent who said the same in 2019.

            • Buy a phone, get a tracker: unauthorized tracking code illegally installed on Android phones

              As reported by the Financial Times, noyb launched further action against Google’s AAID (Android Advertising Identifier), following similar complaints against Apple’s IDFA. The somewhat hidden ID allows Google and all apps on the phone to track a user and combine information about online and mobile behaviour. While these trackers clearly require the users’ consent (as known from “cookie banners”), Google neglects this legal requirement. noyb therefore filed a complaint against Google’s tracking code AAID.

            • The uninvited Internet of things

              The abuses associated with "smart" televisions are well understood. They phone home to report on one's viewing habits. They have cameras and microphones to record the environment and send that data back home as well.

              [...]

              By putting a cellular modem and SIM directly in a device, the problem of it never coming online can be solved; it will be able to report home whether the "owner" wants it to or not. The vendor will retain control and will be able to, for example, disable the device at will. People who purchase such devices and bring them into their homes will not be able to control that connectivity; indeed, they may not ever even know that it exists.

              This problem can already be seen in the area of automobiles, many of which have had their own cellular connectivity for some time. Tesla famously uses that link to track its cars, push software updates, and remotely disable features when cars are resold. Location data from many car brands is continuously fed upstream where it is put to any number of undisclosed uses, including being sold to military organizations. Some vendors give owners some control over this data stream; others explicitly do not.

              Can there be any doubt that the purveyors of other connected devices will be attracted by network connectivity that does not require the customer's cooperation? The sorts of data streams that we see from cars now will soon be generated by household appliances, cameras, medical implants, lawn mowers, sex toys, water faucets, articles of clothing, and many other things that product designers are surely thinking of right now. These streams will not flow over networks we control; short of living in a Faraday cage, there will be little we can do about them. We have not begun to see the kinds of spectacular security issues, including surveillance, stalking, fraud, and repression, that will result.

            • Beware! A New Tracker You Might Not Be Aware Of

              Well, the new exploit I only recently discovered is that there are also email trackers. These "invaders" of your Inbox track and report back on what you do with an email. It reports back that your email was read, what links you clicked on, the browser and OS you are running, when and how often an email is read, how long you have the email open, your IP address, if you downloaded anything connected with the email, and on and on and on. In their simplest form, email trackers allow senders to know when a recipient has received and/or read an email. I truly never knew this was a "thing" until recently.

              Email trackers used to be the playground for the marketing guys. But, increasingly, ordinary users are also using them to tell when a recipient has received and/or read an email. And you will definitely be surprised by the very high percentage of emails you receive that have a tracker embedded in them. In my case, over 90% of the emails I receive have embedded trackers. The trackers were so prevalent that I was more shocked by some of the ones that did not have trackers embedded in them, to be perfectly honest.

              [...]

              Users could take the most draconian measure, and just tell the email program to NOT automatically download external images. In fact, that is the default setting in Thunderbird, and should still be set that way, unless you changed it at some point. If you did change it so that external images can be downloaded, it's a trivial task to change it back.

              Preventing the downloading of the invisible/transparent 1x1 image in the first place is the best protection. If you use a web based email solution, such as Gmail, you can turn off the automatic downloading of external images. Yes, it will make your email look a LOT more boring, but then you also won't have to worry about the email trackers. They were never downloaded to start with.

              [...]

              It's your data, and no one is going to protect it for you. Instead, "they" are going to try to mine, steal and thieve all the data you allow "them" to steal. While many who insert trackers into emails feel that they have a "right" to harvest the data provided, it does not supersede your rights to privacy. When so much personal data is harvested from your actions with your emails, it can only invade your privacy.

              This never has been and never is about whether you have anything to hide. "They" have no more rights to YOUR data than some stranger has coming into your home and taking a bath.

              It's your data. It's YOUR responsibility to do whatever you deem necessary to protect it.

    • Defence/Aggression

      • Do Prisons Keep Us Safe? Author Victoria Law Busts Myths About Mass Incarceration in New Book

        As the first anniversary of the police killing of George Floyd approaches, we speak with author and journalist Victoria Law, who says despite the mass movement to fight systemic racism sparked by Floyd’s death, persistent myths about policing, incarceration and the criminal justice system still hinder reform. “Why do we think prisons keep us safe? Obviously, Derek Chauvin wasn’t afraid of being arrested or imprisoned when he killed George Floyd,” says Law, who examines these issues in her new book, “'Prisons Make Us Safer': And 20 Other Myths About Mass Incarceration.”

      • Warnings of Attempt to 'Sabotage' Diplomacy as Israel Reportedly Attacks Iranian Ship

        "Israel appears to be stepping up attacks on Iran to undermine diplomacy."

        This is a developing story... Check back for possible updates...

      • Dozens of House Dems and Progressive Groups Push Biden to Curb Militarization of Police

        "It is absurd that the Pentagon has so much funding they can send their 'excess' weaponry to police departments around the country. We need to demilitarize our police and defund the Pentagon now."

        Backed by more than 50 progressive advocacy groups, dozens of House Democrats are urging President Joe Biden to issue an executive order to prevent the transfer of military-grade weaponry from the Pentagon to federal, tribal, state, and local police departments.

      • The US Military Is an Extremism Incubator

        It was around noon and I was texting a friend about who-knows-what when I added, almost as an afterthought: “tho they seem to be invading the Capitol at the mo.” I wasn’t faintly as blasé as that may sound on January 6, especially when it became ever clearer who “they” were and what they were doing. Five people would die due to that assault on the Capitol, including a police officer, and two more would commit suicide in the wake of the event. One hundred forty police would be wounded (lost eye, heart attack, cracked ribs, smashed spinal disks, concussions), and the collateral damage would be hard even to tote up.

        I’m not particularly sentimental about anyone-can-grow-up-to-be-president and all that—in 2017, anyone did—but damn! This was democracy under actual, not rhetorical, attack.

      • 'Yemen Is Being Starved': 70+ Democrats Urge Biden to Demand End to Saudi-Led Blockade

        "Every day that we wait for these issues to be resolved in negotiations is another day that pushes more children to the brink of death."

        Nearly 80 House Democrats on Tuesday urged President Joe Biden to exert public pressure on Saudi Arabia to immediately lift its blockade that has been strangling Yemen for years, depriving the nation of food and medicine and exacerbating the world's worst humanitarian crisis.

      • Opinion | No, Biden Is Not Pushing the Saudis Hard Enough to End Yemen Blockade

        The Biden administration has multiple avenues of leverage over Riyadh that can be used to press for an unconditional lifting of the blockade. It must use them.

        Amidst growing reports of the devastation caused by the Saudi blockade of Yemen, a letter from a coalition of over 70 groups* representing tens of millions of people is calling on the Biden administration to do everything in its power to press Riyadh to bring that blockade to an end and open the way to distribution of fuel, food, and medical supplies to all parts of the country.

      • Questions about BBC producer’s ties to UK intelligence follow ‘Mayday’ White Helmets whitewash
      • Stop Using Our Tax Dollars for Human Rights Abuses: Pass the Philippines Human Right Act

        Under Duterte, over 30,000 Filipinos have been killed by their government. The killings began as a so-called “War on Drugs,” targeting poor drug users and drug dealers. Under the nebulous provisions of the Anti-Terror Law, the Armed Forces of the Philippines and the Philippines National Police are now targeting social activists, accusing (red-tagging) them of being Communists and terrorists. Indigenous people, human rights workers, peasant and labor organizers, environmental activists, journalists, health workers, local elected officials, and clergy have been red-tagged, imprisoned, and extrajudicially killed.

        The Duterte government has used COVID-19 lockdown measures to further militarize the country and repress labor and people’s organizations. His police and military have arrested individuals delivering relief and food to those in need, further increasing the number of political prisoners in the country. This militarist approach has worsened the Philippine public health situation while miserably failing to provide a comprehensive health response and adequate economic support to the suffering people amidst the COVID-19 pandemic.

      • Court documents shed new light on coordination between Trump White House and fascist militias in January 6 coup attempt

        The release of superseding indictments within the last two weeks points to coordinated planning between far-right militias and the Trump White House in the January 6 assault on the US Capitol.

