Bonum Certa Men Certa

Links 7/7/2021: MAAS 3.0 and Nitrux Living Packagecloud

  • GNU/Linux

    • Audiocasts/Shows

      • Community of Enterprise Linux | LINUX Unplugged 413

        Linux server admins don't know where to turn next; how the cult of personality might be shaping Linux's most important market.

      • Audacity Privacy Policy Is A Privacy Nightmare!

        Every since MuseGroup acquired Audacity they have taken every step possible to make Audacity a believed free software project into a shell of it's former selve, with the introduction of telemetry, then a CLA and now a privacy policy that justifies collecting any information they wish.

    • Kernel Space

      • SD Times news digest: TypeScript 4.4 beta, Rust support improvements in Linux kernel, Sauce Labs acquires Backtrace

        The Linux kernel received several major improvements to overall Rust support including removed panicking allocations, added support for the beta compiler as well as testing.

        The goal with the improvements is to have everything the kernel needs in the upstream ‘alloc’ and to drop it from the kernel tree. ‘Alloc’ is now compiled with panicking allocation methods disabled, so that they cannot be used within the kernel by mistake.

        As for compiler support, Linux is now using the 1.54-beta1 version as its reference compiler. At the end of this month, `rustc` 1.54 will be released, and the kernel will move to that version as the new reference.

        Additional details on all of the support improvements are available here.

      • Linux 5.14 Staging Drops A Set Of Drivers For The Second Time, Intel QEP Added - Phoronix

        The staging changes were submitted on Monday for the ongoing Linux 5.14 for this area of the kernel where immature / yet-to-be-cleaned-up code lives to prove itself before being ready to graduate to the proper mainline kernel area.

        Greg Kroah-Hartman sent in all of the staging updates on Monday along with the IIO driver work.

    • Applications

      • Audacity's user data collection causing consternation

        The Audacity audio editor has been a staple of many a user's multimedia toolkits for over 20 years and has had over 100 million downloads. It is described as a free, open source, cross-platform audio software package with availability across Windows, MacOS, GNU/Linux and more. That sounds like a great utility to have access to, and indeed over the years, on various PCs and laptops I have owned, I have downloaded and used Audacity for audio cutting, compressing, and conversion tasks.

      • Fans made an Audacity clone to skirt around data-collection policies

        Users were understandably upset by the sudden change of heart and policy — some went as far as to call it “possible spyware” — so they went ahead and created a new version of Audacity without the possibility of data-collection. At this point, Audacity has essentially undone the problematic privacy policy, but the damage is already done, as far as some are concerned.

      • Audacity Announced User Data Collection, So Coders Made Their Own Version

        But for some users, Muse Group’s explanation for the changes was not enough, and they decided to take matters into their own hands instead. A number of users have simply forked the open source code on Audacity’s GitHub repository, essentially just cloning the code and removing any unwanted changes.

        One of the more popular forks was created by a cybersecurity analyst who goes by "Cookie Engineer" online. They told Motherboard that they were concerned by how the new privacy notice allowed data to be handled on servers outside the European Union, “where the Wild-West of cyber espionage is legitimized.” He stripped all networking related code and update checks from the forked repository, he said.

        Cookie Engineer said he was overwhelmed by all the positive feedback he is receiving and pointed to the scenario as an example of the strengths of open-source development.

      • Audacity 3.0 Data Collection Raises Concerns About New Owner

        Muse Group acquired the free audio editing software in May. The company also controls Ultimate Guitar, MuseScore, and Tonebridge. Since the purchase of the free and open-source Audacity, changes have been made to support documents and the privacy policy that indicate data collection practices – where previously none existed.

        “All your personal data is stored on our servers in the European Economic Area (EEA). However, we are occasionally required to share your personal data with our main office in Russia and our external counsel in the USA,” the policy reads after being altered on June 2. The policy also states that the data may be shared with third-party advisors or ‘potential buyers.’

        Data collected includes the user’s country based on IP address, error codes and messages, crash reports, and the CPU in use. But the data collection also extends to use for ‘legal enforcement’, which the privacy policy does not disclose.

      • MAAS 3.0 released

        We are happy to announce the release of MAAS 3.0.

    • Instructionals/Technical

      • How to Install iRedMail Server on Ubuntu 20.04

        iRedMail is a feature rich opensource mail server for Linux distribution. It can run on RedHat, Ubuntu, CentOS, Rocky Linux, Debian, FreeBSD and OpenBSD. There are other mail server solutions such as Mail-in-a-Box and modoboa.

        iRedMail features include spam filtering, TLS/SSL, webmail, calendar, unlimited accounts, web admin panel. It can be deployed easily and it is completely free.

        In this tutorial we learn how to install iRedMail on Ubuntu 20.04.

      • How to install Funkin' VS Tord on a Chromebook

        Today we are looking at how to install Funkin' VS Tord on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

      • How to Enable PowerTools Repository on CentOS – Linux Hint

        PowerTools is a repository that acts as a container for libraries and developer tools. This repository is available on RHEL/ CentOS but not enabled by default. Some of the most popular EPEL, “Extra packages for Enterprise Linux,” rely on PowerTools packages. You should install PowerTools on your system if the EPEL repository is already enabled.

        The PowerTools repository comprises many packages that require dependencies for installing other applications or creating applications from source code. These applications include window managers, audio programs, network management tools and system administration, chat clients, statistics/math packages, development tools, productivity applications, file managers, emulators, graphic programs, games, etc.

      • How to Enable and Use EPEL on CentOS? – Linux Hint

        The EPEL repository is a separate package repository that is utilized to install packages for frequently used software. Fedora developers wanted to use the packages they maintain on RHEL/CentOS; that’s how they got the idea to develop the EPEL repository. The purpose of this repository was to make the software more accessible on Enterprise Linux compatible distributions.

      • How to Reset the Root Password of CentOS 8 – Linux Hint

        Hackers have become a lot more sophisticated in recent times, which forces users to come up with strong, unique, and complex passwords. The downside of setting such passwords is that they are not easy to remember, and you can easily forget them. You may also forget your password if you haven’t logged in in a long time.

        In this article, we will learn how to reset the root password on CentOS 8. A root account is a unique user account that grants certain privileges to the user.

      • How to Install and Use Docker on CentOS 8 – Linux Hint

        Docker is a top-rated open-source platform used to develop, deploy, run, and ship applications with the help of containers. Containers are like virtual machines, which help in separating the applications from the system. It becomes effortless to develop an application and package it with all its dependencies inside a container and deliver the application anywhere.

        Docker is famous for its revolutionized development, and in the last few years, its popularity has spiked a lot. Before docker and containers, the deployment and scaling was a heck of a headache.

        There are three methods available on the Official Documentation webpage of Docker for installing Docker on the CentOS 8 Operating system.

      • How to Boot into Emergency Mode on CentOS 8 – Linux Hint

        In the latest CentOS, i.e., CentOS 8 emergency mode and rescue mode has replaced the idea of run levels. Runlevels were different modes used for various tasks. In CentOS 8, Rescue mode is the equivalent of single-user mode, and emergency boot mode provides a minimal environment to repair your system.

        Today we will learn how to boot CentOS 8 into rescue and emergency mode.

      • Linux Source Command with Examples – Linux Hint

        The source seems to be an integrated shell instruction that reads and executes the contents of a document (commonly a bundle of instructions) that is provided as a parameter within the present shell script. Upon obtaining the contents of the given files, the instruction delivers them to the TCL interpreter only as a textual program, which would then be run. Whenever filename is called, any arguments given turn out to be positional arguments. The positioning variables, on the other hand, stay unaltered. The elements in $PATH have been used to locate the folder that contains FILENAME; nevertheless, unless the document isn’t found in $PATH, it would be searched in the root folder. The source command seems to have no options, and indeed the document seems to be the only parameter. Let’s get started working on the Linux Source Command in Ubuntu 20.04 Linux operating system. Login from your system and launch the Ubuntu terminal by utilizing the shortcut Ctrl+Alt+T.

      • Linux Pipe Command with Examples

        The ‘pipe’ command is used in both UNIX and Linux operating systems. Pipes help combine two or more commands and are used as input/output concepts in a command. In the Linux operating system, we use more than one pipe in command so that the output of one command before a pipe acts as input for the other command after the pipe. In this article, we have discussed many examples to understand the basic functionality of pipes.

