On the road to embracing DevOps, many IT organizations still depend on traditional security practices, policies and tools that were not built to withstand the modern cloud-native approaches of scaling and complexity. With less attention paid to security, organizations fail to transform themselves in this rapidly-changing digital world. For many years, these issues were the security team’s problem; recent surveys and research highlight the importance of security at all stages of the software development life cycle (SDLC).
Server security tools used to be focused on safeguarding physical servers. Each box required login credentials, and administrative privileges were required to change anything. Software such as antivirus and malware protection were directly installed on each machine.
These days, the physical server is just another endpoint — albeit an important one. There are many ways to protect server resources, including backup, antivirus, patching, intrusion detection, and many more. Here are our top picks for the best server protection tools, in no particular order:
Siteage, LLC announces release sponsorship of Navy Linux, Navy Linux is currently the only option for in-place upgrades for CentOS
Could the Steam Deck mean fewer native Linux games? We chat with prolific game developer Ethan Lee and get his perspective on the negative impacts of the Deck.
Plus, our thoughts on how Valve might successfully ship Arch to consumers, a batch of feedback, and more.
Valve is trying there hand again at a console this time in the form of a handheld called the SteamDeck but unlike the last time they tried this, Linux gaming is very different in fact Linux gaming for most titles is basically seamless.
Do you have an Android device? Do you use Windows? Now there's a great, open-source, cross-platform app to sync up your phone and your PC. KDE CONNECT
Has Microsoft figured out a way to invalidate the GPL? We're skeptical.
Plus, the Gnome project says the traditional desktop is dead, and extensions are niche. Do we agree?
Rust has been threatening to creep into Linux in various ways for some time now. We're talking Rust, the language, not rust the iron oxide. And the creeping shows zero signs of slowing. In fact, Rust has finally (and officially) found its way into the Linux kernel.
Linux 5.12 Kernel has reached “End of Life”. Kernel developer Greg Kroah-Hartman has asked users to upgrade their kernel to 5.13 now.
In order to expose OpenGL 4.6 the last missing feature in llvmpipe is anisotropic texture filtering. Adding support for this also allows lavapipe expose the Vulkan samplerAnisotropy feature.
I started writing anisotropic support > 6 months ago. At the time we were trying to deprecate the classic swrast driver, and someone pointed out it had support for anisotropic filtering. This support had also been ported to the softpipe driver, but never to llvmpipe.
I had also considered porting swiftshaders anisotropic support, but since I was told the softpipe code was functional and had users I based my llvmpipe port on that.
Porting the code to llvmpipe means rewriting it to generate LLVM IR using the llvmpipe vector processing code. This is a lot messier than just writing linear processing code, and when I thought I had it working it passes GL CTS, but failed the VK CTS. The results also to my eye looked worse than I'd have thought was acceptable, and softpipe seemed to be as bad.
Alyssa Rosenzweig goes into the details of the reverse-engineering of the Mali "Valhall" GPU instruction set.
With the Linux 5.12 kernel bringing support for building the kernel with link-time optimizations (LTO) when using the LLVM Clang compiler, here are some benchmarks looking at that performance impact as well as more generally seeing how the LLVM Clang compiler performance is looking when building the Linux kernel relative to GCC.
Recently using Linux 5.14-rc1 I was carrying out benchmarks of this latest Linux kernel tree built under GCC 11 and then again with LLVM Clang 12 and lastly with LLVM Clang 12 while enabling the kernel LTO support. Tests were carried out on both an AMD Ryzen 9 5950X and Intel Core i9 11900K desktops for this initial testing. The same standard kernel configuration was used when testing these two compilers in their release builds. The benchmarks/software under test were maintained the same when testing the kernel builds and not re-built or any other changes besides the kernel under test.
Audacity's new owner Muse Group has been accused of threatening to land a developer in legal hot water, a move that could result in the programmer being forced to return to China to face a government of which he has been a vocal critic.
The developer in question, Wenzheng Tang, has expressed anti-China sentiments on his GitHub profile alongside a flag of Taiwan. He confirmed to The Register he is a Chinese national. We asked Tang for his approval to report on this debate, out of concern for his safety should he be deported from Canada, where he currently resides, as a result of any legal complaints brought against him.
Tang explicitly acknowledged that risk. "If I am deported back to mainland China, I would at least be jailed," he said in an email that may well understate the consequences of public political opposition to the Chinese government. Nonetheless, he sees value in publicity as a form of defense.
"I would rather put myself in the center of public interest," he explained. "Because of the Streisand effect, I believe a story would indeed help me rather than harm me."
A new release of PipeWire was made on Tuesday for this audio/video stream management solution for Linux that can replace the likes of JACK and PulseAudio.
PipeWire continues maturing nicely this year and with PipeWire 0.3.32 takes things one step further. PipeWire 0.3.32 does have some improvements as well as a number of different bug fixes that continue to come about thanks to PipeWire's use on Fedora Workstation 34 and beginning to appear in more environments too.
Rclone, a free and open source command line cloud storage sync tool, was updated to version 1.56.0, which includes some important new features. There's a new backend, new commands including Docker serve, a reworked configuration system, and there's also a new librclone C library.
Rclone is a command line cloud storage manager. You can use it to manage multiple cloud storage providers from the command line, which allows using the cloud equivalents of Unix commands like rsync, cp, mv, mount, ls, ncdu, tree, and so on.
You can use it to sync files and directories from and to cloud storage services (including directly between cloud storages) with optional encryption, mount a remote storage locally using its FUSE support, serve local or remote files over HTTP, WebDav, FTP, SFTP or DLNA, and more.