        In a new indictment released last Thursday, US prosecutors allege that previously charged Oath Keepers militia members and a leader of the group, Stewart Rhodes, exchanged 19 phone calls over a nearly five-hour period during the January 6 attack. The phone calls indicate that Rhodes, who was on Capitol grounds during the siege, but did not enter, was directing Oath Keepers to breach the Capitol in coordination with still unnamed persons.

      • Indoctrinated in Hate: 'This Is the Start of the New Caliphate'

        Hate-filled indoctrination and training in violence is not limited to the "schools" of ISIS or Boko Haram. Public schools all around the Muslim world share elements of this indoctrination. Most recently, a March 2021 study exposed how the school curriculum of Turkey — for decades one of the Muslim world's most secular nations — is also increasingly full of jihadi propaganda.

        "The Turkish curriculum has been significantly radicalized in recent years. Jihad war is introduced as a central value; martyrdom in battle is glorified.... Concepts such as "Turkish World Domination" ... are emphasized. The curriculum adopts an anti-American stance and displays sympathy toward the motivations of ISIS and Al-Qaeda.... Christians and Jews are characterized as infidels instead of People of the Book.... The curriculum demonizes Zionism and verges on anti-Semitic..." — "The Erdoğan Revolution in the Turkish Curriculum Textbooks," IMPACT-se, March 2021.

      • The Left’s Refusal To Condemn The Nation Of Islam As A Hate Group

        The NOI’s Islamic teachings of innate black superiority over whites — something ironic since Arab Muslims justify the ongoing enslavement of Africans — to say nothing of its fundamentally racist and antisemitic rhetoric of its leaders, including top minister Louis Farrakhan, have earned the NOI a prominent position in the ranks of organized hate by the Southern Poverty Law Center.

        Farrakhan’s statements in favor of violence are numerous. He once said: [...]

      • Five ISIS terrorists arrested from mosque for distributing hate material among people: Officials

        Five terrorists belonging to the banned Islamic State outfit were arrested from a mosque in Pakistan’s Punjab province where they were distributing hate material among people and collecting funds from them, officials said on Tuesday.

        The Counter Terrorism Department (CTD) of Punjab Police said that it received credible information that the members of ‘Daesh’ (the ISIS) were present near Bhatta Chowk in Lahore’s Defence Housing Authority (DHA).

    • Environment

      • 'Ecocide' movement pushes for a new international crime: Environmental destruction

        Now, a small but growing number of world leaders including Pope Francis and French President Emmanuel Macron have begun citing an offense they say poses a similar threat to humanity and remains beyond the reach of international criminal law: ecocide, or widespread destruction of the environment.

      • 'Wall Street Is a Primary Villain' in Climate Crisis, Analysis Shows

        DeSmog's investigation found that at least 65% of directors from 39 global banks had 940 connections to "climate-conflicted" industries.

        "The boardrooms of the world's largest banks are polluted to the core... How are we ever meant to stop the climate crisis if the world's most powerful decision-makers are in bed with the companies behind the wheel!?"

      • Revealed: The Climate-Conflicted Directors Leading the World’s Top Banks - DeSmog
      • Coalition Calls for 'Building a Fairer, Healthier World' Through Climate Action

        "The Covid-19 pandemic has taught us that health must be part and parcel of every government policy—and as recovery plans are drawn up this must apply to climate policy."

        Faced with "a world in disarray," from over 2.87 million global Covid-19 cases and 556,500 deaths to rising atmospheric carbon and inadequate emissions reduction plans, an international coalition on Wednesday urged world leaders to learn from the coronavirus pandemic and "make health a central focus of national climate policies."

      • Opinion | 5 Ways Liberty Mutual is Threatening Communities and Our Climate

        We're ramping up the campaign demanding this insurance giant cut ties with destructive fossil fuel companies.

        Every new dirty energy project needs insurance. With Liberty Mutual’s support, fossil fuel companies are digging new coal mines, building tar sands pipelines, and expanding oil and gas drilling in some of the most sensitive ecosystems in the world, often without the consent of impacted communities.

      • City motorists in UK buy most off-road cars

        Most UK buyers of off-road cars designed for rural use are urban motorists, worsening city congestion and air pollution.

      • The Climate Elephant in the Atmosphere (and in the Room)

        The€ € Sun bathes the Earth with life-giving light and energy. In addition, in the past billions of years, these solar blessings have been giving rise to temperature, winds, storms, oceans, seas, rivers, lakes, drinking water, forests, deserts, animals, plants and flowers.

        We also use weather to understand the phenomena of rain, cold, hot and other changes in the atmosphere (sphere of steam).€  NASA€ defines weather and climate in terms of time:€ “Weather is what conditions of the atmosphere are over a short period of time, and climate is how the atmosphere “behaves” over relatively long periods of time.”

      • The Life and Death of a Pioneering Environmental Justice Lawyer - DeSmog
      • Energy

        • 'The People Have Spoken': Left-Wing, Indigenous-Led Party Vows to Stop Greenland Uranium Mining Project After Historic Win

          "Greenlanders are sending a strong message that for them it's not worth sacrificing the environment to achieve independence and economic development."

          Members of the left-wing and Indigenous-led Inuit Ataqatigiit (AI) party in Greenland celebrated late Tuesday after winning a majority of parliamentary seats in national elections and vowed to use their new power to block controversial rare-earth mining projects in the country.

        • L.A. City Council Unanimously Votes on Resolution Urging Governor Newsom to Shut Down Playa Del Rey Gas Facility

          The Los Angeles City Council voted unanimously in favor of a resolution seeking a firm timeline and leadership from Governor Gavin Newsom to shut down SoCalGas’ facility at Playa Del Rey. Initially put forward by Councilmember Mike Bonin, the resolution centers equity and community voices, calling for a just transition plan. While Gov. Newsom has repeatedly touted the need to move away from fossil fuels, he has yet to commit to a firm timeline to shut down California’s natural gas facilities.

          “Los Angeles has made it clear that gas facilities like Playa del Rey are incompatible with community health and safety,” said€  Food & Water Watch L.A. Organizer Ethan Senser€ after the vote. “The local community is united in wanting to see gas facilities like Playa del Rey and Aliso Canyon closed, and now is the time to roll up our sleeves and start planning for a just transition. The governor needs to listen to his constituents, bring stakeholders together, and follow the community’s leadership in determining real solutions for its future.”

        • Former Employee: Transocean Nearly Caused Oil Rig Catastrophe During Hurricane Zeta

          The post originally was published as part of The Dissenter Newsletter. When Hurricane Zeta hit the Gulf of Mexico in October 2020, the storm nearly resulted in another catastrophe similar to the Deepwater Horizon disaster. A lawsuit [ PDF]—one of several civil lawsuits—was filed by Christopher Pleasant, a former employee of Transocean and Triton Voyager Asset Leasing assigned to the Deepwater Asgard. He claims the corporations delayed disconnecting from a deepwater well until it was unsafe to “unlatch the vessel.” The United States Bureau of Safety and Environmental Enforcement (BSEE) is supposed to regulate offshore drilling but declined to act. They also issued no public statements about the incident that could have had devastating consequences. Jeff Ruch, the Pacific director of Public Employees for Environmental Responsibility (PEER),€  urged€ Interior Secretary Deb Haaland to “order an in-depth inquiry” into the Deepwater Asgard incident. “This incident raises serious questions as to how effective our offshore drilling safety rules are and whether they are adequately enforced,” Ruch suggested. As PEER noted in their press release, the Deepwater Asgard was drilling in the Green Canyon area “on the Gulf of Mexico continental slope.” On October 22, the crew “experienced a significant kick of hydrocarbon fluids up the well due to a failed cement job, similar to Deepwater Horizon’s Macondo well.” The lawsuit was filed under maritime law and the Jones Act, which is supposed to offer crew members like him protection. Hurricane Zeta hit the Gulf of Mexico on October 28. The day before Transocean and Beacon Offshore Energy allegedly instructed the crew to “stay latched and continue operations.” “Plaintiff, along with other crew members on board, strongly disagreed with the decision to stay latched but had no other options but to obey orders,” the lawsuit claims. In the morning on October 28, the captain of the Deepwater Asgard ordered the crew to unlatch the vessel “with no destination in mind.” But the former Transocean employee maintains the current was too fast and it was impossible to control the vessel. “The vessel lost an engine and began taking on water in two of the thrusters. Engineers aboard the vessel had to rig tarps to stop the water from reaching the remaining thrusters so the captain could control the vessel.” Tension rods were allegedly not operating properly because the corporations refused to stop production in May 2020, despite the fact that inspections in 2019 determined replacements were needed. Eleven people were€  killed€ in the Deepwater Horizon disaster. It is estimated over 3 million barrels of oil gushed into the Gulf of Mexico. Recalling this tragedy, Pleasant alleges the corporations failed to inspect, monitor, and repair equipment; failed to maintain a safe work environment; failed to provide an adequate crew; failed to maintain the vessel; and failed to maintain safe mechanisms for work and life on the vessel. He contends Transocean, Triton, and Beacon issued orders that “directly placed the crew of the Deepwater Asgard in extreme danger.” This gross negligence allegedly had such a physical and severe mental impact on Pleasant. He is no longer able to engage in any work offshore. PEER requested that the inspector general’s office for the Interior Department investigate. A complaint [ PDF] the group submitted to the IG states, “There was significant damage to ship and drilling components, and extreme risk to the crew and to the [Gulf of Mexico] marine ecosystem from a potential wellhead blowout.” The agency responsible for so-called offshore drilling safety “has not been transparent with the American public about this incident.”