      • How to Install GCC Compiler on CentOS 8 – Linux Hint

        GCC refers to a set of tools that includes an integrated collection of compilers and libraries for many major programming languages such as C, C++, Objective-C, Fortran, Ada, and Brig. GCC stands for “GNU Compiler Collection.” The compiler for each language has its own name. The compiler for C++ is called G++, the compiler for Ada is called GNAT, and so on.

        This post consists of a profound guide on how to install GCC Compiler on CentOS 8. We will also learn how to write, compile, and execute a simple C program in GCC compiler.

        But first, we will learn how to check the installed packages and groups on CentOS 8.

      • Will there be a CentOS 9? – Linux Hint

        So, these statements declare that there will be no CentOS 9. After this announcement, you should question that what will happen to the CentOS project? Well, CentOS 8 will only receive updates till 2021. Red Hat will transfer all of its resources from CentOS Linux to CentOS Stream.

      • How to Get Into a Docker Container Shell – Linux Hint

        A container is a file format that encapsulates all of an application’s code and dependencies in a standardized format to execute efficiently and reliably across multiple computing environments. Docker is a compact, independent executable container that contains all needed to run an application, comprising libraries, system tools, code, and runtime.

        A container is an image that can be run. To use the Docker API or CLI, you can build, start, terminate, move, or destroy a container. You can connect storage to a container, attach it to one or even more networks, or even develop a new image based on its existing state. A container is often well separated from those other containers and its host device by convention. You control how separated a container’s network and other fundamental subsystems are from other containers and the host device. A Docker Container is a pre-configured container used to install a specific application or environment on the go. It may be any other operating-system containers to meet the requirements. However, the most appealing feature of containers is their ability to gently “die” and revive when load balancing requires it. Containers are “affordable” to begin, and they’re intended to emerge and disappear quickly. Whether a container’s demise is triggered by a crash or just because it’s no longer required because server traffic is low, containers are “relatively inexpensive” to start. Users can separate applications from the underlying system using Docker containers, which are virtualized run-time environments. These containers are small, portable components that allow you to rapidly and simply establish an application. The uniformity of the computing environment executing inside the container is a valuable feature. Now we are going to talk over the process to get started into the docker container shell.

      • How to Write or Edit /etc/fstab – Linux Hint

        In Linux, there are multiple system configuration files that regulate system behavior. The fstab file is such a configuration file that stores all the information about various partitions and storage devices on the computer. At the time of boot, the fstab file describes how each partition and device will mount.

      • How can I see DPKG and apt history – Linux Hint

        This tutorial explains how to see dpkg and apt history in Debian-based Linux distributions.

        After reading this tutorial, you will know how to find information about installed, removed, and upgraded packages using commands apt, dpkg-query, and reading dpkg logs. There are instructions to create a list of installed packages, install all listed packages on a new computer, and additional apt and dpkg tips.

      • How To: Encrypt Files with Ansible Vault

        Ansible Vault is a technology that allows you to encrypt values of variables or even encrypt whole files to minimise security risks associated with storing such information in your Ansible playbooks, vars files or roles.

        You usually employ the ansible-vault command and supply a passphrase to encrypt and decrypt information.

        Ansible Vault is a fascinating and fully implemented concept, so you can have multiple storage areas (vault-ids) and provide separate passphrases for encrypting different types of information.

      • Remove User in Linux Using the Command Line

        In this article, you will learn how to remove a user in Linux system. The article covers the userdel command and its options.

        As you know, Linux is a multi-user system, which means that more than one user can interact with the same system at the same time. User management is an important part of Linux administration. One of the most basic tasks that you should know is how to manage the users on Linux systems.

      • Install Graylog on Ubuntu 20.04 LTS - A log management software

        This tutorial will help the users to install and use Graylog on Ubuntu 20.04 LTS server to collect and analyze systems log data centrally in one place.

        Graylog is an open-source tool that offers an integrated platform for collecting, indexing, and analyzing log data. The system essentially consists of the Graylog web interface, the Graylog servers, the Elasticsearch nodes, and a Mongo database.

        The nodes can be scaled as required. A system in which everything is combined in one node is sufficient for testing. The Graylog server is the central element of the architecture, which takes care of the management of the Elasticsearch indices and forms an abstraction layer. Therefore, it would be possible to swap Elasticsearch for another system that is particularly suitable for analyzing the log data.

        Graylog supports various input mechanisms. By default, four different formats or protocols are supported: Syslog, GELF, JSON / REST-URLs, and RAW. syslog is a standard for the transmission of log messages and is often used by system components.

    • Games

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Nitrux loves Packagecloud

          For the former, we decided to use the services provided by Ever since we created our repository, sometime four years ago, we used aptly. For the most part, aptly was ok, but it never was sufficient to cover all of our needs to manage an APT repository as the distribution grew.

          Eventually, using aptly started to become a burden. At times, not uploading the packages that we built. Other times, it wouldn’t update the package index. In some cases where aptly was supposed to manage (i.e., delete) packages, the files would not be deleted, and we had to do it manually.

          In our search for a better tool for the job, we found We started by making an account, creating a repository, and uploaded a test package, and it couldn’t have been easier (none of this has any cost, by the way).

          All of this using their user-friendly web interface, something that aptly, of course, didn’t have. But uploading packages manually through a UI was not all; provides out-of-the-box integration for various CIs.

          We use Travis CI to build our packages and our ISO files. The documentation was straightforward to follow for this purpose, and it was just a matter of updating the travis.yml files in our repositories. We were already building and uploading packages to our newly created repository.

    • Distributions

      • Arch Family

        • [From Arch] Sorting out old password hashes

          Starting with libxcrypt 4.4.21, weak password hashes (such as MD5 and SHA1) are no longer accepted for new passwords. Users that still have their passwords stored with a weak hash will be asked to update their password on their next login.

      • IBM/Red Hat/Fedora

        • Age discrimination case against IBM leaks emails, docs via bad redaction

          An IBM age discrimination lawsuit filed in Texas last year has become a bit less opaque after The Register found an inadequately redacted court document that discusses plans to present evidence obtained from company emails and documents.

          The case involves 16 former Big Blue employees who claim "IBM’s highest executives created and attempted to conceal a multi-faceted 'fire-and-hire' scheme with the ultimate goal of making IBM’s workforce younger."

          Since the publication of a 2018 report by ProPublica and Mother Jones alleging systematic efforts within IBM to get rid of older employees and findings to that effect by the United States' Equal Employment Opportunity Commission (EEOC), there have been multiple lawsuits against IBM claiming that the IT titan engaged in a pattern of discriminatory behavior.

          There's a case underway in New York involving several former IBM employees. Last April, another case in Texas involving plaintiff Jonathan Langley was unexpectedly dismissed – and presumably settled.

    • Devices/Embedded

      • AGX Xavier edge AI system has four PoE ports

        Axiomtek unveiled a Jetson AGX Xavier based “AIE900-902-FL” computer with dual lockable HDMI ports and 6x GbE, 4x of which offer PoE. There is also a more compact, Whiskey Lake based “eBOX565” box.

        Axiomtek has announced the AIE900-902-FL, its first computer based on Nvidia’s high-end Jetson AGX Xavier. There is also a much smaller, Whiskey Lake based eBOX565 system that is a minor variation of an earlier eBOX (see farther below).

        The AIE900-902-FL follows earlier Jetson-based products such as the smaller AIE100-903-FL-NX, which similarly runs Linux on the lower-end Jetson Xavier NX. The system is designed for edge AI applications including 3D vision guided robots, autonomous mobile robots (AMRs), intelligent video analytics, domain-focused robot assistant, and intelligent roadside units.

      • Open Hardware/Modding

        • Automate your home on the cheap with this Arduino setup | Arduino Blog

          All too often, those who are new to Arduino struggle with creating large projects due to a lack of experience and components. This can be frustrating, but Instructables user MAKE_IT WITH_ME decided to tackle this issue by designing a super cheap way to automate home circuitry from just a single Starter Kit. His build uses a single Arduino Uno, although it can easily be swapped with something like a Nano or Mega, along with a stepper motor/driver, servo motor, threaded rod, and an IR receiver + remote combo.

    • Free, Libre, and Open Source Software

      • Web Browsers

        • Small Footprint Web Browsers for Linux

          Almost every one of us uses popular web browsers such as Google Chrome, Microsoft Edge, Opera, Safari, or Mozilla Firefox. Every one of them is unique in their own ways and fulfill our browsing needs excellently. Mozilla Firefox is the default web browser in Linux, and it comes pre-installed with many Linux distros out-of-the-box.