As for supported cloud storage providers, Rclone supports over 40 services, including Google Drive, Amazon Drive and S3, Dropbox, Microsoft OneDrive, Yandex Disk, NextCloud, Box, pCloud, and more. It runs on Linux, macOS, Microsoft Windows, *BSD and Solaris.
Many users often store important documents on a USB stick. However, there is always the risk of losing the device along with the stored data. For this reason and in order not to allow others to access the information, device encryption is the best solution to protect the data. This can be done quickly and easily on Ubuntu.
cPanel is a popular, secure, and effective commercial control panel for web hosting services. It includes many features and can be used through a powerful graphical user interface to manage shared, re-seller, business hosting services, and more.
Google Cloud Run is a server less container architecture which is highly scalable for running WordPress.
In this guide you are going to learn how to install or deploy WordPress to Cloud Run and configure custom domain with SSL.
Syncthing is a free, open-source, peer-to-peer file synchronization application. Syncthing can sync files between devices on a local network or between remote devices over the Internet, with all data transmitted between multiple devices are encrypted with TLS. Whenever you create, modify or delete data on one peering node, the application will automatically replicate the changes to other servers. Another popular feature is Syncthing being cross-platform available on Windows, macOS, Linux, Android, Solaris, Darwin, and BSD making it possible to sync across multiple devices.
For users wanting to try out this great syncing software, at the end of this guide, you will know how to install Syncthing on Ubuntu 20.04 LTS. The same principle will work for the newer version Ubuntu 21.04 (Hirsute Hippo).
If you are an IT professional and working with Docker then you may need a UI manager for docker. There are different open source tools such as rancher and portainer are available to manage different docker environments such as docker host, containers. Volumes, networks etc. In this article, we will learn how to install and configure Portainer in Ubuntu 20.04 and use it to manage docker environments.
Portainer is a lightweight UI manager for docker which can be used to manage different docker environments such as docker hosts or docker swarm clusters. Portainer runs in a single container and supports any Docker engine including Linux Container or windows native container and other platforms too. It makes it easy to manage all our Docker resources such as containers, images, volumes, networks, and more.
If you want to start with your cybersecurity journey, Kali Linux is one of the best operating systems for you as a beginner. It has plenty of tools you can use for ethical hacking or penetration testing purposes.
Install Kali Linux on VMware, as it is one of the best options to get familiar with this advanced operating system. Even if you mess up or install a feature incorrectly in the virtual environment, it would have no adverse repercussions on the host OS.
Here’s everything you need to know about installing Kali in VMware’s virtual environment.
One of the oldest still-working protocols on the Internet is FTP (File Transfer Protocol). Designed in the net’s earliest days, FTP never concerned itself with security. Later standards addressed this limitation by adding encryption, although insecure FTP remains in widespread use.
If after installing Debian 10 or 11 Bullseye you get an error in UFW firewall usage- “The command is not found” then you have to install it. And in this tutorial, we will learn that.
UFW (uncomplicated firewall) is an interface to IPTables, which is supposed to simplify the process of configuring a firewall. The aim of UFW is a straightforward command-line-based front-end for the very powerful, but not exactly easy to configure IPTables to offer. UFW supports both IPv4 and IPv6. If you want to secure the network or want to monitor the incoming and outgoing connections of your server, there is no way around a firewall. UFW is a practical tool that can be controlled and configured via the terminal.
Unlike other systems, you'll need to use the command line to zip files on a Linux computer.
No, it is no Duff beer if that rings a bell. Today, we are talking about Duf disk utility, an open-source, free “Disk Usage Free Utility” written in Goland and released under MIT license. The disk utility supports multi-platforms such as BSD, Linux, macOS and Windows operating systems.
In this video, we are looking at how to install Krita on Linux Lite 5.4.
Today we are looking at how to install Funkin' Salty's Sunday Night on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.
Arduino IDE is an open-source application to write and upload code to Arduino compatible boards. It is a cross-platform application that works on Windows, macOS, and Linux. Arduino is a hardware programming language, basically written in C and C++.
This tutorial will show you how to install Arduino IDE on Ubuntu 20.04. There are three different ways to install Arduino on Ubuntu - using the official installer script, using the snap package, and apt.
The Wine hackers have released the latest development build with Wine 6.13 with plenty of new features and the usual assortment of bug fixes.
For newer readers and Linux users here's a refresher - Wine is a compatibility layer built for operating systems like Linux, macOS and BSD. The idea is to allow other platforms to run games and applications only built and supported for Windows. It's also part of what makes up Steam Play Proton. Once a year or so, a new stable release is made.
Another big Steam event is coming up with the Steam Next Fest due to be live once again on October 1.
This is the event where for a limited time, developers put up fresh demos of their upcoming games. Not only that, you're able to watch various livestreams of talks directly from developers and watch them play their games directly on Steam pages.
For developers, they have until August 15 to submit their game for review, along with a demo.
A big new expansion and a big free update for everyone, RimWorld has expanded once again and so it might be time to dive back in to build just one more colony.
Calling Ideology a DLC probably isn't doing it justice. It's a pretty deep expansion, opening up tons of new ways on how you build your colony and manage your people. With a full customizable belief system based on "memes" which are the core ideas the belief is based upon including the likes of giving animals the same rights as humans, nudism that speak for itself, cannibalism, transhumanism and many more than can be combined together. These memes can have different rules, people can be converted to different beliefs and more. Sounds awesome.
It's no secret that the launch of Google's video game streaming platform Stadia has not exactly been smooth. From access issues to performance problems, up to and including a low adoption rate and stunted catalogue of games, this appeared for all the world to be Google's video game equivalent of Google Plus. In other words, one of those projects Google launches half way and then abandons. Part of the issue with the catalogue was reports that Google wasn't going to be shelling out cash to bring in more games to the platform last year.
