Bonum Certa Men Certa

Links 5/7/2021: NuTyX 21.07.2 is Out, Audacity 3.0 Has Spyware Scandal



  • GNU/Linux

    • 9to5Linux Weekly Roundup: July 4th, 2021

      This has been a great week for Linux news and releases as we got a new Linux gaming laptop from TUXEDO Computers, new releases of the KDE-oriented Nitrux and KaOS Linux distros, as well as new release of System76’s Pop!_OS Linux and Deepin Linux distributions.

      On top of that, we got a bunch of updated software, starting with the GNU Linux-libre kernel and continuing with the Mixxx DJ app, OpenZFS implementation of ZFS for Linux, Ardour DAW app, and Darktable RAW image editor. You can enjoy these, and much more in 9to5Linux’s Linux weekly roundup for July 4th, 2021, below!

    • Kernel Space

      • Latest Patches Sent Out For Adding Rust Support To The Linux Kernel

        This US Independence Day a revised set of patches were mailed out providing support for Rust as a secondary programming language within the Linux kernel for areas where increased security and memory safety are of utmost importance. The set of 17 patches plumb the Linux kernel with initial support, an example driver, and in total amount to more than 33k lines of new code in its early form.

        Miguel Ojeda who has been leading the "Rust for Linux" effort - and now funded by Google for this project - to allow this programming language to be used in the kernel sent out these patches. While the 5.14 kernel merge window is happening at the moment, this wasn't labeled as a pull request and will presumably not land until a later cycle. This succeeds the "request for comments" patches sent out in April.

      • Linux 5.14 Picks Up Support For New Sound Hardware, Including Alder Lake M - Phoronix

        Linux 5.14 is ready to begin supporting some new sound hardware while some recently proposed USB audio latency improvements were rejected for now.

        The sound subsystem updates were sent in on Friday. As written about last month there has been work on lowering the latency for the USB audio driver. While sent in as part of Friday's merge request, Linus Torvalds ended up rejecting that change. After pulling the changes he was getting a hang on one of his systems. There is already a possible fix pending so we'll see if the USB latency audio reduction work is re-sent in next week for Linux 5.14 or held off until 5.15.

      • Linux Gets New Thermal Driver Code Ahead of Alder Lake - Phoronix

        The thermal subsystem updates for the Linux 5.14 kernel include more work on Intel's int340x driver that is used by newer Intel laptops for dealing with their varying thermal control capabilities and exposing more thermal information to user-space for use by Intel's Thermal Daemon (Thermald). This cycle the work includes a new driver that will be used by next-gen Alder Lake SoCs.

    • Applications

      • Ardour 6.8 Released With A Bunch of New Features and Bug Fixes

        The Ardour team brings a surprise with Ardour 6.8 release. We round up the features in this post.

      • The best free Audacity Alternatives

        All alternatives listed below lack at least one of the main characteristics of Audacity. They are either only available for one operating system, e.g. Windows, not open source, don't offer the same set of core features, or lack in other departments.

      • Audacity 3.0 called spyware over data collection changes by new owner

        Audacity, the well-known open-source audio-editing software, has been called spyware in a report, with privacy policy changes revealing the tool is collecting data on its users and sharing it with other firms, as well as sending the data to Russia.

        Audacity was acquired by Muse Group in May, a company that also controls Ultimate Guitar, MuseScore, and Tonebridge. Since the purchase of Audacity, changes have been discovered in online support documents indicating that it is being used to perform data collection on its users.

        The privacy policy page for Audacity was updated on June 2, reports Fosspost, with some additions relating to the collection of personal data. Specifically, that the app collects a variety of details relating to the users Mac.

        The list of data includes the operating system and version, the user's country based on their IP address, non-fatal error codes and messages, crash reports, and the processor in use. Under data collected "for legal enforcement," the software collects "data necessary for law enforcement, litigation, and authorities' requests (if any)," though no specifically what data is collected in such cases.

      • Best Free Alternatives to YouTube

        Our recommended open source solution is PeerTube, This aims to be a decentralized and free/libre alternative to video broadcasting services. It’s powered by ActivityPub and WebTorrent. There’s no vendor lock-in. PeerTube allows you to upload your videos to a platform that you choose by yourself. And each community can help each other by caching one another’s videos. Each platform has its own terms of service, moderation and federation policies.

        The service offers video streaming including live streaming. Users can follow their favorite channels from PeerTube without having to create an account. There’s no mining your data!

        WebTorrent Desktop is a peer-to-peer (P2P) streaming torrent client for node.js and the web browser. The app never sends any personally identifying information, nor does it track which torrents you add.

        It bridges the two networks of WebRTC-based WebTorrent and TCP/UDP-based BitTorrent simultaneously. While WebTorrent isn’t limited only to video it’s the software’s main focus. It’s fast, offers the ability to download multiple torrents simultaneously, and exposes files as streams.

        This cross-platform streaming app is written in JavaScript.

      • Element: A Cross-Platform Decentralized Open-Source Messaging App

        There are many open-source messaging applications available, especially if you are looking for WhatsApp replacements on both desktop and mobile.

        Element is one of them, which is a decentralized alternative for private messaging that you can use to interact with individuals, communities, or businesses.

    • Instructionals/Technical

      • How To Install cPanel on CentOS 8 - idroot

        In this tutorial, we will show you how to install cPanel on CentOS 8. For those of you who didn’t know, cPanel is a widely used commercial hosting control panel for hosting services that provide more secure and easy to manage options. It is designed for hosting needs and used by most of the hosting companies for dedicated hosting, semi-dedicated hosting, shared hosting as well as cloud VPS hosting providers. cPanel comes with a Web Host Manager (WHM), which makes web hosting easier for web admins as it provides a root and reseller level access interface, where users can manage settings related to server administration and account management. This is while cPanel offers a user-level access interface to manage a web hosting account on the server.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the cPanel control panel on a CentOS 8.

      • How To Download openSUSE using Metalink

        Most operating systems can be downloaded in several ways we can choose which are usualy direct links and torrents. Unique among them, openSUSE is one that can be downloaded in another way which is called Metalink. It is a way of download, a technology, that joins direct links, mirrors and torrents in one to improve download speed and fix errors automatically. If you want to download this way, even for stuffs other than openSUSE, then this article is for you. What I can tell you as a daily torrent downloader is that Metalink is really fast. Now let's try.