          But most of these web browsers are very demanding in terms of storage space and hardware acceleration required to function smoothly. So, if you have an old machine or low-end hardware on your computer, you might struggle to use these browsers efficiently. In addition to all this, privacy is a significant concern in today’s tech-savvy world that relies on the internet. Hence you need reliable lightweight browsers that fulfill your browsing requirements without causing you a privacy concern.

          This article will introduce you to lightweight web browsers for Linux that leave small footprints behind and work smoothly on older computers.

        • Mozilla

      • CMS

        • WordPress 5.8 Release Candidate 2

          WordPress 5.8 is slated for release on July 20, 2021, and we need your help to get there—if you have not tried 5.8 yet, now is the time!

      • FSF

        • GNU Projects

          • Hot new summer items from GNU Press! — Free Software Foundation

            The Free Software Foundation's (FSF) summer fundraiser is underway, and that means there are new items in the GNU Press Shop!

            First and foremost, there's the latest GNU hue: the gnu head T-shirt in "thirty-fifth anniversary" coral. You will stand out from the crowd in this exuberantly colored shirt. We're taking orders for a limited time for these, until July 16th, and then printing the shirts -- you should have yours in your hands and on your shoulders a few weeks later.

            We are also very pleased to present the GNU Press Shop's most novel novelty item yet: the software freedom advice orb. This "apparently-smart" tool offers words of wisdom to free software developer and layperson alike. Whenever you can't decide whether to "read the docs" or "file a bug," the orb can help. It's usable on any number of occasions and requires no charging or maintenance. We have a limited number of orbs, so get yours before they're gone!

      • Programming/Development

        • Dirk Eddelbuettel: ttdo 0.0.7: Small tinytest update

          A new minor release of our ttdo package arrived on CRAN today. The ttdo package extends the most excellent (and very minimal / zero depends) unit testing package tinytest by Mark van der Loo with the very clever and well-done diffobj package by Brodie Gaslam to give us test results with visual diffs (as shown in the screenshot here) which seemingly is so compelling an idea that another package decided to copied it more recently...

        • Dirk Eddelbuettel: RcppRedis 0.1.11: Minor Update

          A new minor release of RcppRedis arrived on CRAN, the first update since the last release in January of last year.

          RcppRedis is one of several packages connecting R to the fabulous Redis in-memory datastructure store (and much more). RcppRedis does not pretend to be feature complete, but it may do some things faster than the other interfaces, and also offers an optional coupling with MessagePack binary (de)serialization via RcppMsgPack. The package has carried production loads for several years now.

        • Excellent Free Books to Learn PostScript - LinuxLinks

          PostScript is an interpreted, stack-based language similar to Forth but with strong dynamic typing, data structures inspired by those found in Lisp, scoped memory and, since language level 2, garbage collection.

          The language syntax uses reverse Polish notation, which makes the order of operations unambiguous, but reading a program requires some practice.

          PostScript is a Turing-complete programming language, belonging to the concatenative group. This means that any program you can write in any programming language, you can write in PostScript (albeit it will be slower).

          PostScript files are (generally) plain text files and as such they can easily be generated by hand or as the output of user written programs. As with most programming languages, postscript files (programs) are intended to be, at least partially, human-readable.

        • Python

          • List Reverse Methods – Linux Hint

            When we are doing some python programming, then sometimes we need to reverse a list in python. The reverse of a list in python means to change the order. The first element will become the last element and the second element will be the second-last one, and the last element will become the first element, and so on.

            The Python programming directly does not support the array data structure. For that, we use the in-built list data structure. But sometimes, we need to use the array in Python programming, and for that, we have to import the module Numpy.

        • Shell/Bash/Zsh/Ksh

          • Reverse or shuffle a string in a particular field

            The idea for this post comes from a 2017 Stack Overflow question. The OP wanted to reverse the string in column 3 of a space-separated table (here called "table") without disturbing the other columns...

  • Leftovers

    • The Dalai Lama turns 86: Reincarnation debate gathers pace

      His Holiness the Dalai Lama (HHDL) celebrates his 86th birthday on 06 July. His advanced age and the intransigence of China in negotiating with him have brought the issue of Tibet and his reincarnation into focus. HHDL escaped from the Chinese annexation of Tibet in March 1959 and came into India. [...]

    • 86th Birthday of His Holiness the Dalai Lama Celebrated in Belgium

      Talking briefly about the hard work of the outgoing board, he pointed out the major success was the most lawful and smooth conduct of the Tibetan elections. Despite being the hardest period of Covid, both the preliminary and the actual elections were carried with the proper permission of local authorities. The donations to Indian PM Cares for Covid were substantial 15000 Euros. Recently at the instance of President Penpa Tsering’s appeal for relief and alleviation and Covid wave for Tibetans in the Indian Subcontinent, by yesterday another 12000 Euros have been donated by Tibetans in Belgium for onward transmission to the Health Department in India.

    • Dalai Lama turns 86 amid low-key celebrations during pandemic

      “The Dalai Lama is one of the foremost guides of our time and is one of the few individuals who can reorient Sino-Tibetan history in a positive direction,” the kashag said in a statement.

      It said the Chinese government should, therefore, recognise that he is the key to resolving the Sino-Tibetan conflict. “It should use this opportunity offered by taking the mutually beneficial middle path to foster a harmonious environment where Tibetans and Chinese can co-exist amicably,” it said.

      We appeal to the Chinese government to invite the Dalai Lama to Tibet and China on pilgrimage without any preconditions, the kashag said.

    • Science

      • [Old] Ep2 Donald Knuth

        In this episode of ACM ByteCast, Rashmi Mohan is joined by 1974 ACM A.M. Turing Laureate Donald Knuth, author of the hugely popular textbook series, "The Art of Computer Programming." They discuss what led him to discover his love of computing as well as writing about computer programming, his outlook on how people learn technical skills, how his mentorship has helped him write “human oriented” programs, the problems he is still working to solve, and how his dissatisfaction with early digital typesetting led him to develop TeX, as well as his interest in playing and composing music for the pipe organ.

    • Hardware

      • Biden Sets Up Tech Showdown With ‘Right-to-Repair’ Rules for FTC

        While the agency will ultimately decide the size and scope of the order, the presidential right-to-repair directive is expected to mention mobile phone manufacturers and Department of Defense contractors as possible areas for regulation. Tech companies including Apple Inc. and Microsoft Corp. have imposed limits on who can repair broken consumer electronics like game consoles and mobile phones, which consumer advocates say increases repair costs.

      • Is NVMe faster than SSD? – Linux Hint

        There is much confusion about the terms NVMe and SSD. In some cases, they are mistaken as two different drives, and sometimes their speeds are even compared. NVMe and SSDs are two very other things, but they work in tandem for faster storage access and data processing. NVMe is a protocol, an architecture that efficiently drives SSDs to work with the PCIe interface for optimum performance, while SSD is the storage drive itself. It is therefore incorrect to compare the speeds of NVMe and SSD. NVMe is the technology behind NVMe SSD’s extremely fast speeds and lower latency.

        The better and more specific question would be “Is NVMe faster than SATA SSD?” to which the answer would be a flat YES. NVMe SSDs are about 3-4 times faster than SATA SSDs with read-write speeds of up to 2000MB/s compared to the only 600MB/s of SATA SSDs. Unlike SATA and SCSI, NVMe doesn’t need a controller to communicate with the CPU, making communication with the CPU even faster. NVMe uses four PCIe lanes, supports massive 64K queues, and can send 64K commands per queue. The NVMe protocol, however, requires only 13 commands for high performance.

        NVMe SSDs also achieve lower latency than SATA SSDs. An NVMe SSD’s data reading latency is 300 microseconds, while SATA SSD is 500 microseconds based on an actual test. Likewise, data writing for SATA SSD is 2 ms, while NVMe SSDs is only 1ms.[1] The differences seem negligible, but the differences are substantially evident when working on large volumes of data.

        SATA SSDs, however, still have a price advantage over NVMe SSDs. NVMe-based SSDs have a higher price tag than SATA SSDs, the reason why SSDs using older technologies are still widely used today. SATA SSD’s lower price is more practical for regular consumers who can settle for the modest speed that this type of SSDs offer.

    • Health/Nutrition

    • Integrity/Availability

      • Proprietary

        • Ransomware Using Kaseya’s Software Vulnerability Impacted 800-1500 Businesses Internationally

          On July 22nd, Kaseya, a US-based IT company was hit with a massive ransomware attack. Kaseya provides IT tools to companies to monitor & manage their infrastructure. A tool named VSA was reported to have a severe vulnerability by the Dutch Institute for Vulnerability Disclosure (DIVD).