        • Greenpeace Says Biden Tax Plan for Fossil Fuel Subsidies 'Simply Not Good Enough'

          "Not a dime of our tax dollars should go towards corporations that poison our communities and wreck our climate."

          Greenpeace USA responded critically on Wednesday after the U.S. Department of the Treasury released a new report offering more details about President Joe Biden's Made in America tax plan—part of the $2 trillion jobs and infrastructure proposal that the president unveiled last week.

      • Wildlife/Nature

        • Species Snapshot: The Asian Small-Clawed Otter — A Victim of the Pet Trade
        • A Welcome Change! Forest Service Halts Trump Plan to Burn Down the Targhee National Forest

          The Targhee Prescribed Fire project was stuffed through in the closing days of the Trump administration and would undoubtedly have been ruled illegal since the agency attempted to use a Categorical Exclusion to avoid environmental analysis on the project, which would have burned a million acres of the Targhee portion of the Caribou-Targhee National Forest. It is indicative of the total disregard for the law that Trump and his political appointees would even propose a project that included recommended wilderness, the Palisades Wilderness Study Area, and Inventoried Roadless Areas on the western side of Yellowstone National Park.

          To put it in perspective, one million acres is 1,562.5 square miles,€  nearly the size of the entire Bob Marshall Wilderness Complex€ – which is the fifth largest in the Lower 48 states. That’s a million acres of carbon-absorbing forests with functioning ecosystems that are home to grizzly bears, lynx, and wolverines and which the Trump administration wanted to destroy.

    • Finance

      • Beyond Bridges and Roads, Bowman Makes Case for 'Care Infrastructure'

        "What we need to understand better as a nation is that our infrastructure does not just look like steel, concrete, and transport—it is also the nurturing, patience, and diligence of care workers."

        In response to the GOP's misleading accusations that only a small portion of President Joe Biden's overwhelmingly popular American Jobs Plan is devoted to "real infrastructure," Rep. Jamaal Bowman€  argued€ Tuesday that the United States would benefit from adopting a more expansive understanding of infrastructure—one that includes not only building roads but also expanding public goods and investing in care workers who sustain the country.

      • Progressive Democrats Face Resistance on Infrastructure

        In perhaps his most ambitious move since taking office, President Joe Biden just unveiled the centerpiece of his economic agenda, a multitrillion-dollar public investment plan for improving the nation’s neglected physical infrastructure and confronting the climate crisis. The first half of the proposal, called the American Jobs Plan, includes billions for traditional infrastructure like roads, bridges, and energy grids, as well as funds to create new infrastructure for electric vehicles and incentivize wind and solar projects.

        A second element of the package, which was omitted from the jobs plan and won’t be introduced until next month, will deal with “care infrastructure,” and is expected to include measures to expand child care, provide paid family leave, and extend the child allowance, among other proposals. Overall, it’s the most ambitious public spending plan the country has seen in decades, and the green stimulus spending itself is five times the amount the Obama administration passed in 2009. The American Jobs Plan is so expansive—from the Protecting the Right to Organize Act to significant investments in home care for the elderly—that it can be difficult to capture its whole scope. At the same time, progressives and activists say the package, which its advocates regard as the best way to pass aggressive climate policy, is not nearly enough.

      • Moth-Eaten Eviction Moratorium Leaves Hundreds of Thousands Without a Roof

        “Raise your hand if you can’t pay rent,” she yelled sharply and resolutely into a microphone. A Spanish translation echoed her words as hands shot up across the crowd. “Now make that into a fist. Because we gotta fight! It’s only when we fight that we can win!” Cheers and hollers muffled by face masks reverberated off the brick facades. Cars honked as they drove by, throwing solidarity fists at the “Cancel Rent” posters lined up along the sidewalk. A woman with a “Food not Rent” banner waved back with encouragement.

      • Nearly Two-Thirds of US Voters Back Corporate Tax Hike to Fund Biden Infrastructure Plan

        Support for the American Jobs Plan's proposed 7% corporate tax increase ranged from 42% among Republicans to 85% of Democrats.€ 

        Roundly rejecting Republican and conservative Democratic lawmakers who oppose President Joe Biden's proposed corporate tax increase to fund the American Jobs Plan, a poll published Wednesday revealed nearly two-thirds of U.S. voters favor higher taxes on businesses to pay for the administration's $2.25 trillion infrastructure and employment legislative proposal.

      • A Manchester Boldly United for a More Equal Metropolis

        All the early indicators are pointing to reversion — and worse. Our richest haven’t just survived the last year. They’ve absolutely thrived. Over the course of the pandemic’s first year, a new Institute for Policy Studies analysis details, the combined wealth of the world’s 2,365 billionaires has soared by an astounding $4 trillion, a 54 percent increase. This explosion of wealth at our global economic summit has come at the same time as the world’s economy was shrinking by 3.5 percent and leaving countless millions in misery.

        The pessimists among us, in short, have plenty of reasons to fear for our collective future.

      • The March Jobs Report and the State of the Recovery [Ed: This is distracting from a distressing "big picture", wherein only about half the working age population can participate in labour]

        Most obviously, the economy created 914,000 jobs in March. In addition, the January and February numbers were revised up by a total of 156,000. There was a decline of 0.1 percentage point in the overall unemployment rate, with the employment to population ratio rising by the same amount. The improvements were pretty much across the board. The unemployment rate for Blacks fell by 0.3 percentage points, the unemployment rate for Hispanics dropped by 0.6 percentage points, and the unemployment rate for workers with just a high school degree fell by 0.5 percentage points.

        But to say things are moving in the right direction does not mean that they are good. We are still down 8.4 million jobs from last February, and if we add in the jobs that should have been created over this period, we are missing more than 10 million jobs. Six percent unemployment means 9.7 million people are looking for work and can’t find it. In addition, another 4.7 million have dropped out of the labor force, either because they have given up hope of finding a job or because family responsibilities in the pandemic are keeping them from working.

    • AstroTurf/Lobbying/Politics

      • Opinion | On Baseball As A Communist Plot: 794 Idiotic GOP Strikes And They're Out
      • A Common Love Lost

        Chicago—Loss is the story of the pandemic. For me, over the past year, that has meant losing a relative to Covid, losing a job, an apartment, health insurance, and a romantic relationship. But there was another loss, a common love lost on the American left, that we haven’t fully grieved. I am reminded of that now because April 8 marks the anniversary of the end of Bernie Sanders’s 2020 campaign.

        Around the time that the first Covid case appeared in Seattle, some friends and I packed a car and drove four hours to Muscatine, Iowa, to campaign for Bernie in the Democratic caucuses. It was January. At a makeshift field office—a detached garage warmed by space heaters—three women volunteers arranged piles of yard signs, canvassing scripts, and clipboards on a plastic folding table. As her mom trained us, a toddler waddled across the cement floor in a blue Bernie onesie and stretched her arms out to us, total strangers. Hours later when, exhausted and frozen, we returned from door-knocking, it was dark. The women were still there, the mom and her baby, too.