      • How To Install Python TensorFlow On Centos 8

        Make sure you have Python 3.5+ installed on your system.

      • How to Install Rocky Linux 8.4 Step by Step

        CentOS 8 is reaching EOL (End Of Life) by the end of this year, 2021, and a few Linux distributions have been floated as formidable CentOS alternatives.

        Among them is Rocky Linux, which is a fork of CentOS and 100% binary compatible with RHEL. In a previous guide, we introduced Rocky Linux 8.4 and how to download it. We have also touched on how you can migrate from CentOS 8 to Rocky Linux 8.4.

      • How to Install Ansible AWX on Kubernetes Minikube

        Hello Geeks, I hope you are aware about Ansible AWX, if not then Ansible AWX is a Web based GUI tool for managing ansible playbooks. There are lot of other features of AWX apart from execution of Ansible playbooks like source management integration, logging RBAC and more.

        In other words, we can say Ansible AWX is considered as an upstream project of Red HAT Ansible Tower. From AWX version 18.x and onwards, installation focus is moved from docker to Kubernetes. So, in this article, we will cover the step by step Ansible AWX Installation on Kubernetes Minikube.

      • Convert to Uppercase or Lowercase on Linux

        There are many ways to convert a string to uppercase or lowercase in Linux. Most commonly used commands to change case are tr, sed and awk. Tr is the simplest command for this task.

        From Bash 4, there are certain symbols which allows to convert the string case.

        In this tutorial we learn how to convert the string to uppercase and lowercase on Linux.

      • How To Find All Installed Fonts From Commandline In Linux - OSTechNix

        Do you want to know which fonts are installed on your Linux system? Good! I know a quick way to find all installed fonts in your Linux system from commandline. The fc-list command helps you to list all fonts and styles available on the system for applications using fontconfig.

        Using fc-list, we can also find out whether a particular language font is installed or not. In this brief tutorial, let me show you how to list all installed fonts and also how to list installed fonts for a particular language in Linux and Unix-like systems.

      • Search DuckDuckGo from Terminal in Ubuntu Linux via ddgr Command [Ed: DuckDuckGo is a privacy scam that 'FOSS' sites ought not promote or endorse]

        For command line users want to search on DuckDuckGo, ddgr is the free open-source tool to search from Linux terminal.

        It’s a tiny tool written mostly in Python3. And it’s quite easy to use. For instance, run the command below will search ‘Windows 11’ and output 10 results per page.

      • How to install Adobe Photoshop CS6 on Ubuntu 20.04 LTS Linux

        Adobe Photoshop is not available officially for Linux, still, we can install Photoshop CS6 on Ubuntu 20.04 LTS Desktop without any complications to edit our favorite pictures.

        Photoshop is a quite popular tool when it comes to editing pictures not only among professionals but even for a common user. This photo editing program provides you with many tools to improve the quality of your photos. This means that you can also adjust your images in Photoshop, therefore no need to completely dependent on optimal environmental conditions.

        Users can correct any image tones and color values to get the desired photo effects. Further, we can also change the brightness with the help of the gradation curves to raise or lower the general impression of light in a picture. We can add new objects by using different types of brushes to paint almost digitally. Features list of Photoshop is vast, thus leave that here and let’s talk about the main topic i.e how to use Photoshop on Ubuntu Linux?

      • How to create a streaming server in FreeBSD - Unixcop

        So, you want to stream your games or maybe a webcam but don’t like services like youtube or twitch. Or maybe you have privacy concerns or just want more control on your content. In this article I will show you how to create a streaming server in FreeBSD, with Nginx, using the RTMP protocol.

      • How to install Bludit CMS on Ubuntu 21.04 - Unixcop

        Bludit is a fairly simple CMS that we can use to deploy a blog or website quickly. One of the main characteristics of this CMS is that it uses files in JSON format to store the content. So, you don’t need to install or configure a database.

        So you can create your own Website or Blog in seconds Simple, Fast, Secure, Flat-File CMS

        Also, Bludit incorporates all the SEO tools to improve your ranking in all the search engines and social networks.

        So, it is a good light and fast alternative to other more complete CMS like WordPress.

    • Games

      • One of Europe’s Biggest Esports Startups Is Targeting the U.S.

        G2 has dominated recent European “League of Legends” championships and successfully competed against teams from Asia and North America. It employs about 85 people and works with a further 80 esports players, coaches and content creators. The company has millions of followers on social media and has earned more than $8.3 million in prize money, placing it in the global top 20 teams, according to esportsearnings.com.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Updates: Calamares and QML

          Calamares has been getting some refactoring to its modules to support QML as an alternative to QWidgets; for now, most of the module steps used by the Nitrux are being made available in QML.

          Porting modules to be used by QML is an ongoing task. Many more modules could benefit from this refactoring, so if you feel adventurous, you can join the team behind Calamares to have a much more versatile installing framework.

        • Editing and deleting mistakes… and events too — Kalendar week 4 (GSoC 2021)

          You know that feeling when you read your old code and are amazed at how bad the design is? Well… yeah. This week has been a lot of going over what I’d written in the past few weeks and cleaning out the bugs, the errors, and the inconsistencies. At risk of having to write these exact sentences next week, I’ll say the process is not yet complete!

          Even so, much of Kalendar is in better shape than it was a week ago. If you are a particularly fearless person, you might even be able to start using it as your actual calendar app — not that I am in any way recommending you do so (yet!)

      • GNOME Desktop/GTK

        • The Gods Can Bleed – Phanes' Canon

          As of June 21st, Molly de Blanc is reporting as being unemployed, presumed to include the Gnome Foundation, which means we are officially at 33% of goal for the community response to the Stallman smear campaigns. Woot!

          I think the oddest thing about the whole series of events is the Gnome Foundation’s total silence on the matter. The community deserved the announcement.

          This is actually monumental progress, because what it’s done is it’s shown the people watching all of these smear campaigns, many fearful of being canceled if they say anything off the path of the narratives, that these FAANG-sponsored corporate “contributor” trojan horse actors that get embedded into these projects, particularly Gnome Foundation, OSI, Debian, are peddling – that these people can be stopped and that there can be consequences for their methods if people work together and are adamant enough about it.