It seems that Valve had incorrect details on the specification sheet for the Steam Deck, and as a result we now know the RAM is more impressive.
Originally (as seen on the Web Archive), Valve listed the Steam Deck as having "5500 MT/s dual-channel" which they've now adjusted to say it's actually "5500 MT/s quad 32-bit channels". Thanks to that, we know that the Steam Deck should perform even better than we originally thought it would. The speed may not have changed, but dual to quad is still a pretty nice boost.
For anyone who has been around Linux gaming for a while, the names Ryan "Icculus" Gordon and Ethan Lee will be well known as developers who port games to Linux and work on the tech behind tons of games.
Recently, our friends at Nuclear Monster spoke to both about Proton and the upcoming Steam Deck. Both giving a very different outlook on the future of Linux gaming, so it's interesting to see their perspectives on this considering how respected they both are for their work. For those who don't know Ryan Gordon maintains a lot of SDL, the MojoSetup installer (used by GOG), MojoShader, and ports to various platforms (not just Linux). Ethan Lee created FNA, the reimplementation of Microsoft's XNA, and Lee has probably ported more to Linux than anyone else (along with macOS too).
In the post with Ryan Gordon, it starts off with a little personal thought from the writer (who is sceptical of relying on Wine/Proton) but Gordon sees it differently. Gordon mentions it's no longer a case of talking about how many people directly use Linux of the desktop or how many install SteamOS but the focus will be on sales number for what's basically a type of games console. It is an interesting point, as eventually it could lead to millions of people with a Linux-powered handheld:
Splitgate released official native Linux support recently when the Open Beta went live, and it seems to be hitting it big pulling in plenty of regular players.
It's been so popular in fact, that their servers have repeatedly struggled to cope with the demand. We've done a few livestreams of it on our Twitch Channel, and we've seen how overloaded it has become a few times. The game even got the attention of Amazon AWS, who thought their servers were under some form of DDoS attack and ended up limiting them to "help".
On Steam alone, they've managed to hit a high of 8,980 just recently. Not quite the all-time high of 11,901 two years ago (when it first released) but right now during the Open Beta it's not even properly released either so it's looking good. Considering the repeated server issues too, it's a real show of strength. It does of course help that's it's free to play and fully cross platform between PC and consoles. When you take into account all players together, the Splitgate team announced they had seen over 50,000 concurrent players.
GUADEC 2021 is the second conference to take place online as a virtual event instead of a physical venue, and that’s because the COVID-19 pandemic is still affecting us. However, the best part about virtual conferences is that it won’t cost you a dime and you can join from the comfort of your living room.
GUADEC 2021 is for shaping up the future of the GNOME desktop environment, especially the upcoming GNOME 41 release, as GNOME users and developers from all over the world will gather together to share their knowledge and discuss the new features and changes.
While it’s arrival isn’t the most newsworthy event set to occur this cycle, Nautilus 40 carries a small crop of improvements and features that Impish daily testers will want to have a play about with.
Such as?
Well, this update to the famed file manager finally lets you sort files by creation date in the list view; is said to relay ‘more accurate’ file transfer and copy estimates; and improves tab completion in the location entry bar...
After 4 months of work, I am proud to present you the final version of the 1.x series! This is the final release because Debian has now frozen Bullseye and Kaisen has reached a real stability and positive feedback from almost all users, which is a good indicator of quality for me! The next release will be the 2.x series, based on the future Debian 12!
This release also marks the arrival of Kaisen on Distrowatch! It's a real pleasure and honor to be part of the official Distrowatch lists, it will hopefully allow us to get more feedback on the distribution!
I also put 2 new ISOS online, after several candidate releases. The ISO CONSOLE and NETINST.
nVidia proprietary drivers updated for OpenMandriva Lx 4.2 and Rolling branches. Also instructions for installing the drivers.
Everything starts from somewhere, and software is no different - just as physical goods have a point of origin and an associated supply chain, so does code. In today’s world, the origin story for most software applications starts, at least partially if not entirely, in an open source community. So how do you secure a supply chain for a product that has no physical form, no box to lock and is created in an environment where anyone can contribute to it?
Kasten by Veeam announced that the Kasten K10 data management platform is now available through Red Hat Marketplace. Enterprises will now be able to more seamlessly try the fully featured, free edition of Kasten K10 built and tested to exacting standards directly through the OpenShift environment.
The Kasten K10 data management platform is purpose-built for Kubernetes. The platform’s application-centric approach and deep integrations with relational and NoSQL databases, storage systems, and Kubernetes distributions provide backup/restore and mobility of Kubernetes applications.
Soon after I set up my Rockpro64 board, Peter Robinson told me about an annoying bug that happened on machines with a Rockchip SoC.
The problem was that the framebuffer console just went away after GRUB booted the Linux kernel.
7-Zip is a free, open source, cross-platform compression and encryption utility that neither requires registration or any kind of payment to use, even in a commercial environment. It's licensed under the GNU LPGL and other licenses. It's likely that you've at least heard of 7-Zip somewhere in your travels because it's been around since 1999. I think you'll like its many features, and I'm happy to bring this little gem to light, especially if you've never used it and you're looking for an encryption solution for your backups.
One of the most rewarding roles CIOs play is nurturing the next generation of IT leadership. It’s an opportunity to pass along the wisdom and, importantly, lessons learned from a career navigating the complexities and constantly evolving priorities of IT.