          Kaseya has almost 37k customers out of which only 50 customers were impacted by the ransomware attack. Most of Kaseya’s customers are MSPs (Managed Service Providers) who provide services to other small or medium businesses.

          The 50 customers who were impacted by the attack have around 800k to 1million customers around the World. According to Kaseya’s CEO Fred Voccola, 800-1500 customers of their MSPs were directly hit by the attack. The attack affects businesses from all over the world, but most affected are from Sweden, Germany, Netherlands, and New Zealand. Several IT companies were impacted in Germany, Supermarkets in Sweden, and Schools and Kindergartens in New Zealand.

          A Russian group of hackers called REvil took responsibility for the attack. A representative of REvil talked to Reuters and victims of the attack in an online chatroom to negotiate. They demanded $70 million for decrypting all the customers’ data with a global key.

        • Pentagon Cancels a Disputed $10 Billion Technology Contract

          The Defense Department said in a news release on Tuesday that the contract for the Joint Enterprise Defense Infrastructure, known as JEDI, “no longer meets its needs,” but it said it would solicit bids from Amazon and Microsoft on future cloud-computing contracts.

          The Pentagon statement made for a quiet end to years of legal wrangling and dueling technology claims over what many considered to be the marquee contract for providing cloud-computing services to the federal government.

          A senior administration official said that soon after the Biden administration took office, it began a review that quickly concluded that the costly arguments over JEDI had been so lengthy that the system would be outdated as soon as it was deployed.

        • Pentagon cancels $10bn 'Jedi' contract

          The Department of Defense (DoD) said in a statement on Tuesday: "With the shifting technology environment, it has become clear that the Jedi Cloud contract, which has long been delayed, no longer meets the requirements to fill the DoD's capability gaps."

          It added that it would seek new proposals "from a limited number of sources", including both Amazon and Microsoft.

        • Pentagon Moves to Split Cloud Deal Between Microsoft, Amazon

          The Pentagon scrapped a $10 billion cloud-computing contract awarded in 2019 to Microsoft Corp. after several years of wrangling between the government and some of the biggest U.S. tech companies over the deal, indicating it plans to divide the work between Microsoft and rival Inc. instead.

        • Pentagon cancels Microsoft JEDI contract, will ask for new cloud computing bids

          The release also announced a multi-vendor contract called the Joint Warfighter Cloud Capability contract to provide many of the services offered by JEDI. CNBC says the Defense Department considers Amazon and Microsoft the only companies capable of providing the necessary infrastructure, although it says it will perform market research to see if other competitors could fit the bill.

        • Pentagon cancels $10 billion JEDI cloud contract that Amazon and Microsoft were fighting over

          The fight over a cloud computing project does not appear to be completely over yet. The Pentagon said in the press release that it still needs enterprise-scale cloud capability and announced a new multivendor contract known as the Joint Warfighter Cloud Capability.

          The agency said it plans to solicit proposals from both Amazon and Microsoft for the contract, adding that they are the only cloud service providers that can meet its needs. But, it added, it will continue to do market research to see if others could also meet its specifications.

        • Full Impact Of Ransomware Attack Hard To Estimate, CEO Of Software Company Targeted Says [iophk: Windows TCO]
        • U.S. Senator Recommends Mandatory Breach Reporting for Companies [iophk: Windows TCO]

          King said he strongly advocates that such new rules should be a joint effort with the Geneva Convention for Cyber War. It’s the type of international cooperation that others have recommended between countries.

        • [iophk: Windows TCO]

          The hackers targeted US firm Kaseya, which provides remote software services to about 37,000 clients. Kaseya CEO Fred Voccola said the company believed that fewer than 40 of its customers had been affected. However, at least 20 of those were managed-service providers (MSPs). Companies hire MSPs to remotely manage their IT infrastructure. Attacks against MSPs are tricky because affected MSPs end up inadvertently passing the ransomware onto their clients, who can pass it onto their clients, in what is known as a "supply chain attack."

          "It's particularly insidious for all the customers because it spreads through a supposedly trusted channel," Miriam Föller-Nord, dean of the Department of Computer Sciences at Mannheim University of Applied Sciences, told DW.

        • Regarding the Kaseya Attack, Some Answers

          Firstly, how did Revel learn about the VSA exploit? This zero day vulnerability was in the process of being patched. The coordinated vulnerability disclosure process was being shepherded by Wietse Boonstra, the research at the Dutch Institute for Vulnerability Disclosure who discovered it. So how did it come to be used by a ransomware gang?

          There are a lot of interesting possibilities, but given how little we know it’s all pure speculation. Here are some of mine: it could be anything from a duplicate discovery, or a compromised researcher, or using already existing access to Kaseya to read the vulnerability reports.

        • Russian ransomware attack under way, Centre for Cybersecurity warns

          The current attack targets an ICT management tool known as Kaseya VSA, the CCB said. The software has certain vulnerabilities which allow it to be taken over, crippling not one machine but a whole network.

        • Microsoft Edge Translator contained uXSS flaw exploitable ‘on any web page’

          A universal cross-site scripting (uXSS) vulnerability in Microsoft Edge’s translation function left users open to attack, regardless of which website they visited, security researchers have claimed.

        • [Old] [Cr]ackers Tricked Microsoft Into Certifying Malware That Could Spy on Users

          On June 17, a security researcher found that Microsoft had signed a rootkit, a dangerous type of malware that has the ability to be persistent and capture practically all data on an infected computer. Whoever is behind this attack was able to make their malware look like a legitimate driver approved by Microsoft, giving them the ability to bypass most computers' protections.

        • Fallout continues from biggest global ransomware attack

          Thousands of organizations – largely firms that remotely manage the IT infrastructure of others – were infected in at least 17 countries in Friday’s assault. Kaseya, whose product was exploited, said Monday that they include several just returning to work.

          Because the attack by the notorious REvil gang came just as a long Fourth of July weekend began, more victims were expected to learn their fate when they return to the office Tuesday.

        • Kaspersky Password Manager's random password generator was about as random as your wall clock

          Last year, Kaspersky Password Manager (KPM) users got an alert telling them to update their weaker passwords. Now we've found out why that happened.

          In March 2019, security biz Kaspersky Lab shipped an update to KPM, promising that the application could identify weak passwords and generate strong replacements. Three months later, a team from security consultancy Donjon found that KPM didn't manage either task particularly well – the software used a pseudo-random number generator (PRNG) that was insufficiently random to create strong passwords.

          From that time until the last few months of 2020, KPM was suggesting passwords that could be easily cracked, without flagging the weak passwords for users.

        • Ransomware-hit law firm gets court order asking crooks not to publish the data they stole

          A barristers' chambers hit by a ransomware attack has responded by getting a court order demanding the criminals do not share stolen data.

          4 New Square chambers, which counts IT dispute experts among its ranks, obtained a privacy injunction from the High Court at the end of June against "person or persons unknown" who were "blackmailing" the firm.

          Those persons were said to be "responsible for engaging in a cyber-attack on [the barristers] on or about 12 June 2021 and/or who is threatening to release the information thereby obtained."

        • Pseudo-Open Source

          • Privatisation/Privateering

            • Linux Foundation

              • Costa Rican group ICE joins Linux Foundation 5G Super Blue Print initiative [Ed: What the heck is the connection to Linux? Just about nothing. Sometimes the OS, but this isn't about the OS.]

                Costa Rica's state telecom and energy operator ICE is the first Latin American operator to join the Linux Foundation's (LF) 5G Super Blue Print initiative, the LF press office confirmed to BNamericas.

                LF Networking, the LF group that works on open source networking projects, announced last week that seven new member organizations have joined the community to collaborate on the 5G Super Blue Print initiative, including the Costa Rican operator and ANTTEC, ICE's main union of technicians and engineers.

                The 5G Blue Print initiative is a big focus for Linux Foundation this year and the organization expects more companies to join the community.

        • Security

          • Privacy/Surveillance

            • Multiple European Attempts to Strengthen Online Privacy Are Likely to Have Global Impact

              For example, back in 2017, Privacy News Online wrote about a statement by Belgium, France and the Netherlands that Facebook broke their privacy laws. After years in the lower courts, the Belgian case reached the Court of Justice of the European Union (CJEU), the EU’s highest court. Interestingly, the case was not about Facebook’s actions themselves, but about whether or not Belgium’s Data Protection Authority has the power to investigate those actions. That might seem to be a strange question, but it relates to the way that the EU’s General Data Protection Regulation (GDPR) works. This specifies a “one-stop shop” rule, whereby generally only the data protection authorities in the jurisdiction where a company has its European headquarters can bring an action. The idea here is to prevent the situation where the many data protection authorities across the EU bring the same case. Instead, there is a “lead supervisory authority” that handles the case in conjunction with other data protection authorities.