          The open source gods can bleed, and everyone saw it happen.

          It’s also shown the agents of these campaigns that they can lose. They can not only lose, they can be held accountable after they lose.

          There’s alot more to do though.

          Neil McGovern, who in all likelihood used Molly as a patsy for this campaign while he was orchestrating it with Elana Hashman, is still employed by the Gnome Foundation. So is Elana Hashman for that matter.

    • Distributions

      • New Releases

        • NuTyX 21.07.2 available with cards 2.4.132

          The NuTyX team is happy to announce the new version of NuTyX 21.07.2 and cards 2.4.132.

          The compilation chain is completely rebuilt in addition to glibc 2.33, gcc 11.1.0 and binutils 2.34

          The xorg-server graphics server version 1.20.11, the Mesa 3D library in 21.1.4, gtk3 3.24.29 and qt 5.15.2 are also in their latest versions.

          The python interpreters are en 3.9.6 et 2.7.18.

          The XFCE desktop environment is updated to version 4.16.

          The MATE desktop environment is updated to version 1.24.

          The GNOME desktop environment is also updated to version 40.0.

          The KDE desktop environment is available in Plasma 5.22.2.1, Framework 5.82.0 and applications in 21.04.2.

          Available browsers are: firefox 89.0.2, chromium 91.0.4472.114, epiphany 40.0, etc

          Many desktop applications have been updated as well like thunderbird 78.11.0, Scribus 1.5.6.1, libreoffice 7.1.3.2, gimp 2.10.24, etc.

          Core NuTyX ships with Long Term Support (LTS) kernels: 4.9.272, 4.14.236, 4.19.196, 5.4.129 and 5.10.47 and the latest stable version 5.13.0.

      • IBM/Red Hat/Fedora

        • CentOS Stream: Everything You Need to Know About it

          What is CentOS Stream? In this article we shall discuss everything that you need to know about CentOS Stream.

          Let’s begin with a quick history refresher. As you know, CentOS, one of the most popular Linux distributions, will no longer be supported for CentOS 8, starting 31 of December 2021, while the support for CentOS 7 will end on 30 of June 2024. The CentOS team encourages the current CentOS 8 users to update to CentOS Stream, but this might not be accepted easily and many might migrate to another distro.

          So from now on, all the effort will be focused on CentOS Stream.

      • Debian Family

        • Nuclear

          There is a new application available for Sparkers: Nuclear

          What is Nuclear?

          Nuclear is a free music streaming program that pulls content from free sources all over the internet. If you know mps-youtube, this is a similar music player but with a GUI. It’s also focusing more on audio. Imagine Spotify which you don’t have to pay for and with a bigger library.

    • Devices/Embedded

      • Open Hardware/Modding

        • The Raspberry Pi IoT Notification Bell

          There is a Raspberry Pi Zero W with a custom solenoid control HAT on top inside the case to the left, and the solenoid right up against the bell, which is mounted on the right.

      • Mobile Systems/Mobile Applications

        • Volla Phone X rugged phone is available for pre-order with Ubuntu Touch or Android

          The folks behind the Volla Phone are now taking pre-orders for a second phone that will also be available with a choice of Android or Ubuntu Touch operating systems pre-installed.

          As expected, the new Volla Phone X is a rugged smartphone with similar specs to the company’s first phone, but a more durable body. It also has a bigger battery, a slightly smaller screen, and a higher price tag – the Volla Phone X is up for pre-order now for €449 (about $530) and it should begin shipping to customers in August.

          By comparison the original Volla Phone sells for €359 (about $425). But while that model initially went up for pre-order through a crowdfunding campaign before it was sold through Volla’s online store, the new Volla Phone X is skipping the crowdfunding step.

          The new phone has an IP68 rating for dust and water resistance, covers that protect the USB and headphone ports when you’re not using them, and a 6,200 mAh battery which should provide longer run time. But it’s also a heavier phone (280 grams vs 190).

          Still, it’s one of a relatively small number of phones available for purchase with a Linux-based operating system pre-installed as an alternative to Android. Folks who buy a model with Volla OS (the company’s version of Android) can also install Ubuntu Touch on their own if they’d prefer to go that route.

        • postmarketOS Release: v21.06

          We are happy to announce the v21.06 release of postmarketOS, based on Alpine Linux 3.14! If you're wondering why it happened three months after the last release already, the reason is that we managed to follow Alpine's release more closely this time. Instead of two and a half months after Alpine's release, it took us only half a month to get this one out. Following releases can be expected about each six months from now on, closely tracking Alpine's releases.

          Thanks to our amazing contributors, the amount of supported devices has been increased to 15 (from 11 in v21.03.). As in previous releases, each of the supported devices (with the exception of the N900) is able to run mobile-optimized UIs like Phosh, Plasma Mobile, and Sxmo. Pre-built images for these devices, which all run (close to) mainline kernels, can be downloaded from our shiny new image download page (but really you should start at download and read the instructions there first).

          Also, like previous releases, v21.06 is geared mainly towards Linux enthusiasts; it may be a bit rough around the edges so expect some bugs. Help identifying and resolving issues is always greatly appreciated.

    • Free, Libre, and Open Source Software

      • 5 Popular Free and Open Source VPN’s

        People spend most of their time online and send critical information over the internet. Being safe online involves using many technologies, and VPN is one of them.

        An open source VPN software can help protect your identity online by encrypting the data you send on the network to keep it safe from eavesdropping. And if you are working in a company, It may also help you go beyond the company’s network restrictions to assure you have the experience you need on the internet.

      • FSF

        • Licensing/Legal

          • Reimplementing Software Interfaces Is Fair Use

            The penultimate sentence in Justice Breyer's opinion for the 6-2 majority succinctly states the Court's conclusion: "where Google reimplemented a user interface, taking only what was needed to allow users [that is, programmers] to put their accrued talents to work in a new and transformative program, Google's copying of the Sun Java API was a fair use of that material as a matter of law."

            After explaining Oracle's claims against Google, this column reviews the Court's reasons for rejecting Oracle's arguments on the fair use issue.