      • The Game Has Changed
        If both Theresa May and Boris Johnson had not refused formal requests for a S30 agreement for an Independence referendum, Scotland would already be independent. Alex Salmond was absolutely right yesterday to insist that other paths of democratic legitimacy are open to Scotland, as a referendum is being unreasonably refused. The start of such alternative pathways is this very election and the chance to vote for Alba and demonstrate commitment to this view.

        Indeed, the tactical stupidity of the SNP, in accepting in terms that Westminster has a veto, cannot be overstated. To accept a Westminster veto is logically incompatible with the claim to be a people with the right of self-determination under the UN charter. It thus undermines the argument we need to make to the international community to be recognised as a state. The notion that the Tories will give way and grant an S30, for a referendum they know they will lose, is entirely fanciful. I find it remarkable that some people purport to believe that London will relinquish Scotland’s resources without a tremendous struggle and in the spirit of fair play.

        Here is Alex Salmond’s speech yesterday, on the anniversary of the Declaration of Arbroath, setting out alternative routes to Independence. You will see no fair reflection of this in mainstream media, so I am unapologetic about hosting it on my blog. Alex starts talking about seven minutes in.
      • Yes, Virginia Gubernatorial Candidate Justin Fairfax Just Compared Himself to Emmett Till

        The first televised debate among the five Virginia Democrats running to be the party’s gubernatorial nominee should have been more exciting. It featured a Democratic Socialist (Delegate Lee Carter), a popular, well-funded, fairly centrist former governor (Terry McAuliffe), two Black women (liberal state Senator Jennifer McClellan and progressive Delegate Jennifer Carroll Foy), and finally, the state’s Black Lieutenant Governor, Justin Fairfax, who might have been the front-runner but for two allegations of sexual assault that came out two years ago.

        Polling is scarce, but McAuliffe is leading in every survey anyone knows about. His rivals needed to put him back on his heels—and mostly, they did not. Carroll Foy, the progressive favorite (despite Carter’s DSA credentials), did a lot with stories of her rough childhood, helping her grandmother decide “between paying our mortgage, and medication keeping her alive.” The contrast with the wealthy former governor went unspoken but came out clearly. McClellan, with almost two decades in the legislature, touted her many years of experience and called herself “Harry Byrd’s worst nightmare,” a reference to the racist Democratic boss who ran Virginia politics for decades. McAuliffe bragged about having the most Black support in his race against three Black candidates. Carter talked about his gigs as a Lyft driver, to make the case that he’s the only candidate who knows how tough this Covid economy is.



      • Take It From Boehner, Republicans are Proving They Can't Govern

        From the state house to Congress, the GOP is in a tailspin of horrific disarray, supporting and passing laws to curtail voting rights, discriminate against virtually everyone who doesn’t fit their image of “us” and promoting unfounded hatred and violence against “them.” In the meantime, what’s left of their shattered post-Trump ideology seems incapable of grasping just how deep they are in the whirlpool of rampant hypocrisy.

        Not a single Republican member of Congress voted for the massive COVID relief bill – not one. Why they wouldn’t want to help their own constituents in one of the most difficult periods in the history of the nation remains unknown, although they did blather something about liberal giveaways.

      • ‘We deeply doubt it will help’ Kremlin warns that Ukraine joining NATO would exacerbate Donbas conflict

        Following Ukraine reiterating its desire to take the next step toward joining NATO this week, the Kremlin has warned that this would only exacerbate the conflict in Donbas. Nevertheless, on Wednesday, April 7, Lithuania announced that it will call on its NATO allies to support a Membership Action Plan for Ukraine. This comes amid a growing escalation of the conflict in Donbas, and rising concerns as Russia amasses troops near Ukraine’s border. Though Ukraine doesn’t meet NATO’s membership standards as of yet, the United States has expressed its support for Kyiv’s ongoing efforts to carry out the necessary reforms.

      • Intimidation tactics Open data analysis points to highest concentration of Russian troops near Ukraine’s borders since 2015

        The build-up of Russian troops near the border with Ukraine is the largest concentration seen since 2015, according to a report from the Conflict Intelligence Team (CIT) published by The Insider. Using open source data, CIT’s analysts tracked the movements of Russian troops and determined that they’re headed towards the Crimean Peninsula and the vicinity of Voronezh. According to CIT, these transfers are indicative of strategic military exercises, not local ones. However,€ the analysts also underscored that these aren’t signs that a Russian invasion of Ukraine is imminent.

      • Biden to Ukraine: "Unwavering Support for Euro-Atlantic Aspirations"

        Meanwhile, Secretary of Defense Lloyd Austin called his counterpart in Kyiv. According to the Pentagon readout, “Secretary Austin reaffirmed unwavering US support for Ukraine’s sovereignty, territorial integrity, and Euro-Atlantic aspirations.”

        (See for reference Victoria Nuland’s description of the U.S.’ $ 5 billion investment in regime change in Ukraine as of 2014 as one in its “European aspirations.” The talking point term remains “aspirations.” But no reference to Pentagon aspirations to throttle Russia.)

      • China’s rulers want more control of big tech

        A second set of questions concerns the government’s designs for the firms’ most valuable resource—data. Its objective is to pool data and impose more state ownership and control, which could eventually amount to a kind of nationalisation. The digital firms have built some of the world’s largest and most advanced databases, which assess everything from users’ loan repayments to their friend networks, travel histories and spending habits. Ant alone is said to hold data on more than a billion people, on a par with Facebook and Google, and because of the breadth of services that many Chinese “super-apps” encompass they have a richer picture of users.

        Credit-scoring is the front line of the battle with the government over who controls data. Over the years the People’s Bank of China (PBOC) has made feeble attempts to create a centralised scoring system. Now the central bank appears to have decided to grab more control over those of the tech firms. It has approved two personal-credit companies, most recently in December, in which the technology groups and state-controlled entities hold stakes. The state has so far refrained from explicitly commanding the companies to share data. In China personal data belong to the individual, not companies, so laws would need to change in order for such data to be shared with the government. But that is hardly an insurmountable obstacle for an authoritarian regime.

      • The world is kicking its coal habit. China is still hooked

        China’s affinity for coal, the biggest source of greenhouse gases, may be surprising given the country’s recent pledge to cut emissions to net-zero by 2060. There are, however, other mitigating factors. Local government officials, whose performance is often measured against targets for economic growth, have long used infrastructure projects—especially coal plants—to inflate their GDP figures. In 2020, when China was one of the few countries in the world to register any growth, three-quarters of the coal-fired capacity approved for construction was sponsored by local governments and firms. Regulators did not get in their way. China’s National Energy Administration gave several provinces the nod to approve new coal power plants.

      • US lawmakers suggest letting Taiwan fill void left by Confucius Institutes

        As more Confucius Institutes are shuttered at university campuses across the U.S. due to concerns over Chinese influence, scholars and politicians are advocating getting Taiwan to fill the Mandarin-teaching vacuum. American Institute in Taiwan Director Brent Christensen has said the shift would allow Taiwanese Mandarin instructors to share democratic narratives with American students.

        In a letter addressed to U.S. Education Secretary Miguel Cardona in March, 21 members of Congress suggested having Taiwanese teach Mandarin lessons at universities as a "censorship-free alternative" to Chinese cultural centers. Led by Senator Marsha Blackburn and Representative Michelle Steel, the signatories urged Washington to expand the U.S.-Taiwan Education Initiative and develop more educational programs with Taiwan to meet the demand for Mandarin studies in the U.S.

      • Upcoming RCV Votes for April

        Howie has been involved in organizing for RCV since the election and has been working a lot with the organization Rank the Vote.

    • Misinformation/Disinformation

      • Covid-19: The disinformation tactics used by China

        In response, Beijing has tried to take greater control of what is said about its role in the pandemic - sometimes with questionable tactics.

      • India’s Strict Rules For Online Intermediaries Undermine Freedom of Expression

        The 2021 Rules, ostensibly created to combat misinformation and illegal content, substantially revise India’s intermediary liability scheme. They were notified as rules under the Information Technology Act 2000, replacing the 2011 Intermediary Rules .

        The 2021 Rules create two new subsets of intermediaries: “social media intermediaries” and “significant social media intermediaries,” the latter of which are subject to more onerous regulations. The due diligence requirements for these companies include having proactive speech monitoring, compliance personnel who reside in India, and the ability to trace and identify the originator of a post or message.