We caught up with CIOs who recently won the 2021 Alabama CIO of the Year ORBIE Awards to learn more about what it takes to be a strong IT leader today. The awards were presented by the Alabama CIO Leadership Association, a professional community that annually recognizes CIOs for their excellence in technology leadership.
Your people are essential to your success as a leader.
One theme each of these award-winning CIOs could agree on: Your people are essential to your success as a leader. How you empower, support, include, and invest in them can make the difference between good and great leadership. Read on for five mistakes rising IT leaders and seasoned CIOs alike should avoid.
See for yourself how deploying applications with the kam command-line interface simplifies GitOps adoption and€ streamlines application delivery.
A successful DevOps transformation requires an efficient and effective continuous integration and continuous delivery/continuous deployment (CI/CD) pipeline. One step toward establishing effective CI/CD is to rule out common misconceptions that can delay progress or cause toil. Part one of this two-part series featured the top CI/CD misconceptions from the perspective of DevOps Institute ambassadors. Part two continues to explore these misperceptions.
Any organization moving toward DevOps maturity should consider whether it is being misled by some of these common assumptions. A misconception that I frequently encounter is the view that CI/CD is a potential replacement for the need for skilled humans. However, the purpose of CI/CD automation is to perform consistent, redundant tasks so that humans can be free to do work that requires unique skills and critical thinking.
IBM on Monday reported better than anticipated revenue for Q2 2021, sending its shares up in after-hours trading.
Big Blue, evidently unfazed by a multi-week email disruption that's still not entirely resolved, delivered sales totaling $18.7bn for the quarter, an increase of three per cent year over year. It's the strongest revenue growth for the biz in three years. Net income, however, fell by three per cent to $1.3bn for the quarter.
Feast your eyes on the following set of exceptional icon themes that you can use on Ubuntu, Linux Mint, and pretty much every Linux distro out there.
The new Ubuntu kernel security updates are available for Ubuntu 21.04 (Hirsute Hippo), Ubuntu 20.10 (Groovy Gorilla), Ubuntu 20.04 LTS (Focal Fossa), Ubuntu 18.04 LTS (Bionic Beaver), as well as as for the ESM (Extended Security Maintenance) branches of Ubuntu 16.04 and Ubuntu 14.04.
Patched in these kernel updates is CVE-2021-33909, a 7-years-old privilege escalation flaw discovered by Qualys Research Labs in Linux kernel’s file system layer, which could allow an unprivileged user to create, mount, and then delete a large directory structure of over 1GB in size. This flaw affected all supported Ubuntu releases.
This is a series that offers a gentle introduction to Linux for newcomers.
In the previous article in this series we presented an introduction to the Bash shell. We explained the 4 types of commands that are available in the shell: Builtins, Aliases, External commands, and Functions.
In this article we’ll take you through the basics of files and permissions. We’ll use the ls command. It’s an external command provided the GNU core utilities, a package that is present on your Ubuntu installation. The package provides the basic file, shell, and text manipulation utilities (96 separate commands).
This list collects video games, which are fun and educational, available on Ubuntu for kids including how to install and play them. This features Frozen Bubble and Tux Math among the others. Let's play!
Colorful, easy to play game of bubbles shooting with a Penguin. You can play this either in single or two player mode.
Kids, let's play math! With this game, your kids will play by answering math problems and save the Penguins inside the Iglos.
It allows users to run high speed and complex applications with its quad-core processor as well as applications through Docker Containers with its Linux-based real time operating system.
[...]
For Linux-savvy users that want an industrial grade computer to run Node RED, Grafana or edge applications such as AWS IoT Greengrass, Edge Computer (752-9400/752-9401) is the device to use. It comes with a Debian Linux operating system, a quad-core ATOM processor, 64GB flash memory and either 4GB or 8GB RAM with memory able to be expanded via SSD HDD memory card. Control engineers and software developers can leverage the device’s openness to operate their edge of network applications.
Snoring is an annoying problem that affects nearly half of all adults and can cause others to lose sleep. Additionally, the ailment can be a symptom of a more serious underlying condition, so being able to know exactly when it occurs could be lifesaving. To help solve this issue, Naveen built the Snoring Guardian — a device that can automatically detect when someone is snoring and begin to vibrate as an alert.
Android is built on top of a heavily customized Linux kernel. So, running mobile apps on Linux makes sense using an Android emulator.
While this is not something new that you can do on your Linux machine, it is a feature more in demand after Windows introduced the ability to run Android apps in 2021.
Not just limited to using apps, some of the Android emulators can also come in handy for development and testing.
7-Zip is a open source file archiver with a high compression ratio. The program supports 7z, XZ, BZIP2, GZIP, TAR, ZIP, WIM, ARJ, CAB, CHM, CPIO, CramFS, DEB, DMG, FAT, HFS, ISO, LZH, LZMA, MBR, MSI, NSIS, NTFS, RAR, RPM, SquashFS, UDF, VHD, WIM, XAR, Z. Most of the source code is under the GNU LGPL license. The unRAR code is under a mixed license: GNU LGPL + unRAR restrictions. Check license information here: 7-Zip license.
Adobe joins a list of other high-profile companies to contribute significant funds to the development of Blender.
Today, Blender announced that Adobe has become a Corporate Gold Member level donor in the Blender development fund.
Welcome to another release! We did more bug-fixes than in any previous release (176). We paid more in bug-bounties than during any previous release cycle (4,200 USD) and we thank more contributors in the RELEASE-NOTES than ever before (83).
The Chrome team is delighted to announce the promotion of Chrome 92 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks.
Chrome 92.0.4515.107 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 92.
Google today released Chrome 92 as their newest release on the browser's four-week release regiment.
Chrome 92 has a number of security changes as well as some new developer additions. Among the changes with Google Chrome 92 include...