      • Openness/Sharing/Collaboration

        • Open Access/Content

          • Impact factor abandoned by Dutch university in hiring and promotion decisions

            A Dutch university says it is formally abandoning the impact factor — a standard measure of scientific success — in all hiring and promotion decisions. By early 2022, every department at Utrecht University in the Netherlands will judge its scholars by other standards, including their commitment to teamwork and their efforts to promote open science, says Paul Boselie, a governance researcher and the project leader for the university’s new Recognition and Rewards scheme. “Impact factors don’t really reflect the quality of an individual researcher or academic,” he says. “We have a strong belief that something has to change, and abandoning the impact factor is one of those changes.”

      • Programming/Development

        • Things I wish Git had: Commit groups

          You know the “group” facility of vector graphics programs? You draw a couple of shapes, you group them together, and then you can apply transformations to the entire group at once, operating on it as if it were an atomic thing. But when need arises, you can “ungroup” it and look deeper.

          That’s because sometimes there’s a need to have a “high-level” view of things, and sometimes you need to delve deeper. Each of these needs is valid. Each is prompted by different circumstances that we all encounter.

          I’d love to see that same idea applied to Git commits. In Git, a commit group might just be a named and annotated range of commits: feature-a might be the same as 5d64b71..3db02d3. Every Git command that currently accepts commit ranges could accept group names. I envision groups to have descriptions, so that git log, git blame, etc could take --grouped or --ungrouped options and act appropriately.

        • Perl/Raku

          • TWC 119: Task #1, Swap Nibbles & Task #2, Sequence without 1-on-1

            Hello everyone, I'm back after a year's absence, good to see everything is going as strong as ever. I have some extra time this weekend, so thought I'd try my hand at an answer again.

            But, oh golly, looking back over my earlier posts on earlier problems was just painful--too many details! Going forward I'll just broad-brush things (and I mean it this time). If anyone has a question about details, then ask about them in the comments.

            The swap nibbles problem is equivalent to a "swap hex-chars problem" and since we have the bigint module then any hex string can be represented by an integer. When a little investigation brought up that every bigint object has an as_hex() method, I found the restriction to positive integers less than 255 too restrictive: I decided to do them all! (Well, not quite all, since there are an infinite number of integers, but you know what I mean.)

          • Monthly Report - June

            As you all know, I have recently started taking part in the weekly challenge again. I have always complained about the lack of time doing things I always wanted to do. But then it doesn't stop me taking up new projects. I have to learn how to prioritize projects. May be one day, I will get there. Right now I am actively working on 2 new projects simultaneously. First is preparing the talk for the upcoming Raku Online Conference. It is going to be my personal journey to Raku. And the second is very close to my heart, working on my first book about Perl in association with Dave Cross.

            [...]

            With regard to my new job at Oleeo, I have finally got to do some Perl coding at last. I must say it made me so happy. Prior to this I got my hand dirty with Ansible for the first time. It was good learning experience. I really enjoyed it, thanks to all the support I got from fellow colleagues. Although my first Perl task is not too complex but it got me to look at the database closely. Thanks to the weekly challenge, I never loose the touch with Perl and all its glory. Also I am never short of ideas when dealing with any task, thanks to Team PWC for all the smartest solutions. Having done the weekly challenge, my confidence level is always high when it comes to Perl. I remember an incident, about 15 odd years ago, team lead would always try to put me down complaining about my Perl knowledge. It did affect my confidence to some extent but luckily I left the company soon after. Ever since, I have been lucky to have very supportive and encouraging colleagues. Oleeo too has bunch of familiar faces that can easily fit into my category of best friends.

        • Refterm

          • Jussi Pakkanen: Looking at the performance of Refterm

            Recently a known strong-opinion-holder Casey Muratori wrote a reference implementation for a new fast terminal renderer. The goal is (as far as I can tell) to implement the same functionality as existing terminals using a lot less resources.

            [...]

            The app uses 0.5% of CPU and a whopping 14% of GPU just to display a blinking cursor. This could be said to be not particularly resource efficient. This is probably due to the fact that there is no rate limiter (or VSYNC) so the app just spams the system all the time. The true resource usage can't be meaningfully compared until this is fixed.

            What can be measured, though, is memory usage. As can be seen in the image [1] the Refterm application uses 351 MB of memory when idle (the test war run using a 4k monitor). Based on discussions on the Internet, an acceptable amount of memory usage for a terminal is around 10-20 MB. Refterm uses 10x as much. In fact, as you can tell, running two instances of Refterm takes more memory than a fully blown Firefox with tens of open tabs. For comparison I also tested the Spotify app which is implemented in Electron. When playing music it only took ~150 MB, less than half of an idling Refterm.

  • Leftovers

    • Education

      • Software program bridges the education gap

        The Waterford UPSTART Program is free to low-income families with 4-year-old children in six districts across the state. The software is provided and families who qualify will get a computer and internet access as well at no cost.

    • Hardware

      • Arm CEO says Nvidia merger better than going public

        Last week, Qualcomm CEO Cristiano Amon told The Telegraph newspaper and other media outlets that Qualcomm was open to investing in an initial public offering by Arm if the Nvidia deal falls apart. Amon has told media outlets that joint ownership of Arm by industry peers would keep the firm independent

    • Health/Nutrition

      • WHO Warns of a Dangerous New COVID Wave in Europe After Summer

        The head of WHO-Europe Emergencies, Catherine Smallwood, said that the region is facing "a window of opportunity", because in many countries infection remains at low levels, although in a few there are record hospitalizations and deaths.

        "Social measures should not be relaxed in a context of growing contagion. But if it is done, health measures should be strengthened," said Smallwood, who mentioned, among other things, more testing and contact tracing, and "vaccinate, vaccinate, vaccinate."

      • What if America tackled its opioid crisis?

        Though addiction to all types of drugs (including cocaine and methamphetamines) has steadily increased, the primary problem remains opioids. They came to the fore in the early 1990s in the form of prescription painkillers that were unscrupulously marketed to doctors as unlikely to cause addiction. The most famous was OxyContin, launched in 1996. By the time it had been reformulated to make it harder to abuse, too many Americans were already hooked and the drug crisis had morphed into something else entirely, as addicts looked for alternatives. “Reformulation led markets to sell deadlier substances and contaminate non-opioid drugs, expanding illicit opioid drug use,” concluded David Powell and Rosalie Liccardo Pacula, two drugs-policy researchers, in 2020.