        “Social media intermediaries” are defined broadly, as entities which primarily or solely “enable online interaction between two or more users and allow them to create, upload, share, disseminate, modify or access information using its services.” Obvious examples include Facebook, Twitter, and YouTube, but the definition could also include search engines and cloud service providers, which are not social media in a strict sense.

    • Censorship/Free Speech

      • North Carolina State Senators Read Section 230 Completely Backwards, Introduces Laughably Confused Bill In Response

        What is it with state legislators not having anyone around them who can explain to them how Section 230 works, leading them to push incredibly stupid state bills? We've written about both Republicans and Democrats pushing bills to modify Section 230, ignoring how 230 likely pre-empts those attempts (if the 1st Amendment doesn't already).

      • Free Dr. Seuss!

        Shut out of the White House and reduced to a minority party in Congress, Republicans think they have found a path back to power in the unlikely form of The Cat in the Hat. On March 2, Dr. Seuss Enterprises announced it was taking six books written and drawn by the late Theodore Seuss Geisel off the market because “these books portray people in ways that are hurtful and wrong.”

        Republicans were quick to jump on the story. “Now 6 Dr. Seuss books are cancelled too?” Florida Senator Marco Rubio tweeted. “When history looks back at this time it will be held up as an example of a depraved sociopolitical purge driven by hysteria and lunacy,” he proclaimed. A slew of other Republicans rose to defend the allegedly threatened author. With typical smarminess, Texas Senator Ted Cruz tweeted a photo showing Dr. Seuss dominating the Amazon best-seller list. Cruz commented, “Who knew Joe Biden was such a great book seller”—the big lie being that Biden was in any way responsible for the decision of Dr. Seuss Enterprises. On March 24, Republican Congressman John Joyce of Pennsylvania introduced the Grinch Act to, in his words, “safeguard kids’ access to historic stories and characters.”

      • Content Moderation Case Study: NASA Footage Taken Down By YouTube Moderation (2012)

        Summary: NASA's historic landing of a mobile rover on the surface of Mars created many newsworthy moments. Unfortunately, it also generated some embarrassing takedowns of NASA's own footage by YouTube's copyright flagging system, ContentID.

      • Organizations Call on President Biden to Rescind President Trump’s Executive Order that Punished Online Social Media for Fact-Checking

        The organizations, Rock The Vote, Voto Latino, Common Cause, Free Press, Decoding Democracy, and the Center for Democracy & Technology, pressed Biden to remove his predecessor’s “Executive Order on Preventing Online Censorship” because “it is a drastic assault on free speech designed to punish online platforms that fact-checked President Trump.”

        The organizations filed lawsuits to strike down the Executive Order last year, with Rock The Vote, Voto Latino, Common Cause, Free Press, and Decoding Democracy’s challenge currently on appeal in the U.S. Court of Appeals for the Ninth Circuit. The Center for Democracy & Technology’s appeal is currently pending in the U.S. Court of Appeal for the D.C. Circuit. (Cooley LLP, Protect Democracy, and EFF represent the plaintiffs in Rock The Vote v. Trump.)

        As the letter explains, Trump issued the unconstitutional Executive Order in retaliation for Twitter fact-checking May 2020 tweets spreading false information about mail-in voting. The Executive Order issued two days later sought to undermine a key law protecting internet users’ speech, 47 U.S.C. €§ 230 (“Section 230”) and punish online platforms, including by directing federal agencies to review and potentially stop advertising on social media and kickstarting a federal rulemaking to re-interpret Section 230. From the letter:

      • Twitch Outlines Policy to Address Severe Misconduct That Happens Off-Service

        For actions that occur entirely off the platform, the company will now enforce "against serious offenses that pose a substantial safety risk to the Twitch community."

      • Twitch will ban people for harassment, even when it doesn’t happen on the site

        Twitch is bringing on a third-party law firm to assist with off-platform investigations. “These investigations are vastly more complex and can take significant time and resources to resolve,” the company wrote in a blog post. “For behaviors that take place off Twitch, we must rely more heavily on law enforcement and other services to share relevant evidence before we can move forward.” A spokesperson for the company declined to give the name of the law firm.

      • Twitch will now start banning users for what they do offline

        The updated policy will mean that those using the livestreaming platform could find themselves in trouble for harassing people face-to-face or on a social media platform such as Twitter or Facebook. The misconduct policies that the company introduced earlier this year will remain in place, but with its new expanded policies, Twitch might just going to a place no social media company has gone before.

    • Freedom of Information/Freedom of the Press

    • Civil Rights/Policing

      • Fourth Circuit Appeals Court Takes Aim At Police Officers' 'Training And Expertise' Assertions

        It doesn't happen often, but it's always good to see a federal court push back against claims of "training and expertise." This phrase is often used to excuse rights violations and horrendous judgment calls -- somehow asserting that the more cops know, the less they should be held directly responsible for their acts.

      • Opinion | Will the United States Ever Become a Strong Nation for the Common Good?

        Even more transformative than the particular components is Biden's back-to-the-future method of paying for the Rebuild America agenda: returning to highly progressive taxation.

        It's time for America to go back to the future — a future of true greatness created by a people united to build a strong nation for the Common Good.

      • Equality
      • How eliminating private prosecution will help domestic violence victims in Russia

        Russia’s Supreme Court has submitted a draft law to the State Duma on eliminating so-called “private prosecution,” wherein criminal proceedings are launched by victims, who are then expected to gather evidence and lay charges in the case themselves (as opposed to law enforcement agencies doing it for them). Currently, Russia has three felony statutes that allow private prosecution, two of which often apply to domestic violence incidents. To find out more about how this amendment will affect the prosecution of domestic violence cases and whether it will help protect victims, Meduza spoke to the lawyer Maria Davtyan, the co-author of a bill on preventing domestic violence.

      • Moscow court lifts house arrest for some of Navalny’s associates

        The Moscow City Court has granted the appeals of four defendants in the so-called sanitary case, releasing them from house arrest and placing them under alternative preventive measures, the court’s press service told Meduza on Wednesday, April 7.

      • Prison doctors diagnose Alexey Navalny with two herniated discs

        Doctors at Pokrov’s Penal Colony No.2 told Alexey Navalny that his MRI results revealed two herniated discs, the opposition politician’s lawyer, Olga Mikhailova, told TV Rain on Wednesday, April 7.

      • Navalny’s lawyer denies reports that the he was moved from Pokrov prison

        A local news outlet in the Vladimir region has reported that jailed opposition politician Alexey Navalny has been transferred out of Pokrov’s Penal Colony No. 2. This report has yet to be officially confirmed.€ 

      • Biden Pushed to Permanently Scrap 'Trump's Xenophobic and Racist Wall'

        "The wall doesn't even begin to address any of the injustices plaguing the borderlands. It's nothing but a political prop for the GOP. Biden must stop it for good."

        Although President Joe Biden vowed on the campaign trail to stop the construction of the southern border wall promoted by his predecessor, the White House as of this week has not yet asked Congress to revoke the project's funding, and a Cabinet member reportedly admitted that the administration may still authorize additional work to fortify some unfinished sections of the barrier, including installing surveillance technologies in certain areas.

      • Opinion | Please Stop Calling Humans Seeking Safety a 'Border Crisis'

        People escaping violence have a right to seek safety. If they can’t, that’s the real crisis.

        Over the last several weeks, Customs and Border Protection (CBP) has reported a rise in the number of migrant children seeking refuge in the United States.

      • Can Biden Fix the Courts That Trump Broke?