            • [Old] The Hundreds of Little-Known Firms Getting Data on Americans

              The news highlights potential privacy issues in the ecosystem of real-time bidding (RTB), where participants in the online ad business can obtain so-called bidstream data on individuals such as their GPS location, device identifiers, and browsing history. The letters show how vast that ecosystem is, and potentially the national security risk of companies across the world accessing such data.

            • Facebook, Google, Twitter say could quit Hong Kong over proposed data laws: Report

              U.S. tech giants Facebook Inc, Alphabet Inc's Google and Twitter Inc have privately warned the Hong Kong government that they could stop offering their services in the city if authorities proceed with planned changes to data-protection laws, the Wall Street Journal reported on Monday, citing a letter.

              The laws could make the tech companies liable for the malicious sharing of individuals' information online, the newspaper added.

    • Defence/Aggression

      • Facebook Is Banning Anyone Charged With Participating In Capitol Hill Insurrection

        Mark Gray spotted an interesting tidbit buried in a Washington Post story about online activism among Trumpist supporters. Most of the story is the usual stuff about how propagandists are finding each other and organizing movements online. There is some of the usual hand-wringing that is standard in these stories about how social media is "enabling" this kind of activity, though it also notes that users very quickly migrated to other welcoming sites (and, also, how they've figured out ways to sneak back onto the bigger platforms):

      • Nigerian kidnappings reach crisis point

        The banditry violence, unconnected to the Boko Haram insurgency in the northeast, began as a farmer-herder conflict in 2011 and intensified between 2017–2018 to include cattle rustling, kidnapping for ransom, sexual violence and killings.

        One resident told DW that bandits were taxing farmers in exchange for safety — a sign that the government has lost control.

        About 21 million people living in Nigeria's Zamfara, Kaduna, Niger, Sokoto, Kebbi, and Katsina states are hugely affected.

      • Taliban parade new weapons seized from Afghan military as U.S. withdraws

        Meanwhile, district after district has fallen to the Taliban. The militants have seized 120 districts since May 1, according to an ongoing assessment by the Long War Journal. The map is a moving patchwork, but at last count the Taliban controlled 193 districts and contested 130, while 75 were under the control of the government or are undetermined, according to the publication that reports on the global war on terror and is a project of The Foundation for Defense of Democracies, a hawkish Washington think tank.

        At the same time, many military outposts have been surrendered without a fight, allowing the Taliban to seize weapons, according to multiple Afghan military and government sources.

      • [Old] Global warming below 1.7€°C is ‘not plausible’, reveals our study of the social drivers of decarbonisation

        Plausible, on the other hand, means that something has more than an outside chance of occurring – it has an appreciable probability. In the context of climate futures, this means that a scenario is not merely feasible, but also that there is enough societal momentum and political will to make that future materialise.

        There is no hard, quantitative limit for “appreciable” probability or “enough” political will. But our assessment didn’t need to split hairs in this way. The evidence was overwhelming.

      • A Glimpse into the Future of Muslim-Majority Britain

        Batley and Spen must begin to force this conversation, a conversation I have been trying to have heard for well over a decade. Britain is no longer voting by party, but by deeply-held religious beliefs, and with The Squad gaining ground, it is not hard to see this repeating itself in America.

        An insignificant by-election in a tiny town in the UK has become a glimpse into the future of political power in Britain -- and America. It sits with the Muslim majority and it is truly dark for the LGBT and Jewish communities.

    • Transparency/Investigative Reporting

      • Peter R de Vries: Dutch crime journalist wounded in Amsterdam shooting

        Amsterdam mayor Femke Halsema described Mr de Vries as a national hero, "brave, looking for justice, free spirit, helping people in distress, parents of murdered children".

        He was immersed in the job and his involvement in numerous high-profile cases resulted repeated calls from the underworld for his "liquidation".

        The Dutch Bar Association has released a statement describing the "brutal attack" as having an enormous impact on the legal profession.

    • Environment

      • 6 Things to Know About Climate Change and Heat Waves
      • The North American heatwave shows we need to know how climate change will change our weather

        While this heatwave has been extraordinary in many ways, its birth and evolution followed a well-known sequence of events that generate heatwaves.

        Heatwaves occur when there is high air pressure at ground level. The high pressure is a result of air sinking through the atmosphere. As the air descends, the pressure increases, compressing the air and heating it up, just like in a bike pump.

        Sinking air has a big warming effect: the temperature increases by 1 degree for every 100 metres the air is pushed downwards.

      • Why North America's killer heat scares me

        Climatologists are nervous of being accused of alarmism - but many have been frankly alarmed for some time now.

        "The extreme nature of the record, along with others, is a cause for real concern," says veteran scientist Professor Sir Brian Hoskins. "What the climate models project for the future is what we would get if we are lucky. The model's behaviour may be too conservative."

        In other words, in some places it's likely to be even worse than predicted.

      • Arctic’s coldest sea ice is vulnerable to melting

        Every year an ice floe as big as Austria simply vanishes. That’s climate change, as the Arctic’s coldest sea ice risks melting.

      • Glimmer of Hope in Honduras: Ex-Dam CEO & West Point Grad Convicted in Murder of Berta Cáceres

        A former U.S.-trained Honduran military officer and businessman has been found guilty of plotting the assassination of Berta Cáceres, the award-winning Lenca land and water defender killed in 2016. The Honduran Supreme Court ruled unanimously that David Castillo, the former president of the hydroelectric corporation DESA, was a co-perpetrator in Cáceres’s murder. Cáceres was assassinated as she led the fight against the construction of DESA’s massive hydroelectric dam on a river in southwestern Honduras that is sacred to the Lenca people. Seven hired hitmen were convicted of her murder in 2018 and sentenced in 2019. Castillo’s conviction this week comes just days after Honduras marked the 12th anniversary of the 2009 U.S.-backed coup. “This is the first time in 12 years that we have seen any kind of justice in Honduras,” says Honduran scholar Suyapa Portillo Villeda, an associate professor at Pitzer College and the author of “Roots of Resistance: A Story of Gender, Race, and Labor on the North Coast of Honduras.”

      • Energy

        • Exxon Lobbyists Tricked Into Naming Senators They Use to Block Climate Action
        • Pipeline Company Files $15 Billion Claim Against US for Canceling Keystone XL
        • Exxon Exposed: Greenpeace Tricks Top Lobbyists into Naming Senators They Use to Block Climate Action

          Democratic Congressmember Ro Khanna, the chair of the House Oversight Subcommittee on the Environment, has announced plans to ask the CEOs of Exxon and other fossil fuel companies to testify before the committee about their role in blocking congressional action to address the climate emergency. Khanna made the request after Greenpeace UK released a video of two lobbyists discussing Exxon’s secretive efforts to fight climate initiatives in Washington, revealing how the oil giant supported a carbon tax to appear proactive about climate change while privately acknowledging that such a tax has no chance of being passed. We feature the complete video and speak to one of the activists involved with it. “The reality is that almost nothing has changed in the Exxon playbook,” says Charlie Kronick, senior climate adviser at Greenpeace UK. “This has been going on for decades.”

        • America used fewer fossil fuels in 2020 than it has in three decades

          Americans gobbled up fewer fossil fuels in 2020 than they have in three decades, according to the US Energy Information Administration (EIA). Consumption of petroleum, natural gas, and coal dropped by 9 percent last year compared to 2019, the biggest annual decrease since the EIA started keeping track in 1949.

          The COVID-19 pandemic was responsible for much of the fall as people stayed home to curb the spread of the virus and used less gas. In April 2020, oil prices nosedived below zero because there was so little demand. The US transportation sector alone used up 15 percent less energy in 2020 compared to the year before. Higher temperatures last winter also helped to cut energy demand for heating, according to the EIA. As a result, greenhouse gas emissions from burning fossil fuels plummeted to a near 40-year low.

        • New night train to start between Berlin and Stockholm

          During the summer months, a new night train will start running between Berlin and Stockholm, stopping at Hamburg and Copenhagen along the way. The first train left Berlin at 6:54 PM on Monday and arrived in Stockholm at 2:20 PM the next day. The train then left the Swedish capital at around 4:20 PM, travelling back to Berlin.