    • Integrity/Availability

      • Proprietary

        • Massive US ransomware attack forces Swedish shops to shut, FBI investigating

          The shutdown of the major food retailer followed Friday's unusually sophisticated attack on U.S. tech provider Kaseya. The ransomware gang known as REvil is suspected of hijacking Kaseya's desktop management tool VSA and pushing a malicious update that infect tech management providers serving thousands of business.

          Huntress Labs, one of the first to sound the alarm of the wave of infections at the providers' clients, said Saturday that thousands of small companies might have been hit.

        • Researcher finds certain network names can disable Wi-Fi on iPhones

          A security researcher has found that certain Wi-Fi networks with the percent symbol (%) in their names can disable Wi-Fi on iPhones and other iOS devices. Carl Schou tweeted that if an iPhone comes within range of a network named %secretclub%power, the device won’t be able to use Wi-Fi or any related features, and even after resetting network settings, the bug may continue to render Wi-Fi on the device unusable.

        • TikTok parent ByteDance has begun selling the video app’s AI to other clients

          ByteDance, the Beijing-based parent company of video sharing app TikTok has started selling TikTok’s AI to other companies, the Financial Times reports (may require subscription). The company has a new division called BytePlus, and according to its website, its client list already includes US fashion app Goat, Singapore travel site WeGo, Indonesian shopping app Chilibeli, and India-based social gaming platform GamesApp.

        • Pseudo-Open Source

        • Security

          • Reproducible Builds: Reproducible Builds in June 2021

            Welcome to latest report from the Reproducible Builds project for June 2021. In these reports we outline the most important things that have been happening in the world of reproducible builds in the past month. As ever, if you are interested in contributing to the project, please visit the Contribute page on our website.

            [...]

            The Google Security Blog introduced a new framework called “Supply chain Levels for Software Artifacts”, or SLSA (to be pronounced as ‘salsa’). In particular, SLSA level 4 (“currently the highest level”) not only requires a two-person review of all changes but also “a hermetic, reproducible build process” due to its “many auditability and reliability benefits”. Whilst a highly welcome inclusion in Google’s requirements, by equating reproducible builds with only the highest level of supply-chain security in their list, it might lead others to conclude that only the most secure systems can benefit from the benefits of reproducible builds, whilst it is a belief of the Reproducible Builds project that many more users, if not all, can do so.

            [...]

            The NixOS Linux distribution pulled off a technical and publicity coup this month by announcing that the ISO_minimal.x86_64-Linux image is 100% reproducible. The announcement was widely discussed on Hacker News, where the article has received in excess of 200 comments.

          • Josh Bressers: Episode 278 – Could SELinux have stopped SolarWinds?

            Josh and Kurt talk about a listener provided question. Could SELinux have stopped the SolarWinds attack? Given what we know, the answer is technically yes, but practically no. SELinux is awesome, but it’s very difficult to sandbox something like a build system.

          • Common Linux vulnerabilities admins need to detect and fix

            Companies continue to scramble to secure endpoints and data center systems from constant attack. Admins must know how to both prevent attacks, such as ransomware, and mitigate the ones that get past security measures. This means using encryption, firewalls, routine vulnerability scanning and recovery plans.

            The threat landscape continues to change, with new attacks popping up all the time. Admin can't set up systems and hope they remain protected. Rather, they're in a continuous battle to keep adversaries out. Linux server admin David Clinton provides admins blueprints to tackle common Linux vulnerabilities, conduct risk assessments, configure backups and more in his book, Linux Security Fundamentals.

          • Privacy/Surveillance

            • Facebook asks: Are your friends becoming extremists?

              Facebook is starting to warn some users they might have seen “extremist content” on the social media site, the company said on Thursday.

            • TikTok Extends Video Length to 3 Minutes – YouTube On Notice

              TikTok says it will expand its canvas to users across the globe, allowing up to three-minute videos. That puts the short-form video app much closer to traditional length videos on platforms like YouTube and Facebook. The move is interesting, considering just how copied TikTok has become over the last two years.

              TikTok Product Manager Drew Kirchhoff says the longer videos will “pave the way for more storytelling and entertainment on TikTok.” TikTok users already stitch several of their videos together in threads to tell stories. Many users embrace the broken nature of these videos to promote additional parts of their drama-laden stories.

    • Defence/Aggression

      • How A Chinese-Built Highway Drove Montenegro Deep Into Debt

        The Chinese state-owned company hasn't finished construction yet, so cars are using the old road underneath it. The highway hasn't been paid for yet, either. The first installment of the $1 billion loan from a Chinese state bank is due in July, and it's unclear whether Montenegro, whose debt has climbed to more than a 100% of its gross domestic product due to this project, will be able to afford it. What's worse, says the country's former Justice Minister Dragan Soc, once completed, the road won't lead anywhere anyway. "We make a joke: It is a highway from nothing to nothing," he says.

      • "If the Taliban Get Me, They'll Kill Me"

        All of a sudden, it seems that no one feels accountable for the fact that he and 100 other local staff members have now become potential targets of the Taliban because of the work they did for the Bundeswehr. "I must have been to the camp 10 or 15 times," he says in his meticulously tidy home. "The Germans there say they can’t do anything for me. They say that I was employed by a subcontractor, after all. But when I went to my employer, they sent me back to the Germans.” As a final gesture from the Bundeswehr, he was finally given piece of paper torn out of a spiral notepad with a handwritten email address at the camp gate. But his message received no answer.

      • A silo-building spree raises questions about China’s nukes

        The silos, near the city of Yumen, were identified by researchers from the James Martin Centre for Nonproliferation Studies, an American think-tank, whose findings were published on June 30th in the Washington Post. These and other experts reckon that the structures are designed to house China’s newest ICBM, the DF-41, which can reach almost all of America’s mainland. The question is why so many are needed.

    • Environment

      • Energy

        • Oil Company That Caught Ocean on Fire Has Staggeringly Long History of Death, Accidents

          The oil company behind the whole catching-the-ocean-on-fire incident has — unsurprisingly — a long history of terrible and deadly accidents.

          Petróleos Mexicanos, more commonly known as Pemex, has a record of major accidents at its facilities and oil wells dating back to 1979. That was the year the company’s exploratory oil well Ixtoc I in the Gulf of Mexico experienced a blowout — resulting in one of the worst oil spills in history, according to the BBC.