        When President Joe Biden finally took the oath of office on January 20, he inherited not merely the White House, the nuclear codes, and the reins to the most powerful government on earth, but also a mess. 1

        The fact of that mess wasn’t altogether unusual. It’s become something of a trend in recent decades for Republicans, who don’t think government can work, to spend their years in power breaking it in order to fulfill their own prophecy; it then falls to Democrats to spend their years in power fixing what Republicans destroyed. 2

      • Living in a Country Haunted by Death

        In his sermon, Dr. King openly wrestled with a thorny problem: how to advance nonviolent struggle among a generation of Black youth whose government had delivered little but pain and empty promises. He told the parishioners of Riverside Church that his years of work, both in the South and the North, had opened his eyes to why, as a practitioner of nonviolence, he had to speak out against violence everywhere — not just in the U.S. — if he expected people to take him at his word. As he explained that day:

        A Global Pandemic Cries Out for Global Cooperation

      • “This Agreement Protects Jobs”: Four Unions at Rutgers University Reach Historic Deal to End Layoffs

        After a year of layoffs, cuts and austerity, the faculty and staff of four unions at Rutgers University have voted in support of an unusual and pioneering agreement to protect jobs and guarantee raises after the school declared a fiscal emergency as a result of the pandemic. A key part of the deal is an agreement by the professors to do “work share” and take a slight cut in hours for a few months in order to save the jobs of other lower-paid workers. “The historic nature of this agreement is that it encompasses all four unions,” says Christine O’Connell, president of the union representing Rutgers administrators. “This agreement protects jobs.” We also speak with Todd Wolfson, president of the Rutgers Union of graduate workers, faculty and postdocs, who says the unions’ core demand was stopping further layoffs. “That core demand was met, and there’s no layoffs through the calendar year and into next year.”

      • Retired Black NYPD Detective: Derek Chauvin Trial Highlights “Race-Based” Police Brutality Problem

        This week at the trial of former Minneapolis police officer Derek Chauvin, numerous members of the Minneapolis Police Department have taken the stand and testified that Chauvin violated policy by kneeling on Floyd’s neck for nine-and-a-half minutes, and the emergency room doctor who tried to save Floyd’s life said his chances of living would have been higher if CPR had been administered sooner. The trial is putting a spotlight on “the disproportionate killing of Black people by police” in the United States, says Marq Claxton, a retired New York Police Department detective who is now director of the Black Law Enforcement Alliance. He argues that until police officers are arrested, charged and convicted for such killings, “these tragedies will continue to occur.”

      • The UK’s Official Report on Racism is a Travesty

        The setting-up of the Commission on Race and Ethnic Disparities (CRED, a sardonic appellation worthy of George Orwell’s 1984) by Boris “BoJo” Johnson was a version of an age-old strategy, namely, appoint a commission of trusties who can then be guaranteed to deliver a whitewash (even though the 10-person commission had only 1 white member).

        The 258-page report, commissioned last year and published last Wednesday, came to conclusions that beggared belief and prompted widespread public derision. A sample of CRED’s conclusions:

      • The EU Online Terrorism Regulation: a Bad Deal

        Ideas such as this one have been around for some time already. In 2016, we first wrote about the European Commission’s attempt to create a voluntary agreement for companies to remove certain content (including terrorist expression) within 24 hours, and Germany’s Network Enforcement Act (NetzDG) requires the same. NetzDG has spawned dozens of copycats throughout the world, including in countries like Turkey with far fewer protections for speech, and human rights more generally.

        Beyond the one hour removal requirement, the TERREG also contained a broad definition of what constitutes terrorist content as “material that incites or advocates committing terrorist offences, promotes the activities of a terrorist group or provides instructions and techniques for committing terrorist offences”.€ € 

        Furthermore, it introduced a duty of care for all platforms to avoid being misused for the dissemination of terrorist content. This includes the requirement of taking proactive measures to prevent the dissemination of such content. These rules were accompanied by a framework of cooperation and enforcement.€ 

      • 4th Circuit panel rejects rights to travel and to due process

        In one of the worst court decisions on the right to travel since Gilmore v. Gonzales,€  a three-judge panel of the 4th Circuit Court of Appeals has reversed the decision of a U.S. District Court that€  the U.S. government’s system of extrajudicial administrative blacklists (euphemistically and inaccurate called “watchlists” although the consequences for the people who are listed include much more then merely being “watched”) is unconstitutional.

        The decision comes in a class-action lawsuit brought on behalf of blacklisted Muslim€  American travelers in 2018 by the Council on American Islamic Relations (CAIR). It folows a disturbing trend of decisions in similar cases by courts in the 6th Circuit and the 10th Circuit.

        According to Gadeir Abbas, the CAIR attorney who has led the national campaign of lawsuits (many others of which are still pending) against post-9/11 blacklists, CAIR plans to petition for “rehearing en banc” by the 4th Circuit Court of Appeals:

      • Amazon Union Election Attracted 3,215 Voters, Union Says

        If the winning margin in the count exceeds the challenged ballots, a victor will be declared. If not, the National Labor Relations Board will hold a hearing to determine the validity of challenged ballots and add those deemed acceptable to the final tally. Both sides also have an opportunity to contest the election before the NLRB certifies it as final.

    • Internet Policy/Net Neutrality

      • The Trump DOJ/FCC 'Fix' For The Crappy T-Mobile Merger Isn't Looking So Hot

        Economists repeatedly warned that the biggest downside of the $26 billion Sprint T-Mobile merger was the fact that the deal would dramatically reduce overall competition in the U.S. wireless industry. Data from around the globe clearly shows that the elimination of one of just four major competitors sooner or later results in layoffs and higher prices due to less competition. It's not debatable. Given U.S. consumers already pay some of the highest prices for mobile data in the developed world, most objective experts recommended that the deal be blocked.

      • Driven Mad By Its Hatred For Big US Internet Companies, French Government Implements EU Digital Services Act Before It Even Exists

        The future Digital Services Act (DSA), dealing with intermediary liability in the EU, is likely to be one of the region's most important new laws for the online world. At the moment, the DSA exists only as a proposal from the European Commission. In due course, the European Parliament and the EU's Member States will come up with their own texts, and the three versions will ultimately be reconciled to produce legislation that will apply across the whole of the EU. As Techdirt reported last month, the Commission's ideas are something of a mess, and the hope has to be that the text will improve as the various arms of the EU start to work on it over the coming months.

    • Monopolies

      • U.S. Fires Back at Facebook’s Move to Kill Monopoly Lawsuit

        The suit initiated last year under the Trump administration makes a valid claim that Facebook holds monopoly power over personal social networking in the U.S. and maintains it by “acquiring competitive threats and deterring or hindering the emergence of rivals,” the FTC said in a filing late Wednesday in Washington federal court.

        The FTC’s request is the latest exchange at the start of a high-stakes battle over Facebook’s future -- its attempt to hold onto Instagram and WhatsApp and to defeat the government’s attempt to force a breakup. The filing is a response to Facebook’s argument last month that the FTC is attempting a “do-over” by trying to unwind acquisitions that won regulatory approval years ago.

      • Amazon is snapping up disused shopping malls and turning them into fulfillment centers

        Malls that buckled due to e-commerce or suffered during the pandemic are being given new life by the very entity that precipitated their decline — Amazon.

        Over the last several months, the retail giant has gone on a shopping spree of its own, buying up disused malls across the country and turning them into distribution centers.

      • Colorado Denied Its Citizens the Right-to-Repair After Riveting Testimony

        A right-to-repair bill died in the Colorado state legislature on March 25, 2021. After almost three hours of testimony from business leaders, disabled advocates, and a 9-year-old activist, legislators said there were too many unanswered questions and that the proposed law was too broad.

        Half the country is now considering right-to-repair laws. As electronics have become a more important part of people’s lives, tech companies have attempted to tighten the control over how we use their devices.

      • FOSS Patents: Epic Games and Apple file proposed findings of fact and conclusions of law: 688 pages in total

        We're only three weeks and a half away from the kickoff of the Epic Games v. Apple App Store antitrust trial in Oakland (Northern District of California). The parties just filed their proposed findings of fact and conclusions of law around midnight Pacific Time. Knowing that many of my readers in many different time zones may be interested in taking a look at these documents, I'm making them available now. It will, of course, take me some time to digest and comment on them, and I can't even predict how many blog posts (whether just one follow-up post or a whole bunch) will be needed as it depends on how interesting the information I discover in those "books" turns out to be.

      • FOSS Patents: In its latest court filing, Apple gives the term "commission" a new meaning unsupported by dictionary definitions and commercial reality

        Sooner than I would have thought when I publshed the latest Epic Games v. Apple filings (688 pages in total), I already feel an irresistible urge to comment on something because it is just intellectually dishonest.