          The train will run every day until September 4. After that, four or five trips will run every week until the end of November.

        • Night train service launched between three EU countries

          First trans-European night train Transdev and its Swedish subsidiary SnälltÃ¥get have inaugurated the first trans-European night train linking Sweden, Denmark and Germany. The inaugural trip took place on June 27 from Stockholm Central Station and arrived at Berlin Central Station (Hauptbahnhof) on June 28 making the trip 16 hours and 30 minutes long.

          q The train will run on the Stockholm – Copenhagen – Berlin line, replacing the old Malmö – Berlin line and is clearly in line with SnälltÃ¥get/Transdev’s ambition to revive night trains in Europe.

          The night train service will be delivered without public subsidies, using Transdev- SnälltÃ¥get own funds and will be supported only by the revenue from tickets sold to passengers.

        • [Old] New night train from Berlin to Denmark and Sweden starts Monday

          Transdev and SnälltÃ¥get say it's the first night train connection since the 1990s to run regularly between Sweden, Denmark and Germany. The service is part of a broader renaissance in European night trains brought on by the pandemic and growing concern over climate change.

        • [Old] Night trains make a comeback across Europe

          Demand has actually increased substantially, says Bernhard Rieder, spokesman for Austrian Railways (ÖBB), which runs the Nightjet and offers the most night train connections EU-wide, such as those from Munich to Rome and Hamburg to Zurich. "Since 2017-2018 there's really been a boom in night trains." Other railway companies that had already given up on the segment suddenly became interested in cooperating on night trains with the ÖBB, he says, leading to new night train connections including from Vienna to Berlin, and very recently, to Amsterdam.

        • [Old] Belgian company joins plan to launch night train to Berlin, Amsterdam, Prague

          Belgian night train operator Moonlight Express will expand its planned services between Brussels and Berlin to include stops in Amsterdam and Prague when it kicks off in 2022.

        • To Stop Climate Change Americans Must Cut Energy Use by 90 Percent, Live in 640 Square Feet, and Fly Only Once Every 3 Years, Says Study

          Vogel and his colleagues set themselves the goal of figuring out how to "provide sufficient need satisfaction at much lower, ecologically sustainable levels of energy use." Referencing earlier sustainability studies they argue that human needs are sufficiently satisfied when each person has access to the energy equivalent of 7,500 kilowatt-hours (kWh) of electricity per capita. That is about how much energy the average Bolivian uses. Currently, Americans use about 80,000 kWh annually per capita. With respect to transportation and physical mobility, the average person would be limited to using the energy equivalent of 16–40 gallons of gasoline per year. People are assumed to take one short- to medium-haul airplane trip every three years or so.

        • Climate activists appeal decision on shale oil plant's building permit

          At the start of June, the administrative court did not proceed with the nonprofit's complaint which sought the annulment of the building permit granted to state-owned energy group Eesti Energia for the construction of a shale oil plant in East-Viru County. The circuit court must now decide whether or not to start handling the complaint within a reasonable time.

          The decision to appeal against the first-tier court's judgement seemed like the only possible course of action, climate activist Kertu Birgit Anton said.

      • Wildlife/Nature

        • October 2022: Brazil, Amazon, World

          Between Orellana and Bezos, attempts to plunder the Amazon have included the follies of El Dorado, ships carried over mountains (dismantled, by the Peruvian rubber baron Carlos Fermín Fitzcarrald and whole by obsessed filmmaker Werner Herzog), a lavish Belle Époque opera house complete with 198 chandeliers in Manaus, and the 5,509 square miles of Fordlândia, Henry Ford’s rubber colony, his “work of civilization”, an epic failure on the Tapajós River. These grandiose projects have taken, and are taking a terrible toll in human life, as detailed in the 7,000-plus pages of the 1967 Figueiredo Report. Lost “in a fire” the year it appeared and “rediscovered” with little ado in 2012, this document details the reality of crimes hiding behind ancient and modern rapacious fantasies and involving the connivance of the Indian “Protection” Service: rich landowners who attacked the Craos tribe and killed a hundred people; the aerial attack using dynamite that slaughtered the Cintas Largas Indians; the Maxacalis, given firewater by landowners whose gunmen shot them down when they were drunk; the Nhambiquera Indians, massacred by machine guns; two Patachós tribes exterminated with smallpox injections; the Beiços-de-Pau tribe, murdered with arsenic-laced food; and the Paraná Indians who were tortured by grinding the bones of their feet. After an official inquiry, 134 officials were charged with over 1,000 crimes but no one was jailed. In brief, every extractive project has entailed slave labor, land swindles, massacres, hired gunmen, and enormous environmental ruination.

          And now there is President Jair Messias Bolsonaro who claims that indigenous tribes want to “steal” the Amazon, that environmental organizations are deliberately setting fire to the jungle to make him look bad, and who wants to “open up” the jungle for mining, cattle-raising, and hydroelectric projects, all in the interests of his two key support groups, evangelical Christians and agribusiness. He believes it’s “a shame that the Brazilian cavalry hasn’t been as efficient as the Americans who exterminated the Indians”. If Bolsonaro is to be ousted in 2022, candidates who want to break with the past that weighs so heavily on the present will have to avoid what Marx warned of, and what Bolsonaro is still using to his own destructive advantage, namely conjuring up “spirits of the past… borrowing from them names, battle slogans, and costumes in order to present this new scene in world history in time-honored disguise…”

    • Finance

      • Graphing China's Cryptocurrency Crackdown

        Here is the hashrate graph. It is currently 86.3TH/s, down from a peak of 180.7TH/s, so down 52.2% from the peak and trending strongly down. We may not have seen the end of the drop. This is good news for Bitcoin.

    • AstroTurf/Lobbying/Politics

      • Human Rights Investigators Probe Deadly Colombian Government Crackdown on Protests

        An international human rights commission has arrived in Colombia to investigate the right-wing government’s brutal crackdown on protesters after a general strike was called in April. More than 80 people have died since the protests began, with many killed by police and paramilitary forces. We go to Bogotá to speak with Mario Murillo, an award-winning journalist and professor who has closely reported on Colombia for decades and says the current round of violence is “a continuation” of a right-wing backlash to the 2016 peace accords between the government and FARC guerrillas, which ended more than 50 years of conflict. Murillo says right-wing forces have worked since the signing of that agreement “to completely derail that peace process” and crush social movements.

      • For China’s Business Elites, Staying Out of Politics Is No Longer an Option

        The clampdown on Didi may have an even deeper impact. It is a strong signal from Beijing to discourage listings of Chinese tech companies in the United States, businesspeople and entrepreneurs said, especially as the two countries battle for tech supremacy.

        By going after Didi and a few other U.S.-listed internet companies for data security concerns, Beijing has effectively laid the last brick of the digital Berlin Wall that increasingly separates the Chinese internet from the rest of the world. Beijing has made it clear that it is serious about keeping important data within its borders while pressuring its tech elites, who are among the biggest beneficiaries of globalization, to show their loyalty and obedience, they said.

      • A decade since ‘the year of the hacktivist’, online protests look set to return

        My research into hacktivism and cybercrime helps place hacktivism in its historical context – from which we can understand how, where and why hackers may soon resort once again to digital protest across the world.

        Hacktivism may have reached its peak a decade ago, but it’s been a feature of online activism since the early popularisation of the internet. Major hacktivist groups, such as the Electronic Disturbance Theater, the Electrohippies and Hacktivismo, were already active in the late 1990s. At the time, they supported the Zapatista movement in Mexico, protested global wealth inequality and flagged security issues in popular software.

      • Putin orders foreign tech firms to set up offices inside Russia

        The companies must register a personal account on the website of Russia’s state communications regulator Roskomnadzor, Reuters reported today. “A foreign entity, carrying out activities on the internet in Russia, is obliged to create a branch, open an office or establish a Russian legal entity,” the new law says.

      • Putin signs law forcing foreign social media giants to open Russian offices

        In particular, they have objected in the past to political opponents of the Kremlin using foreign social media platforms to organise what they say are illegal protests and to publicise politically-tinged investigations into alleged corruption.

        Moscow has fined firms for failing to delete content it says is illegal, slowing down the speed of Twitter as punishment, and on Wednesday opened a new case against Alphabet (GOOGL.O) subsidiary Google for breaching personal data legislation.

      • China's new front in the trade war with Australia — Africa

        They call it "debt-trap diplomacy".