    • Finance

      • Bitcoin And The American Idea

        Has America strayed from its founding ideals? An activist and a refugee think Bitcoin can help it get back on track.

    • AstroTurf/Lobbying/Politics

      • Unpacking Van Buren v. US: Did the Supreme Court just redefine computer [cr]acking?

        In the case of Van Buren vs. United States, the Supreme Court delivered a controversial interpretation of the CFAA, or the Computer Fraud and Abuse Act. The CFAA is an anti-hacking statute, which broadly bans and imposes criminal penalties for accessing computers without authorization or accessing data in a way that exceeds authorization. But what exactly “exceeds authorized access”? The Supreme Court embraced a narrow reading of the law, redefining and restricting how far the CFAA liability extends.

      • First compliance report by Google, Facebook under IT rules big step towards transparency: Prasad

        The publishing of compliance reports by Google, Facebook and Instagram is bound to turn up the heat on Twitter, which has been engaged in a tussle with the Indian government over the new social media rules



    • Misinformation/Disinformation

      • #StopAsianHate: Chinese diaspora targeted by CCP disinformation campaign

        Chinese diaspora communities continue to be an ‘essential target’ of Chinese-state-linked social media manipulation taking place around the world. Chinese-state-linked accounts are running a multilingual, cross-platform campaign aimed at stoking the fears of these communities by drawing false equivalences between anti-Asian racism and increased speculation about Covid-19 laboratory-leak theories. This campaign illustrates the Chinese Communist Party’s common tactic of using accusations of racism to deflect criticism.

    • Censorship/Free Speech

      • Olympics Needs to End Restrictions on Free Speech of Athletes
      • Indiscriminate Messaging And #CHATCONTROL: Last Chance To Protest

        The date for the vote on the chat control regulation has been set: On 6 July, all Members of the European Parliament will cast their vote on the legislation that will allow e-mail and messaging providers to indiscriminately scan and search your private messages for suspicious content in real-time. This will be the final vote on the regulation. Once it has passed, your private communications can be searched by error-prone artificial intelligence technologies. Although these algorithms are meant to search for potential child pornography and grooming, up to 86% of the correspondence reported to the police is not criminally relevant and users are falsely being reported – including many minors.

        The EU’s chat control regulation has been found to violate fundamental rights by a former judge of the European Court of Justice. According to a representative poll, 72% of EU citizens clearly reject indiscriminate screening of private correspondence. Despite all that, the Parliament’s Committee for Civil Liberties (LIBE) recommends the plenary to vote in favor of chat control.

      • Censoring films

        The film producer labours under a grave handicap. He has either to submit to the cuts or fight it out in the courts. The situation is not improving. A stage has been reached where the police arrogate to themselves the right to clear films before the censors do so. Depressing as is the situation in regard to the supposedly legal system of censorship of films and plays, the extra-legal censorship that has come in vogue in some parts of the country is alarming. It is subversive of the rule of law and democracy. State governments condone and even connive at it. So, does the centre; though not without making noises occasionally of deeply felt pain.

      • Microsof [sic] reportedly hides your LinkedIn profile in China if you mention Tiananmen Square

        Now another element of this self-censorship became apparent when cybersecurity researcher Kevin Beaumont revealed Microsoft’s LinkedIn hid your profile from Chinese searchers if you mentioned Tiananmen Square in it.

      • NJ Beauty Queen Rails Against Censorship & Champions First Amendment at Atlantic City Competition

        In a video posted on Twitter of the competition, Ms. Murray said: “Our generation is experiencing an epidemic of censorship and entitlement. And it’s because our professors and our celebrities are teaching students to be narcissists, to believe that any of you that differs from their own is an existential threat.”

        She continued by saying, “This is what I experienced on my own campus with censorship to the point where people believe that speech is violence so that they can threaten other people with violence, simply because they disagree with them.”

      • Standing up to the Social-Justice Mobs Within the Jewish Community

        Even just a few years ago, such a cancellation would have seemed bizarre and outrageous—especially the suggestion that the morality of one’s actions may be judged according to their “impact,” as subjectively assessed by third-party activists. Neither would we have understood why decrying one form of bigotry without mentioning another is problematic. We have just witnessed a series of news cycles in which we have all been invited to decry bigotry against blacks, Asians, members of the LGBT community, and other groups. Was each of these population-specific calls to action also problematic?

    • Freedom of Information/Freedom of the Press

      • Open letter to Xi in four Nordic dailies about Hong Kong press freedom

        Four leading Nordic dailies have published an open letter to Chinese President Xi Jinping denouncing press freedom violations in Hong Kong. “The world can no longer stand idly by as China gradually sucks the air out of freedom of the press in Hong Kong,” says the letter published today, the centenary of the founding of the Chinese Communist party, in Sweden’s Dagens Nyheter, Norway’s Aftenposten, Denmark’s Politiken and Finland’s Helsingin Sanomat. Reporters Without Borders (RSF) supports this initiative and is reposting the letter, written jointly by the editors of the four newspapers.

      • Burundi's Lifting of Media Ban Met With Cautious Optimism

        The announcement that a suspension of Britain's public broadcaster and a local news website, Ikiriho, were lifted is seen as a sign that Burundi is working to improve relations with the press.

        But analysts and journalists told VOA that media in the country are still under restrictions and face harassment for critical reporting. A ban on VOA, imposed in May 2018, also remains in place.

    • Civil Rights/Policing

      • Blue Alerts: Security Theater and Copaganda

        A Blue Alert is an involuntary message, communicated over the emergency alert infrastructure, to perform the equivalent of a Twitter call-out thread on a suspected cop-killer or cop-abductor.

        Blue Alerts are opt-out, not opt-in, and you cannot turn them off without also disabling other types of emergency alerts. Even on newer phones which offer greater granularity with the types of emergency alerts to receive, there is no specific flag to disable Blue Alerts and leave all the other types turned on.

    • Digital Restrictions (DRM)

      • Netflix Not Working on 32-bit Linux? Blame it on Google

        Here’s the scenario. You were enjoying Netflix and other streaming services with Firefox on your 32-bit Linux system. But all of a sudden, Netflix just stopped working.