        There's nothing wrong per se with Apple comparing the iOS app distribution situation to the old days of software publishing: I, too, remember the "shrink-wrapped software" business. You can find some game credits from the mid to late 1990s that list me in sales & marketing and localization functions (Warcraft II: Tides of Darkness, Starcraft, Diablo). In 1996, I served on the board of the Software Publishers Association (SPA) Europe, and even though the World Wide Web existed at the time, we were all still selling software in boxes. Apple accurately notes that consumers "had to drive to the store, find it on the shelf, buy it in the shrink-wrapped box, and load it up onto their device." It's also plausible that, according to Apple pointing to his testimony, Epic CEO Tim Sweeney "found it difficult to sell games through traditional retail channels in the early 1990s." At the same time, I also dealt with publishers, distributors, and retailers. I had to negotiate discounts, cooperative advertising allowances, or grant early-payment discounts when payments would actually arrive only months later, making mockery of the term. It wasn't a land of milk and honey for sure (though at least you had multiple retailers and not just one per platform)--and Apple has every right to point that fact out.

        But there's everything wrong with Apple's reality distortion field. Let's have this debate. Let's talk honestly about how software distribution changed over the course of time. But if we want to have an honest conversation, then we must face the facts, including those facts that don't support Apple's App Store feudalism.

      • FOSS Patents: Full text of the injunction Epic Games is seeking against Apple's App Store terms and policies

        Earlier today I published the findings of fact and conclusions of law that Epic Games and Apple propose. Also, I had just read a few dozen pages when I already found something so outrageously misleading in Apple's filing that I just had to comment on it.

        By now I've read both documents cursorily (to my own surprise, not feeling dizzy yet), and I've shared a number of observations and tidbits on Twitter. All in all, I'm favorably impressed--and not just because I am myself at loggerheads with Apple over its App Store terms and policies--by how compelling Epic's case is. I'd like to draw a comparison to the FTC's case against Qualcomm in 2019. The FTC's strength was all that testimony from smartphone and chipset makers--but the FTC's lawyers hardly elicited any major concessions from Qualcomm's current and former employees, all of whom stayed very much on message and denied everything but the absolutely undeniable. Relatively speaking, the most useful statements by Qualcomm executives that the FTC found were in a transcript of an IRS interview with Qualcomm. Epic's lawyers, however, have managed to get Apple players to confirm key facts. Also, from what I can see so far, Epic is in far better shape than the FTC was with respect to economic expert testimony.

        It's a euphemism to label Apple's security and privacy arguments as "pretextual."

      • Partners reveal how they hone junior litigator talent
      • Patents

        • Valuation and Licensing of Standard Essential Patents in a British Context [Ed: A worrying parade of patent trolls (or trolling proxies) across Europe and the UK in particular. We know who profits from this mess -- firms like this author's]

          In the aftermath of the landmark decision ‘Unwired Planet vs Huawei’, a series of other FRAND litigations have followed suit. Cases such as Conversant vs ZTE/Huawei, Philips vs TCL, TQ Delta v ZyXel or Optis v Apple pertain equally to the licensing of standard essential patents.

          From an economic perspective this raises the question as to how the British Courts may want to continue addressing the valuation of standard essential patents. To shed further light on this question, this article offers a short overview of key valuation and principles. These reflect the state of play of English law and also found their application in the Unwired Planet vs Huawei Court.

          In Unwired Planet vs Huawei two principal methods were applied to determine the FRAND royalty rate. The Top Down Approach and the Comparable licenses approach served as the toolkits to come to grips with the FRAND value of standard essential patents. The Top Down Approach seeks to determine the aggregate royalty rate for patents that read on a given standard. As such, the method lends itself well to understand the value of given standard essential patents (SEPs) in relation to the entire standard. The advantage of the method is that it helps mitigate the peril of royalty stacking. Royalty stacking describes the risks associated with a potential cumulative royalty rate a licensee may have to bear if it were to pay respective licensing rates also to all other holders of patents that read on a given standard. In Unwired Planet vs Huawei the Court recognized that even the hypothetical risk of a royalty stack can jeopardize the FRAND-ness of a licensing rate.

        • Allen & Overy hires Life Science Litigator from Hogan Lovells [Ed: Site funded by litigation giants posts marketing plug/spam for litigation giants, hardly even pretends to be a news site anymore]
        • An IP guide to winning investors for biotech start-ups [Ed: Site funded by litigation giants perpetuating an old lie/myth, show below]

          To get investors, they need patents. To get patents, they need money.

        • Broad Files Motion Opposing CVC Motion for Misjoinder of Inventorship under 35 U.S.C. €§ 102(f) [Ed: Why does the ambition of patenting life itself even getting the time of day? Clear abuse of patent law.]

          Last December, Junior Party University of California/Berkeley, the University of Vienna, and Emmanuelle Charpentier (hereinafter, "CVC") filed its Substantive Motion No. 3 under 37 C.F.R. ۤ 41.121(a)(1) asking for judgment of unpatentability for all claims in interference under 35 U.S.C. ۤ 102(f) or (if post-AIA) 35 U.S.C. ۤ 115(a) for "failure to name all inventors of the alleged invention" against Senior Party The Broad Institute, Massachusetts Institute of Technology, and Harvard University (hereinafter, "Broad") in Interference No. 106,115. In support of its motion, CVC argued that Broad deliberately misidentified the inventors on its involved patents and applications in the interference. These allegations were based on differences between the named inventors in the patents- and applications-in-interference and the inventors named in a declaration by the Broad's patent attorney during a European opposition (EP 277146); it may be recalled that such irregularities involving a Rockefeller University inventor (Dr. Luciano Marraffini) not named in the European application were the basis for that patent to be invalidated (see "The CRISPR Chronicles -- Broad Institute Wins One and Loses One"). Proper inventorship is important in the interference, inter alia, because the Board needs to know whose testimony can corroborate and whose needs to be corroborated under interference practice, where the uncorroborated testimony of an inventor is given no weight; see, Kolcraft Enters. v. Graco Children's Prods., Nos. 2018-1259, 2018-1260, 2019 U.S. App. LEXIS 19751 (Fed. Cir. July 2, 2019).

          [...]

          Another deficiency Broad alleges in CVC's motion is that CVC did not perform any ("zero") inventorship analysis; Broad argues that "the appropriate legal test for inventorship barely makes a cameo appearance in CVC's motion—if you blink you'd miss it" before setting forth its objections to CVC's inventorship arguments with particularity. These include not construing the claims and not providing factual support for why certain individuals were not named as inventors in a "claim-by-claim, element-by-element comparison." Rather, CVC improperly relied on Mr. Kowalski's declaration in the European Opposition which was not directed at the issues CVC used it to support, according to the brief. Broad uses Mr. Bailey's complaint that performing this analysis would have been a "mammoth task" to argue that the remedy CVC requests -- invalidating all of the involved claims in all of the involved patents -- requires performance of this task no matter how "mammoth' it may be in scope. Of course, Broad further argues that such a proper analysis assessment would have found no error (thus providing a reason why CVC didn't make the argument).

          The brief also notes that CVC "both relies upon and rejects Kowalski's inventorship analysis," calling this treatment "inconsistent" and providing specific examples. The brief also argues that CVC does not provide support for its allegations that Mr. Kowalski's declaration should be considered conclusive, other than treating the declaration as a "judicial admission." Which it is not, Broad argues, because it fails the definition that a judicial admission is a "formal statement[] of fact made in judicial proceedings that have the effect of deeming facts conclusively established, eliminating the need for proof," citing Barnes v. Owens-Corning Fiberglas Corp., 201 F.3d 815, 829 (6th Cir. 2000), as well as failing the definitional evidentiary tests used to establish a judicial admission.

        • Todos Medical gets notice of allowance from European Patent Office
        • Medlab Clinical’s (ASX:MDC) NanoCelle awaits European patent
        • Immutep Announces European Patent Grant For LAG525 Antibody In Combination Therapy
        • Pending Opposition Case with the EPO Raises Caution Over Generalized Assignment Language Within Employment Agreements [Ed: Patents are for large corporations, not for inventors]

          The year 2020—and now 2021—has been a busy year for the European Patent Office (EPO) as it works through several oppositions and appeals involving a number of CRISPR patents belonging to The Broad Institute, Inc., Harvard College, and the Massachusetts Institute of Technology (hereinafter “Patentee”). The EPO Boards of Appeal has already revoked a patent applied for by the Patentee for failing to list all of the inventors from a priority application. See author’s previous blog post here. However, there is a pending opposition case with the EPO (application EP 2825654) which involves a potential priority issue that applicants should be aware of in cases where an employment contract or agreement has included a generalized provision requiring the assignment of all future rights stemming from an inventor’s inventions to the employer.