        Easy credit extended on favourable terms when either no other country will, or global agencies such as the International Monetary Fund insist upon harsh reform measures such as stamping out graft and corruption.

        There comes a time, however, when the debts are called in. And it isn't always in the conventional sense of repaying the cash. Sometimes, other means of repayment are required.

        China isn't the first nation to employ this as an imperial strategy. But when it comes to Africa, it has turned the tactic into an art form.

      • Conservative social networks keep making the same mistake

        The withering of Parler has not dissuaded other conservatives from attempting to build something similar. On Thursday, Politico reported that former members of Trump’s team were behind Gettr, an app whose stated mission is “fighting cancel culture, promoting common sense, defending free speech, challenging social media monopolies, and creating a true marketplace of ideas.”

        This is more or less what Parler set out to do. (Like Parler, Gettr is also essentially a Twitter clone.) But Gettr, by virtue of not having been used to help coordinate a violent insurrection against the government, started with a clean slate.

      • Quitting EU adviser: Gilles de Kerchove invents „left-wing terrorist“ threat

        A handful of property damages in Italy could lead to left-wing activism being pursued more closely by police and secret services across the European Union. The initiative bears the hallmarks of the German Office for the Protection of the Constitution. Meanwhile, a package of measures against „violent right-wing extremism and terrorism“ has petered out.

    • Misinformation/Disinformation

      • Twitter tests new misinformation labels. Will they backfire?

        “Disputed,” “Misleading,” or “Stay informed?” As Twitter revamps its misinformation labels for better visibility and utility, concerns arise: Will these labels really help people discern facts? And do they allow Twitter to avoid more important content moderation work?

    • Censorship/Free Speech

      • A French Teenager’s Anti-Islam Rant Unleashed Death Threats. Now 13 Are on Trial.

        “I hate religion,” she declared. “The Quran is a religion of hatred.” She also used profanity to describe Islam and the crudest of imagery in referring to God.

        The ensuing onslaught of threats after the video went viral has landed 13 people in court on charges of online harassment.

        The case has put a spotlight on the roiling French debate over freedom of expression and blasphemy, especially when it touches on Islam. It is also a landmark test for recent legislation that broadens France’s definition of cyberharassment in regards to attacks on the internet, where vitriol is plentiful, modulated debate less so.

      • Twitter bans senior German politician for writing about increasing migrant violence

        Papke does not want to put up with this, he is taking action against the ban. Of course, hatred and denigration must be fought everywhere – also on the internet, says Papke.

        “But it can’t be that unpleasant truths are suppressed just because some don’t want to hear them.”

        His lawyer had set Twitter a deadline to unblock the account.

    • Freedom of Information/Freedom of the Press

      • Free Press Advocates Call on Biden to Dismiss Trump's Appeal Against Assange
      • What is Biden waiting for on the Julian Assange case?

        Icelandic hacker Sigurdur Ingi Thordarson, also known as “Siggi the hacker”, recently told Icelandic outlet Studin that Assange did not instruct him to hack into any government agencies nor private companies in Iceland.

        The admission is important: the US government case against Assange — which could result in a 175-year prison term for the Wikileaks founder — relies on Thordarson’s claim that Assange recruited him to hack Icelandic both public and private entities and provide Wikileaks with the classified material.

        With this allegation debunked, the Biden administration is left with even less of a reason to continue the Trump-initiated case against Assange and a free press.

      • Marianne Williamson calls on Biden to drop efforts to extradite Assange

        “What Assange revealed here was torture and rape and murder. What he revealed was up to 15,000 more civilian deaths than we had even known… this is about the U.S. war machine, about the fact that it is a very very big business. It is very well funded. We are not supposed to question the funding and we are not supposed to question what they do,” she said.

        Williamson spoke to Hill.TV shortly after Sigurdur Thordarson, a key witness against Assange, admitted to falsifying claims against Assange to gain American immunity. Williamson argued that this new information would “destroy” the U.S. case against Assange.

    • Civil Rights/Policing

      • The UN adopts Black Lives Matter, is mum on persecuted Christians

        "United Nations, your silence is getting worse. .. Please, please, please stand on the side of the helpless ... One of my colleagues, the Reverend, was slaughtered with his wife and children, and I was right there ... Now we are ready to make our last prayers, as an Islamic agenda is taking over the nation .... Women are dying every day, men are dying. What do you want us to do? ".

        But Ms. Bachelet, like other UN grand commis, was committed to caring about "systemic racism" in a democracy that twice elected an African American as president and even against Italy, where she wanted to send inspectors.

        For persecuted Christians, the UN’s farce has the flavor of tragedy.

      • Tibetan monks charged in secret Chinese trials with unknown offences, sparking renewed concerns

        China still maintains that Tibet is an "integral" and "inseparable" part of its territory, but many Tibetans' allegiances lie with their spiritual leader, the Dalai Lama.

        Thousands of Chinese troops invaded Tibet in 1950 and incorporated the region into China's territory the following year, which Beijing refers to as "peaceful liberation".

        After the failed Tibetan uprising in opposition to Chinese rule in 1959, the 14th Dalai Lama fled to India where he still lives in exile today.

        Many of the region's monasteries were destroyed during China's Cultural Revolution in the 1960s and 70s, and many Tibetans were also believed to have been killed.

      • Brussels bikini warning reopens debate on appropriate clothing in public

        “My main annoyance was that, in a multi-cultural society like the one we live in here, where there are so many cultures with so many different standards, the way the so-called rules worked was again stacked against women,” she said.

      • Iceland's four-day working week trials an 'overwhelming success', report finds

        Research into the trials, published this month by researchers from the UK think tank Autonomy and Iceland's Association for Sustainable Democracy (Alda), noted that following the trials' success, trade unions "achieved permanent reductions in working hours for tens of thousands of their members across the country".

        In total, roughly 86 per cent of Iceland’s entire working population has "now either moved to working shorter hours or have gained the right to shorten their working hours", the report found, adding that such reductions were won in contracts negotiated between 2019 and 2021.

      • Four-day week 'an overwhelming success' in Iceland

        The trials, in which workers were paid the same amount for shorter hours, took place between 2015 and 2019.

        Productivity remained the same or improved in the majority of workplaces, researchers said.s

      • Why Is It So Hard To Sue a Bad Cop?

        Vindicating your rights in court is a cornerstone of the rule of law. As the famous British jurist William Blackstone observed, "in vain would rights be declared, in vain directed to be observed, if there were no method of recovering and asserting those rights, when wrongfully withheld or invaded."

        Blackstone's dire scenario resembles what is happening in the United States today in cases like Byrd v. Lamb. File suit for damages against a lawless federal officer, and the federal courts likely will toss the suit in the name of following precedent. As Willett noted in his judicial protest, "redress for a federal officer's unconstitutional acts is either extremely limited or wholly nonexistent, allowing federal officials to operate in something resembling a Constitution-free zone."

        How did this sorry state of affairs come to pass?

    • Internet Policy/Net Neutrality

      • Reviving Bill C-10: CRTC Re-Opens Data Gathering Plans To Require Disclosures from Internet Streaming Services

        The consultation also asks for views on what an appropriate threshold would be for these requirements, which will provide the first hint of what the culture lobby has in mind with respect to thresholds exempting some services from Bill C-10 style regulatory requirements. That information will be useful, but the bigger issue is that in the absence of Bill C-10, the CRTC has opened the door to another legal showdown over the scope of its regulatory power. That may provide an advance preview of Canada’s effort to apply its rules to services operating around the world with the possibility that in the absence of Bill C-10, the entire exemption for digital media services will be revisited. Bill C-10 may soon be dead, but Ian Scott and the CRTC are seemingly itching to apply their regulatory muscle with or without legislative reform.

    • Monopolies

      • Patents

        • USPTO on Pace to Again Issue 200+ Discretionary Denials in 2021

          Even as Athrex was looming in the background, the PTAB has still managed to deny 104 petitions on procedural ground thus far in 2021. What is interesting, though, is the first quarter saw a combined total of 74 denials on procedural ground, while the second quarter saw a dip, to 30. As projected, discretionary denials are on pace to be just slightly lower in 2021 than in 2020 overall—and that is with more institution decisions in general set to issue.


          That said, the speed of resolution in patent cases across all districts has risen substantially, even as COVID restrictions have begun to lift; the significant backlog is, rather than dissipating, apparently increasing time-to-resolution across the country.

          Compared to last quarter, every district has increased their length to termination. The District of Massachusetts time-to-termination has increased by nearly two months, and the WDTX’s has increased by almost a month, even including the unusually high rate of quick settlement there.