        You updated the Firefox browser, made sure that DRM is enabled in Firefox, all media codecs have been installed and yet it doesn’t work.

        Don’t blame Firefox for this problem. Don’t blame Linux for this problem. Blame Google.

    • Monopolies

      • FTC charges chip supplier Broadcom with monopolizing the market

        The Federal Trade Commission (FTC) announced on Friday it is charging chip supplier Broadcom with monopolizing the market.

        The agency said the company used exclusive deals to monopolize semiconductor components that are used to deliver television and broadband internet services.

        The FTC also put out a proposed consent order for the company that would settle the charges if Broadcom stopped the exclusive deals they were putting their customers in.

      • Patents

        • BREAKING: Servier Beats NHS' €£220M Drug IP Suit At Top UK Court

          The EPO Technical Board of Appeal later revoked the patent for the medication, which is used to treat hypertension, blood pressure and similar heart...

        • The Brazilian Supreme Court defines the effects of the decision declaring the unconstitutionality of the sole paragraph of article 40 of the Industrial Property Law

          IPTango is pleased to publish a guest post by Pedro Matheus and Leonardo Cordeiro (Gruenbaum, Possinhas & Teixeira), discussing the modulation of the effects of the decision declaring the unconstitutionality of the sole paragraph of article 40 of the Industrial Property Law of Brazil. Read here their post on the Direct Action for the Declaration of Unconstitutionality of such provision.

          On 12 May 2021, the Supreme Court defined the modulation of the effects of the decision that declared the unconstitutionality of the sole paragraph of article 40 of the Industrial Property Law (LPI).

        • Patent and design protection not mutually exclusive – “Paper Dispenser” decision of the German Federal Court of Justice

          The German Federal Court of Justice (“BGH”) held in its decision “Papierspender” (“Paper Dispenser”) that a Community design was not automatically caught by the functionality provision of the Community Design Regulation because it had appeared in a patent application. The decision highlights the importance for product developers to keep detailed records, already during product development, as to why a particular visual appearance of the product was chosen.

          In the decision of 7 October 2020, the BGH annulled the appeal court’s judgment that had found the community design No. 001344022-0006 invalid. Functionality was not proven by the mere fact that the product appeared in a patent application as a patent application does not contain considerations as to the visual appearance of the product, but only describes its technical function. Now the case is back at the Düsseldorf Higher Regional Court.

          [...]

          In addition, the BGH criticized the Appeal Court for focusing solely on the disputed product as a whole rather than on individual features of appearance thereof, which is what art. 8(1) CDR mentions. As a result, the Appeal Court did not duly determine whether there was not at least one protectable feature of appearance.

          The judgment makes clear that, due to the great relevance of evidence by testimony and documentary evidence in addition to expert evidence to determine whether the appearance is solely dictated by the technical function of the product, it is more important than ever for product developers to keep detailed records of the development process to show why a specific visual appearance was chosen for the product.

        • Around the IP Blogs

          The German Bundestag has adopted amendments to the German Patent Act. The changes introduce (i) a codified proportionality defense to injunctions in patent infringement proceedings, (ii) new confidentiality rules for patent disputes, and (iii) an accelerated timeline for nullity actions. While the Bundesrat still has to approve this bill, this is not believed to be controversial. Thus, the changes described below are expected to enter into force in a few weeks, except (iii), which will enter into force in spring 2022. Kluwer Patent Blog reported on the changes.

        • Doctrine of equivalents still murky despite Birss ruling: lawyers [Ed: Terms like "harmonising EU case law" sound like the toxic and unconstitutional agenda of Team UPC]

          UK sources compare life before and after Actavis, and give suggestions for harmonising EU case law

        • Do you Tell the PTO that the Disclosed Embodiments are Merely Prophetic?

          Many patent applications are not fully reduced-to-practice by the time the patent application is filed. Although reduction-to-practice is a required element of invention, the Courts and Patent Office have long permitted the filing of a patent application to constructively satisfy the RTP requirement. Still, the application must fully satisfy the disclosure requirements of 35 U.S.C. 112(a), namely written description, enablement, and best mode.

          A patent specification will typically include a series of examples, embodiments, use-cases and/or experimental results. In this post, I’ll refer to these collectively as “examples.” One way of categorizing the examples is to divide between actual “working examples” and predicted “prophetic examples.” As you might guess, working examples are typically more compelling and indicative that the invention will actually work as claimed. But, prophetic examples also have their use and are absolutely permissible. Although I have not measured this, I expect that the vast majority of patentees rely on prophetic examples to some extent in order to expand the scope and depth of their disclosure. Thus, even if the patentee has reduced the invention to practice and explained the RTP in a working example, the specification may also provide a set of prophetic examples with differing arrangements, elements, and outcomes. Because of their differences, the courts and USPTO have called on patent applicants to take care in distinguishing between the two in their patent applications.

          [...]

          The USPTO Notice focuses on prophetic examples stemming from experimental results, and thus remains to be seen whether the requirements will be practically extended to situations involving prophetic embodiments and use-cases presented without any experimental results.

        • Reference For Preliminary Ruling In The Nokia Daimler Dispute Falls As Daimler Signs A Patent Licensing Agreement

          On 1 June 2021, Nokia and Daimler announced via a joint press release that they have settled their global patent dispute with a patent licensing agreement. Under the agreement, Nokia will license mobile telecommunications technology to Daimler, that will remunerate Nokia for the use of its technology. All pending litigation between the two parties, including the antitrust complaint by Daimler against Nokia filed with the European Commission, has also been settled. This includes the patent infringement case brought by Nokia against Daimler before the Düsseldorf Regional Court which gave rise to the request for a preliminary ruling request to CJEU.

          #Switzerland talk by #rms 4 months before #mit turned against him in collusion with media eager to distract from what #billgates had done with J. Epstein in MIT. http://techrights.org/2021/07/04/rms-switzerland-talk/

      • Trademarks

        • New Eurasian trade mark and appellation of origin system

          Recently, Armenia, Belarus, Kazakhstan, Kyrgyzstan and Russia have made a collective endeavour to move towards the formation of a regional system dealing with trade marks, service marks and appellations of origin of goods in the Eurasian Economic Union (EAEU). Sergey Zuykov explains how it will work.