So what happened was that the 6th most rare Meebit was fractionalized into 1M pieces, and 30,000 (3%) of those fragments were graciously donated to MeebitsDAO by Divergence.VC. Kai proposed that a fun way to re-distribute those fractions would be to do a giveaway contest. Earn tickets for a raffle, have a shot at a chunk of a famous Meebit. Cool! There’s 3 different kinds of tickets, but for the 1st lottery Kai wanted to airdrop a raffle ticket in the form of an NFTââ¬Å —ââ¬Å aka the “Red Ticket”ââ¬Å —ââ¬Å to every current Meebit holder so they could have a chance to win. Hype up the MeebitsDAO and have some fun!
[...]
If you’re new to Ethereum and NFTs, the first thing you need to do know is that you 1st deploy your smart contract to the blockchain, at which point it will get an address, and then you call that smart contract on that address to mint NFT tokens. As you mint the tokens you need to supply a URI that contains the metadata for that particular token (almost everything we think of as “the NFT”ââ¬Å —ââ¬Å the description, image, etc.ââ¬Å —ââ¬Å actually lives in the metadata file off-chain). We generate a JSON file for each ticket and upload it to IPFS via a Pinata gateway, and then pin the file with the Pinata SDK. (pinning is the mechanism where you entice IPFS nodes to not discard your files.. ah, IPFS..)
Tor Browser 11.0a2 is now available from the Tor Browser download page and also from our distribution directory.
Note: This is an alpha release, an experimental version for users who want to help us test new features. For everyone else, we recommend downloading the latest stable Windows/macOS/Linux or Android release instead.
Tor Browser 10.5.3 is now available from the Tor Browser download page and also from our distribution directory.
This version updates Firefox to 90.1.1. This version includes important security updates to Firefox.
Please join me to welcome Joseph Cuevas (Joe) as part of the Customer Experience team and the broader SUMO family. Joe is going to be working as an Operations Manager specifically to build a premium customer experience for current and future Mozilla’s paid products.
Firebird 4.0 Docker has been released with images for AMD64, ARM64 and ARM/V7.
pgSCV is a Prometheus-compatible monitoring agent and metrics exporter for PostgreSQL environment. The goal of the project is to provide a single tool (exporter) for collecting metrics from PostgreSQL and related services.
Today is an exciting day for the WordPress community because the release of WordPress 5.8 “Tatum”. So let’s see what’s new.
WordPress is the most popular CMS (Content Management System) in the world, which makes it a top-drawer consideration when building a new site. It is used by 41% of the top 10 million websites.
WordPress 5.8 is finally here and there are a lot of great changes for its users. The new version include many small under the hood improvements and significant changes that will change the way we all work with it. Named in honor of Art Tatum, the legendary Jazz pianist, WordPress 5.8 is the second significant release of the year for this popular CMS.
Marking twenty years of the FSFE, we highlight the importance of software freedom in Europe and important accomplishments since 2001. We shed light on our community with a birthday page where you can find community interviews and videos. People are invited to celebrate with us and share their own stories.
Long before the first smartphone was introduced, it was evident to the FSFE's founders that it is the people who should be in control of technology and not vice versa. In 2001, Free Software experts around Europe therefore created the Free Software Foundation Europe. 20 years later, we successfully concentrate our daily work on three main pillars to help software freedom thrive in Europe: public awareness, policy advocacy, and legal support.
Despite advances in tools, platforms, and languages, software programming challenges dog developers.
A new release 0.2.2 of pkgKitten is now on CRAN, and will be uploaded to Debian. pkgKitten makes it simple to create new R packages via a simple function invocation. A wrapper kitten.r exists in the littler package to make it even easier.
Oracle has published a new version of GraalVM, its open-source Java JVM/JDK implemented in Java that also supports other programming languages and execution modes. GraalVM continues to be quite an interesting effort given its various languages supported and interesting technical experiments/features in the name of greater Java performance and other innovative features.
GraalVM 21.2 is another interesting release both for the pure community open-source project and also some new extras only within GraalVM Enterprise too. Among the changes catching my eye with GraalVM 21.2 include:
“These letters are letters, not literature,” insists Lynn Gallagher, the narrator of Jeremy Cooper’s epistolary novel, Bolt From the Blue. Gallagher tells us, in a brief introduction, that she has transcribed every postcard, letter, and e-mail that she and her mother sent to each other over a period of more than 30 years. She found many of these while cleaning out her mother’s apartment after her death, the letters in a jumbled pile in the back of a drawer and the e-mails in a file on her computer called GIRL.
It was totally quiet as I walked the paved streets past the houses on one-acre lots with their neatly mowed lawns and sculpted flower patches.
At first I enjoyed the peaceful stillness of the windless evening and the lack of traffic or even other walkers, but then it dawned on me what made it seem to uniquely calm. As I passed streetlight after streetlight, I realized there was not a moth, beetle or other miscellaneous bug flying around any of the lights.€ €
In English footballing history, the penalty shootout has been responsible for a string of famous defeats.€ In 1990, the national side lost to the West German juggernaut in the semi-final of the World Cup.€ In the European Championship in 1996, the result was repeated, with the Germans again winning.€ Southgate will have particularly vivid memories of that: he was one of the players who missed.€ The shelf of defeat was beginning to sag.
Then came the European Championships of 2020, delayed by the global pandemic.€ England were fortunate in their draw and, unlike many of their opponents, played most of their matches on home soil.€ But their record proved impressive, with Southgate’s side keeping a clean sheet till the semi-final against Denmark.€ It became clear that Southgate had created a team unit as opposed to a team of stars bristling with contesting egos.€ € Previous footballing practices extolled celebrity within the team, with predictable consequences.€ “Beckhamisation”, named after the recognisable former England captain and Manchester United player David Beckham, did much to create estrangement within the ranks between the celebrities and the foot soldiers.