        • InDex Pharmaceuticals gets patent for additional DIMS compounds granted in Europe
        • Medlab Clinical to be granted European patent for NanoCelle drug delivery platform
        • Auris Medical is trading higher on patent win
        • Allowance by Entity Size [Ed: Large corporations and monopolists with the USPTO in their back pockets (and sometimes their own staff in charge) dominate the system]

          The chart above is an update on yesterday’s data that also includes patent applicant entity size status (Large, Small, Micro). Large entities substantially outperform their counterparts in terms of allowance rates.

        • Software Patents

          • Another look at USPTO Allowance Rate

            Here is a different look at the USPTO grant rate that looks at two numbers for each quarterly period: how many patents issued, and how many applications were abandoned. These can be added together as a total number of applications disposed-of during the period. The percentage reported in the chart below is the percent of patents out of that total disposal.

            [...]

            One caveat on this data. I only used published applications because those records are open. Unpublished applications tend to have a somewhat lower allowance rate.

          • Fintech trends and tribulations [Ed: Push for bad old software patents using buzzwords like "Fintech"]
      • Trademarks

      • Copyrights

        • Rojadirecta Wins Lawsuit Against News Agency Over Inaccurate Anti-Piracy Reporting

          Popular sports streaming site Rojadirecta has won a lawsuit against reputed news agency Europa Press. Based on information provided by copyright holders, the Spanish news service inaccurately reported that the site was declared illegal by a Danish court. Europa Press was ordered to print a prominent rectification and must also pay the costs of the proceeding.

        • Sky Wins Injunction to Stop Reddit Moderator Sharing Pirated TV Shows

          UK broadcaster Sky has won a court injunction to prevent links to its TV shows from being illegally shared online. Handed down by a court in Scotland, the interim order targets a man who moderated several TV-focused communities on Reddit while raising funds through Patreon and PayPal.

        • TorrentFreak Continues To Get DMCA Takedown Notices Despite Not Hosting Infringing Material

          It's no secret that TorrentFreak, a mainstay news site covering copyright and filesharing issues, gets more than its fair share of errant DMCA takedowns and other wayward scrutiny. This is almost certainly a function of the site's chosen name, though the sheer volume of mistaken targeting of the site also serves as a useful beacon for just how bad policing copyright has become. If you can't get past a news site having the word "torrent" in its name, then we should probably all admit we're operating at a very silly level of IP enforcement.

        • What Movie Studios Refuse to Understand About Streaming

          Back in the ‘30s and ‘40s, the problem was that the major film studios—including Warner Bros. and Universal which exist to this day—owned everything related to the movies they made. They had everyone involved on staff under exclusive and restrictive contracts. They owned the intellectual property. They even owned the places that processed the physical film. And, of course, they owned the movie theaters.

          In 1948, the studios were forced to sell off their stakes in movie theaters and chains, having lost in the Supreme Court.

          The benefits for audiences were pretty clear. The old system had theaters scheduling showings so that they wouldn’t overlap with each other, so that you could not see a movie at the most convenient theater and most convenient time for you. Studios were also forcing theaters to buy their entire slates of movies without seeing them (called “blind buying”), instead of picking, say, the ones of highest quality or interest—the ones that would bring in audiences. And, of course, the larger chains and the theaters owned by the studios would get preferential treatment.

        • Supreme Court Finds Google’s Use of Oracle’s Java Code in Android Operating System to Be Fair Use
          On April 5, 2021, the Supreme Court of the United States held that Google’s use of certain Java Application Programming Interfaces (API) in its Android operating system was not copyright infringement and instead constituted fair use of Oracle’s Sun Java API because Google used “only what was needed to allow users to put their accrued talents to work in a new and transformative program.” In its decision, the Supreme Court articulated important policy considerations underlying its decision, noting that, “given programmers’ investment in learning the Sun Java API here would risk harm to the public. Given the costs and difficulties of producing alternative APIs with similar appeal to programmers, allowing enforcement here would make of the Sun Java API’s declaring code a lock limiting the future creativity of new programs” and interfere with the basic objectives of copyright law. In sum, the Supreme Court relied on policy considerations relating to the ability of programmers to use existing code to support the interoperability of software, a common practice that many in the industry advocated as a practice necessary to sustain the feasibility of mobile computing.



Recent Techrights' Posts

Brittany Day Can Rest and Let Microsoft/Chatbots Write Fake 'Articles' About "Linux" This Christmas
Who said people don't work on Christmas? Chatbots or plagiarism-as-a-service work 24/7, every day of the year except during Microsoft downtimes
 
[Meme] Time to Also Investigate Bill Gaetz
Investigation overdue
Microsoft Openwashing Stunts Initiative (OSI) is A Vulture in "Open" Clothing
it's quite telling that the OSI isn't protecting the Open Source Definition
IBM Has Almost Obliterated or Killed the Entire Fedora Community (Not IBM Staff)
Remaining Fedora insiders are well aware of this, but bringing this up (an "accusation" against IBM) might be a CoC violation
Links 25/12/2024: Fentanylware (TikTok) Scams and "Zelle Scams Lead to $870M Loss"
Links for the day
Links 25/12/2024: Windows TCO Brought to SSH, Terence Eden 'Retires'
Links for the day
Gemini Links 25/12/2024: Reality Bites and Gopher Thanks
Links for the day
Links 25/12/2024: Latest Report Front Microsoft Splinter Group, War Updates
Links for the day
Links 25/12/2024: Hong Kong Attacks Activists During Holidays, Xerox to Buy Lexmark
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 24, 2024
IRC logs for Tuesday, December 24, 2024
Gemini Links 25/12/2024: Open Source Social and No Search
Links for the day
Brittany Day Connects Windows Ransomware to "Linux" Using Microsoft LLMs (FUD Galore, Zero Effort, No Accountability)
FUD and misinformation made by Microsoft LLMs again?
Links 24/12/2024: Labour Strikes and TikTok Scrambling to Prop Up Radical Politicians That Would Protect TikTok
Links for the day
Where the Population is Controlled by Skinnerboxes Inside People's Pockets (or Purses)
A very small fraction of mobile users practise or exercise freedom/control over the skinnerbox
[Meme] Coin-Operated Publishers (Gaming the Message, Buying the Narrative)
Advertise (sponsor) to 'play'
Advertisers and Their Covert Impact on Publications' Output (or Writers' Topics of Choice, as Assigned or Approved by Editors)
It cannot be trivially denied that sponsorship in the form of "advertising" impacts where publishers go (or don't go, won't go)
Terrible Year for Microsoft Windows in Cyprus
down from 86% to 72% since January
[Meme] How to Kill Unions (Staff on Shoestring Budget Cannot Afford Lawyers)
What next for the EPO? "Gig economy"?
The EPO's Staff Union (SUEPO) Takes Legal Action to Rectify the Decrease in Wages (Lessening of Purchasing Power)
here is what the union published
Gemini Links 24/12/2024: Deedum Gemini Client Gets Colour Support, Advent of Code 2024
Links for the day
Microsoft Windows Slides to New Lows in Colombia
Now Windows is at an all-time low
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, December 23, 2024
IRC logs for Monday, December 23, 2024
A Strong and Positive Closing for the Year's Last Week
In a lot of ways this year was a good one for Free software
Feels Too Warm for Christmas
Christmas is here, no snow in sight
Links 23/12/2024: 'Negative Time' and US Arms Taiwan Again
Links for the day
Links 23/12/2024: The Book of Uncommon Beings, Squirrels, and Slop Ruining Workplaces
Links for the day
Links 23/12/2024: North Korean Death Toll in Russia at ~1,100, Oligarch Who Illegally Migrated/Stayed (Musk) Shuts Down US Government
Links for the day
The World's 'Richest Country' Chooses GNU/Linux
This has gone on for quite some time
Richard Stallman on Love
Richard Stallman's personal website includes a section that lists three essays on the subject of love
Apple's LLM Slop Told Us Luigi Mangione Had Shot Himself, BetaNews Used LLMs to Talk About a Dead Linus Torvalds
They can blame it on some bot
Microsoft, Give Me LLM Slop About "Linux" and "Santa", I Need Some Fake Article...
BetaNews is basically an LLM slop site
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, December 22, 2024
IRC logs for Sunday, December 22, 2024