          From 1 September 2021, an application for registration of a trade mark or appellation of origin of goods within the EАEU may be filed with any IP office of a member country. The introduction of the system will reduce the cost and time taken for legal protection of trade marks and will help Eurasian brands to enter the common market.

        • TEFAL: Spot the difference? Consumers apparently can’t.

          The key question was ‘what is the likely perception of the relevant consumer upon seeing the sign applied for, in normal and fair use in relation to the goods specified?’ Specifically, would the consumer see the sign as being ‘origin neutral’ or ‘origin specific’, based only on its inherent characteristics?

          The sign was characterised as a simple geometrical shape in red within the centre of the inside of the pan, corresponding with the overall product shape. This combination of colour, proportion and position was insufficient to make the mark origin specific: it was a mere indicia of an everyday product that consumers would not perceive as a standalone trade mark.

          This analysis raises a wider question around the value of product design and what mark is adopted in the first place and why. For example, a shape that differed from the shape of the main product, say, a purple spiral, would arguably be more arbitrary (and therefore capable of indicating origin) than a red dot.

        • Campaign highlights risks and damages of IPR infringement

          The EUIPO Observatory launched an awareness campaign earlier this month titled Risks and Damages Posed by IPR Infringement in Europe.

          It is part of the annual Pan-European Media Campaign and also marked World Anti-Counterfeiting Day on 8 June.

      • Copyrights

        • The Beijing Treaty: A step forward in the protection of related rights in audiovisual performances

          In the midst of the economic and social paralysis arising from the COVID 19 pandemic, the tireless discipline of law has prevailed as always, if anything with increased activity. The Beijing Treaty on Audiovisual Performances (BTAP, hereinafter the “Treaty”) came into force on 28 April 2020 in the first thirty contracting parties (the minimum number required). It was a historic milestone in the area of rights related to copyright. Switzerland was the first State to join the list and, at present, 42 states are contracting parties to this Treaty.

          For the first time, an international instrument confers express protection to performing artists for fixations of their work on an audiovisual medium, acknowledging their right to decide the time and manner in which their audiovisual works are used abroad, while also receiving a share of the profits obtained from their exploitation, even in the digital environment. Up to now, only sound fixations enjoyed this protection (see the WIPO Performances and Phonograms Treaty – WPPT – approved in 1996 and in force since 2002).

        • Should Internet Users Pay a Piracy Levy To Ensure Creators Get Paid?

          Cultural figures including Academy Award winner Olivia Colman are proposing a new initiative to ensure that artists get paid when people download content to devices including mobiles, tablets and PCs without permission. The Smart Fund is proposing a new levy of up to 3% to be paid by all device buyers in the UK but is this a fair solution for the majority who actually pay for content?



Recent Techrights' Posts

EPO Education: Workers Resort to Legal Actions (Many Cases) Against the Administration
At the moment the casualties of EPO corruption include the EPO's own staff
 
Microsofters Try to Defund the Free Software Foundation (by Attacking Its Founder This Week) and They Tell People to Instead Give Money to Microsoft Front Groups
Microsoft people try to outspend their critics and harass them
[Meme] EPO for the Kids' Future (or Lack of It)
Patents can last two decades and grow with (or catch up with) the kids
Topics We Lacked Time to Cover
Due to a Microsoft event (an annual malware fest for lobbying and marketing purposes) there was also a lot of Microsoft propaganda
Gemini Links 22/11/2024: ChromeOS, Search Engines, Regular Expressions
Links for the day
This Month is the 11th Month of This Year With Mass Layoffs at Microsoft (So Far It's Happening Every Month This Year, More Announced Hours Ago)
Now they even admit it
Links 22/11/2024: Software Patents Squashed, Russia Starts Using ICBMs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, November 21, 2024
IRC logs for Thursday, November 21, 2024
Gemini Links 21/11/2024: Alphabetising 400 Books and Giving the Internet up
Links for the day
Links 21/11/2024: TikTok Fighting Bans, Bluesky Failing Users
Links for the day
Links 21/11/2024: SpaceX Repeatedly Failing (Taxpayers Fund Failure), Russian Disinformation Spreading
Links for the day
Richard Stallman Earned Two More Honorary Doctorates Last Month
Two more doctorate degrees
KillerStartups.com is an LLM Spam Site That Sometimes Covers 'Linux' (Spams the Term)
It only serves to distract from real articles
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, November 20, 2024
IRC logs for Wednesday, November 20, 2024
Gemini Links 20/11/2024: Game Recommendations, Schizo Language
Links for the day
Growing Older and Signs of the Site's Maturity
The EPO material remains our top priority
Did Microsoft 'Buy' Red Hat Without Paying for It? Does It Tell Canonical What to Do Now?
This is what Linus Torvalds once dubbed a "dick-sucking" competition or contest (alluding to Red Hat's promotion of UEFI 'secure boot')
Links 20/11/2024: Politics, Toolkits, and Gemini Journals
Links for the day
Links 20/11/2024: 'The Open Source Definition' and Further Escalations in Ukraine/Russia Battles
Links for the day
[Meme] Many Old Gemini Capsules Go Offline, But So Do Entire Web Sites
Problems cannot be addressed and resolved if merely talking about these problems isn't allowed
Links 20/11/2024: Standing Desks, Broken Cables, and Journalists Attacked Some More
Links for the day
Links 20/11/2024: Debt Issues and Fentanylware (TikTok) Ban
Links for the day
Jérémy Bobbio (Lunar), Magna Carta and Debian Freedoms: RIP
Reprinted with permission from Daniel Pocock
Jérémy Bobbio (Lunar) & Debian: from Frans Pop to Euthanasia
Reprinted with permission from Daniel Pocock
This Article About "AI-Powered" is Itself LLM-Generated Junk
Trying to meet quotas by making fake 'articles' that are - in effect - based on plagiarism?
Recognizing invalid legal judgments: rogue Debianists sought to deceive one of Europe's most neglected regions, Midlands-North-West
Reprinted with permission from Daniel Pocock
Google-funded group distributed invalid Swiss judgment to deceive Midlands-North-West
Reprinted with permission from Daniel Pocock
Gemini Links 20/11/2024: BeagleBone Black and Suicide Rates in Switzerland
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, November 19, 2024
IRC logs for Tuesday, November 19, 2024