With his wife expecting a child, a young graphic designer named Benjamim Kremz returns to his hometown of São Paolo to try to uncover the details of his family’s murky past. He never knew his mother—she died in childbirth—and his father, Teodoro, was committed to a mental hospital when he was young. Scarcely has Benjamim’s quest to understand their relationship begun when Raul, one of Teodoro’s oldest friends, drops a bombshell. “Your mother, Elenir, was married to your grandfather and had a child by him,” Raul tells Benjamim, before explaining that his half-brother (which is to say, uncle) died before leaving the hospital, a trauma that abruptly ended Elenir’s relationship with Benjamim’s grandfather Xavier.
Two months, I preordered an interesting-looking ebook title from Packt Publishing. Neither the post-purchase experience nor the final product lived up to my expectations.
The ebook’s product page said it was due for release in the second week of June. However, I didn’t receive any information about the book availability after I’d placed my order. Both the order confirmation page and the receipt email told me to visit my downloads page. I didn’t find any ebooks listed in my account and no information about my purchase.
I knew I had preordered the book, and I expected to see it listed in my account. The purchase experience was confusing and unclear overall. The PayPal receipt email made it clear that I’d paid for something, but Packt dropped the ball on the delivery. Packt didn’t ask me to set up an account or do anything other than providing an email address. All I’d want to see was one sentence saying something like “[Book Title] will be delivered to your email inbox by July 2020.”
I didn’t receive an email from Packt when the book was supposed to be released. I had created a reminder in my calendar for the following day, though. I logged back into my Packt account, but it still didn’t list any books. I found my way back to the book’s product page where it said the release date got delayed by a month. Which is okay; stuff happens.
Google Cloud's veep of developer relations abruptly left the web giant late last week after sharing a lengthy essay on how he no longer hated "all the Jewish people."
One month ago, Egyptian-American Amr Awadallah, who joined Google in 2019, had posted on LinkedIn a 10,000-word missive, with an accompanying two-hour YouTube video, declaring: "I hated the Jewish people, all the Jewish people, and emphasis here is on the past tense.
"Yes, I was anti-Semitic, even though I am a Semite, as this term broadly refers to the peoples who speak Semitic languages, such as Arabic and Hebrew, among others."
Japanese researchers have broken the world record for the fastest internet speed by transmitting data at 319 terabits per second (Tbps) using modern day compatible fibre optical cable, according to the country's primary comms research institute.
The 3,001km (1,864 miles) optical fibre was designed by engineers at the National Institute of Information and Communications Technology (NICT) Network Research Institute.
That is the argument of Mark Carrigan, a research associate in the University of Cambridge’s Faculty of Education. Many scholars, he claimed, were “ill-equipped to deal with the pitfalls of platforms which effectively seek to manipulate their users…We may think we are countering falsehoods or introducing seriousness into the debate, but if we do so in a scattergun, disorganised fashion, we are just adding to the cacophony of platforms [such as Twitter].” Far better was to “find ways for academics to collectively use platforms rather than individually be used by them”.
Fifty years ago, medical research warned about the overuse of antibiotics creating mutations of€ resistant bacterium, making these drugs less effective. Dr. Sidney Wolfe warned about this€ criminal negligence again and again, along with other colleagues. But the drug companies kept€ over-promoting to get physicians to over-prescribe. Today, antibiotic resistance takes over€ 100,000 lives a year just in the U.S. Some bacterium are mutating beyond the ability of medical€ science to catch up with new more powerful antibiotics to curb new antibiotic resistance€ bacterium.
Deadly Lag Time.
A new study published Tuesday in the Journal of the American Medical Association shows that people in the United States now owe collection agencies a staggering $140 billion due to unpaid medical bills—making healthcare the nation's largest source of debt in collections.
The researchers estimate that in June 2020, roughly one in five people in the U.S. had medical debt in collections—meaning their debt had been sold to a third-party tasked with retrieving the money, often by harassing low-income people who are unable to pay.
If there’s one thing antivaxxers love, it’s citing the Nuremberg Code. We’ve seen it (and I’ve discussed it here) many times before, coming from antivaxxers as diverse in their level of fanaticism as Mike Adams, who has all but called for “Nuremberg-style” trials for pro-vaccine physicians and scientists; washed up comedian Rob Schneider; the grande dame of the antivaccine movement, Barbara Loe Fisher; our recent acquaintance, “holistic” cardiologist Joel Kahn; Phil Valentine; VAXXED “documentarian” Del Bigtree; and disgraced antivax physician from the Cleveland Clinic, Daniel Neides. The examples go on and on and on. Antivaxxers invoke the Nuremberg Code so often that I’ve started calling their doing so the “Nuremberg Code gambit.” That’s why, every so often, I feel the need to revisit this topic and explain why the way antivaxxers invoke the Nuremberg Code against vaccines reveals a poor understanding of history and is a thinly disguised (actually undisguised) Godwin.
For the past three weeks, Moscow residents could be refused dine-in service at restaurants unless they presented an official QR code proving vaccination, recovery from COVID-19, or a recent, negative PCR test. These QR codes were issued along with certificates, which, as it turns out, are numbered based on encrypted statistics from the Russian Health Ministry’s official coronavirus registry. As part of a joint investigation with Holod Media and Mediazona, Meduza’s journalists studied these certificate numbers, which are issued by the government services portal Gosuslugi, and uncovered that Russia has registered as many as 29 million suspected cases of COVID-19 — a number that’s five times higher than the official statistics reported by the country’s operational headquarters for the fight against the coronavirus.