          That said, the time-to-trial in the Western District of Texas’ Waco division is 20.48 months (in the mere 20 trials Judge Albright has presided over date); for the seven patent cases he has held, the average time-to-trial is a few days under two years, or 24 months—roughly five months beyond the ambitious target his scheduling orders set. Source: Lex Machina Database (Updated Jul. 6, 2021). The early termination averages in the Western District are driven primarily by hundreds of quick settlements.

        • China's electric VW Beetle knockoff shows up in patent images
        • ViCo oral proceedings on the legality of ViCo oral proceedings - G1/21, The Sequel [Ed: First article on the attempt by EPO to break the #law and then do "legal fudge"]

          The re-scheduled Enlarged Board of Appeal (EBA) oral proceedings for referral G1/21 (ViCo oral proceedings), were held last Friday. The EBA did not announce a decision during proceedings and we now await a written decision. The EBA oral proceedings were themselves plagued by technical issues that, unfortunately for the EPO, were not a great advertisement for the benefits of ViCo proceedings. For critics of ViCo, these difficulties were an ironic reminder that ViCo cannot be considered equivalent to in-person proceedings. However, the fact that the oral proceedings were conducted by ViCo meant that anyone was able to watch proceedings in the referral without the inconvenience and expense of attending the EPO in-person. The proceedings thus will have received an audience far wider than would otherwise have been the case. So where does the balance between fairness, efficiency and justice lie?


          An interesting exchange between the EBA and the President's representative concerned the question of whether the preference of EPO users should influence the EPO's decision on ViCo oral proceedings. The EBA noted the many amicus curiae arguing against mandatory ViCo oral proceedings (about 30 of the total 50 amicus curiae submitted on the referral). In response, the President's representative noted that parties have been overwhelmingly in favour of oral proceedings by ViCo. Furthermore, before oral proceedings by ViCo were mandatory, only 300 oral proceedings by ViCo were held, with one party in the dispute being able to stall proceedings for all the others. Since oral proceedings by ViCo have become mandatory, 3000 oral proceedings by ViCo have taken place. As such, it was argued, oral proceedings by ViCo provides quick access to justice and early legal certainty for the parties involved.

          However, the relevance of the statistics and user feedback cited by the EPO are questioned by critics, who note that we are still in the midst of a pandemic. Whilst ViCo oral proceedings have been essential for keeping the process of justice going during the extraordinary circumstances of a global crisis, it is argued that this does not justify a change to ViCo oral proceedings once the current crisis has been overcome.

      • Copyrights

        • ACE/MPA Seize Dozens Of Pirate Streaming Domains, Demand Data on Dozens More

          The Alliance for Creativity and Entertainment and partners the MPA have seized dozens of pirate-streaming related domains. In addition, the anti-piracy giants are demanding information that will allow them to identify the operators of dozens more pirate streaming sites, including the massive and others involved in the supply of IPTV packages.

        • Stream-Rippers Fight 'Dangerous' Data Logging Order in Court

          The Russian operator of YouTube-rippers and has asked a federal court in Virginia to annul a recent data logging order. The magistrate judge required the sites to keep extensive logs of user activity and hand these over to the major record labels. This order was legally incorrect and violates privacy laws in other countries, the defense now argues.

Recent Techrights' Posts

Microsoft Lacks a Solid Strategic Plan Other Than Buying Its Own Stock (and Paying Staff in Shares)
Beware and be cautious of bubbles
Microsoft's Chatbot Strategy Resulted in Massive Losses, So Now It's Trying to Reinvent Itself as 'Hardware Company' (Once Again, Years After XBox, KIN, Windows Phone and Surface Failed Miserably)
revenues associated with Windows has fallen sharply
Microsoft's Pearls of Wisdom: Layoffs Are Growth
Microsoft boss: layoffs are "long-term growth."
[Meme] Hide the Bodies
hiding EPO's role in funding Lukashenko
Josef Kratochvíl and All the European Patent Organisation's Chiefs (at the Administrative Council Too) Notified That Over 1,000 Members of Staff Demand Action on Patent Quality and Compliance (Industry Too is Alarmed That Many Invalid Patents Get Granted)
Huge corruption
Debian trademark canceled
Debian trademark canceled
Links 23/02/2024: Feed Aggregator and 2 Years of Invasion, Alexei Navalny’s Mother Blackmailed
Links for the day
Gemini Links 23/02/2024: Getting 'Sick' of Modern Tech and Deletion of One's Reddit Account
Links for the day
Links 23/02/2024: 227 Microsoft Layoffs Noted in Santa Clara and Disaster in Rivian
Links for the day
IRC Proceedings: Thursday, February 22, 2024
IRC logs for Thursday, February 22, 2024
Over at Tux Machines...
GNU/Linux news for the past day
[Meme] It's NOT Your PC
losing control of hardware
Gemini Links 22/02/2024: Removing Radio Ads and Being Seen on the Internet
Links for the day
Mark Shuttleworth and the Question of Liability (Debian Volunteers He Pressured Before the Suicides)
Humanity for me
Mark Shuttleworth's (MS) Canonical Running Microsoft (MS) Ads, Mischaracterising Mass Surveillance as 'Confidential' (the Usual Lie)
The money talks, so the facts are absent
Ads as 'Articles'
Money buys perception manipulation (or reputation laundering) campaigns
Abraham Raji & Debian, DebConf kayak death: search abandoned, evading liability
Reprinted with permission from Daniel Pocock
Links 22/02/2024: Chatbots Failing 'Big Time' and More Condemnations Appear of Bill Gates
Links for the day
There May be Close to 100,000,000 Laptops and Desktops Running GNU/Linux Around the World in 2024
hard to track the number
Search Engine Market Share Worldwide Shows How Badly Microsoft's Chatbot Strategy (Hopes) and Vapourware Have Failed
Bing, which was marketed as the forefront "product" for chatbots (Microsoft paid the media a lot of money for hype campaigns), gained nothing at Google's expense
[Meme] Demoralising and Putting Down Your Staff
unproductive and dangerous approach
This Week's Letter to António Campinos About Mean-Spirited Line Managers at the European Patent Office (EPO)
Seems like a way to get rid of staff. Some will resign in anger.
Software in the Public Interest (SPI) & Debian obfuscated structure fooled suicide victim's family: the ultimate example of bad faith
Reprinted with permission from Daniel Pocock
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, February 21, 2024
IRC logs for Wednesday, February 21, 2024
Gemini Links 22/02/2024: What We Pass On and HTTP Header Viewer
Links for the day
Manuel Estrada Sainz (ranty), Andres Garcia (ErConde) & Debian Deaths overworking
Reprinted with permission from Daniel Pocock
GNU/Linux Rising to 8% of Desktops/Laptops in Jordan?
what statCounter shows
[Meme] If Iraq Launches an Investigation Into How Microsoft Bought OpenAI Without Paying for It
fake "money" from Microsoft
Windows Has Fallen to 13% Market Share in Iraq (It was 100% Just 15 Years Ago), GNU/Linux Rose Sharply in Recent Years
In recent years Iraq was developing its own GNU/Linux distro
Springtime is Next, Here's What We Plan for March and April
This month and next month we expect to publish something unique about EPO abuses every day
Studying the Freedom of firefox-123.0.tar.bz2
The "F" in Firefox
Abraham Raji, Jens Schmalzing & debian-private cover-ups after deaths, accidents, suicides
Reprinted with permission from Daniel Pocock
Microsoft Bribes, Keeping Regulators at Bay
crime and corruption
[Meme] The Quotas Came From Above
EPO targets
EPO Talent Planning & Architecture is Another Attack on EPO Staff and the Central Staff Committee (CSC) Explains Why
ignore the flowery words
[Meme] Just Following Orders From "The Fu**ing President" António Campinos
Salary? OBEY!
Links 21/02/2024: China Working on West-less Tech Future, More Bounties on Patent Troll Leigh M. Rothschild (Which IBM et al Failed to Dismantle at the Root)
Links for the day
Links 21/02/2024: Encryption Backdoors Deemed Not Legal, Decentralised Web Under Attack
Links for the day
Games:Steam Audio as Free Software, Hazard Pay, ChipWits, and More
7 stories for today
Julian Assange, Wikileaks & Debian-private
Reprinted with permission from Daniel Pocock
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, February 20, 2024
IRC logs for Tuesday, February 20, 2024
Links 21/02/2024: Microsoft Sued for Monopolistic Policies, More Layoffs Planned for Next Month
Links for the day