On July 19, the Liberal Mission Foundation published an assessment of how Russia has handled the coronavirus pandemic, analyzing the government’s actions and the public’s response. Most controversially, the report’s authors argue that Russia could have avoided roughly 220,000 deaths if officials imposed a second lockdown. Meduza reviews how researchers came to this alarming conclusion.
A federal judge in Connecticut today handed down a sentence of time served to spam kingpin€ Peter “Severa” Levashov, a prolific purveyor of malicious and junk email, and the creator of malware strains that infected millions of Microsoft computers globally. Levashov has been in federal custody since his extradition to the United States and guilty plea in 2018, and was facing up to 12 more years in prison. Instead, he will go free under three years of supervised release and a possible fine.
According to Gartner’s research on operational technology, security incidents in OT and other cyber-physical systems (CPS) have three main motivations - actual harm, commercial vandalism (reduced output) and reputational vandalism (making a manufacturer untrusted or unreliable).
Gartner predicts that the financial impact of CPS attacks resulting in fatal casualties will reach over $50 billion by 2023, and even without taking the value of human life into account, the costs for organisations in terms of compensation, litigation, insurance, regulatory fines and reputation loss will be significant.
The Cloud Foundry Foundation kicked off the Cloud Foundry Virtual Summit today, featuring news on the latest release of cf-for-k8s (Cloud Foundry for Kubernetes), new community organizational structure, as well as news from MinIO, SAP and VMware.
It makes great sense for operators in Latin America to develop 5G directly in the cloud, because the cloud provides significant flexibility and agility in terms of the services offered, Heather Kirksey, director of Open Platform for Network Functions Virtualization (OPNFV), told BNamericas.
The world woke up on Tuesday to two new vulnerabilities—one in Windows and the other in Linux—that allow hackers with a toehold in a vulnerable system to bypass OS security restrictions and access sensitive resources.
I’d like to shed some light at the process of Authentication since it’s a fundamental building block in creating secure tools that need to communicate with other actors over the network. When tools and/or users interact with one another – e.g., through a web browser – both ends of the interactions need a way to make sure, they’re communicating with the right party. Some bad actor might for example create a web page that looks like your bank’s online banking portal. With additional DNS spoofing you might be connecting to the wrong website. When you’d be trying to log in you’d be prompted for username and password. If you entered them on that phony web page, you’d provide them to the attacker. It’s imperative for your browser to be able to make sure, that this is not the case here.
There is a lot of attention being paid to continuously updating servers to patch security vulnerabilities on Linux servers running in data centers – a basic step underpinning technology infrastructure in every industry. Yet, staff resources to deal with maintaining servers are not sufficient to meet the workload, said 55% of respondents in a worldwide survey by CloudLinux.
Former journalist Matthew Keys, who served two years in prison for posting his Tribune Company content management system credentials online a decade ago in violation of America's Computer Fraud and Abuse Act, has been ordered back to prison for violating the terms of his supervised release.
On Monday, Keys, 34, a resident of Vacaville, California, received an additional six-month sentence and 18 months of supervision with computer monitoring requirements, according to the US Attorney's Office of the Eastern District of California. The sentence follows from a judge's finding that Keyes intentionally deleted a YouTube account he was managing on behalf of his then employer, Comstock’s Magazine.
In this article, we explained what authorization is and how it differs from authentication. We gave examples for authorization processes and explained the two different access control models: capability-based access control and access control lists.
The Linux/UNIX file permissions were used to show an example of how ACLs could be used. Note that, although Linux/UNIX file permissions are a type of ACL, they are not to be confused with the POSIX ACL, which are also available on Linux platforms. S acl(5) in the man pages for more information.
We learned that authorization is used to determine what actions a subject is allowed to perform on an object. Besides the examples from this article, other methods can be used to implement access control, including Discretionary Access Control (DAC), Mandatory Access Control (MAC) or Role-Based Access Control (RBAC), to name the most common ones.
Security updates have been issued by Arch Linux (ant, code, dino, firefox-ublock-origin, go, libuv, nextcloud-app-mail, nodejs-lts-erbium, nodejs-lts-fermium, openvswitch, putty, racket, telegram-desktop, and wireshark-cli), Debian (kernel, linux-4.19, and systemd), Fedora (kernel, kernel-headers, kernel-tools, and krb5), Gentoo (systemd), Mageia (perl-Convert-ASN1 and wireshark), openSUSE (caribou, containerd, crmsh, fossil, icinga2, kernel, nextcloud, and systemd), Red Hat (389-ds:1.4, glibc, java-1.8.0-openjdk, java-11-openjdk, kernel, kernel-rt, kpatch-patch, libldb, perl, RHV-H, rpm, shim and fwupd, and systemd), Slackware (kernel), SUSE (caribou, containerd, crmsh, curl, dbus-1, kernel, qemu, and systemd), and Ubuntu (binutils, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux, linux-aws, linux-aws-5.8, linux-azure, linux-azure-5.8, linux-gcp, linux-gcp-5.8, linux-hwe-5.8, linux-kvm, linux-oracle, linux-oracle-5.8, linux-raspi, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon, linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.3, linux-hwe, linux-lts-xenial, linux-kvm, linux-oracle, linux-raspi, linux-raspi2-5.3, linux-oem-5.10, nvidia-graphics-drivers-390, nvidia-graphics-drivers-418-server, nvidia-graphics-drivers-450-server, nvidia-graphics-drivers-460, nvidia-graphics-drivers-460-server, nvidia-graphics-drivers-470, and systemd).
Here we are again. NVIDIA has today sent out a security bulletin to inform users on Linux and Windows to ensure your GPU drivers are up to date to do freshly revealed security problems.
The issues can result in information disclosure, data tampering, and denial of service. As always, even if you think you're not vulnerable for whatever reason, upgrading is highly recommended now.
This has been a busy week for security news, but perhaps the most significant security and privacy story to break this week (if not this year), is about how NSO Group’s Pegasus spyware has been used by a number of governments to infect and spy on journalists and activists and even heads of state by sending an invisible, silent attack to their iPhone that requires no user interaction. This attack works even on new, fully-patched phones, and once the phone is compromised, the attacker has full remote control over the phone including access to the file system, location, and microphone and cameras.
What’s particularly scary about spyware in general, and is true for Pegasus as well, is that victims have no indication they’ve been compromised. Due to how locked down the iPhone is from the end user, detecting Pegasus in particular requires expert forensics techniques. This has left many at-risk iPhone users wondering whether they too are compromised and if so, what do they do?
If you hadn't noticed, there's been no shortage of dodgy folks attempting to cash in on the MAGA craze. There's also been no shortage of folks eager to cash in on the generalized animosity against "big tech" driven by bogus claims of "Conservative censorship" (aka: people being held vaguely accountable for being racist assholes on the internet via clumsy Silicon Valley moderation practices that don't work well at scale).
Three UN Special Rapporteurs—the Rapporteurs for Freedom of Expression, Privacy, and Association—heard and in large part affirmed civil society’s criticism of the 2021 Rules, acknowledging that they did “not conform with international human rights norms.” Indeed, the Rapporteurs raised serious concerns that Rule 4 of the guidelines may compromise the right to privacy of every internet user, and called on the Indian government to carry out a detailed review of the Rules and to consult with all relevant stakeholders, including NGOs specializing in privacy and freedom of expression.
2021 Rules contain two provisions that are particularly pernicious: the Rule 4(4) Content Filtering Mandate and the Rule 4(2) Traceability Mandate.
Rule 4(4) compels content filtering, requiring that providers are able to review the content of communications, which not only fundamentally breaks end-to-end encryption, but creates a system for censorship. Significant social media intermediaries (i.e. Facebook, WhatsApp, Twitter, etc.) must “endeavor to deploy technology-based measures,” including automated tools or other mechanisms, to “proactively identify information” that has been forbidden under the Rules. This cannot be done without breaking the higher-level promises of secure end-to-end encrypted messaging.€
That’s very much what this blog has been advocating for the last few years now. The trouble is, even with the GDPR, progress has been slow. One important recent development has been the increasing interest in using the GDPR at a national level to police privacy infringements. That’s not how the GDPR was originally envisaged: instead, the “one-stop shop” approach was meant to encourage a “lead supervisory authority” in one EU country to handle the case in conjunction with data protection authorities in the other EU nations. Germany in particular seems keen to go it alone. Alongside that move by a national data protection authority, we now have another local action by Dutch citizens against Facebook claiming damages for allegedly infringing on their privacy. As a press release from the Dutch Consumentenbond (Consumers Association) explains (translation by DeepL):
So it is no surprise that people around the world are angry to learn that surveillance€ software sold by NSO Group to governments has been found on cellphones worldwide. Thousands of NGOs, human rights and democracy activists, along with government employees and many others have been targeted and spied upon. We agree and we are thankful for the work done by Amnesty International, the countless journalists at Forbidden Stories, along with Citizen Lab, to bring this awful situation to light.
"A commitment to giving their own citizens strong security is the true test of a country’s commitment to cybersecurity."
Like many others, EFF has warned for years of the danger of the misuse of powerful state-sponsored malware. Yet the stories just keep coming about malware being used to surveil and track journalists and human rights defenders who are then murdered —including the murders of Jamal Khashoggi or Cecilio Pineda-Birto. Yet we have failed to ensure real accountability for the governments and companies responsible.€
The Washington Post on Tuesday revealed that three presidents, 10 prime ministers, and a king are among the more than 50,000 individuals whose phone numbers appeared on a leaked list of potential targets of Pegasus, the military-grade spyware licensed by Israeli firm NSO Group, prompting human rights defenders to call for a global crackdown on the surveillance industry's invasive technologies.
According to the Post, the phone numbers of hundreds of public officials, including 14 heads of state and government, appeared on the list. It was not possible to confirm if the world leaders' smartphones had been infected with Pegasus, however, because none agreed to a forensic analysis of their iPhones or Android devices.
Mexico appears to have submitted more phone numbers for potential surveillance to the Israeli cybersurveillance company NSO Group than any other client country, according to an investigation of the company by an international collaboration of media outlets called The Pegasus Project. The Guardian found the mobile phone number of Mexican journalist Cecilio Pineda Birto was selected as a possible target for surveillance by a Mexican NSO Group client just weeks before Pineda’s assassination in Guerrero in 2017. Nina Lakhani, senior reporter at The Guardian, says Mexico was NSO Group’s first client and authorities there have a long record of “dire human rights abuses.” She notes Mexico’s use of Pegasus proves the technology is not only used to go after criminality. “The line between good and bad in Mexico is blurred,” Lakhani says.
Calls are growing for stricter regulations on the use of surveillance technology after revelations that countries have used the powerful Pegasus spyware against politicians, journalists and activists around the world. The Pegasus software, sold by the Israeli cybersecurity company NSO Group, can secretly infect a mobile phone and harvest its information. While the company touts Pegasus as intended for criminals and terrorists, leaked data suggests the tool is widely abused by governments to go after political opponents and dissidents, according to reporting from The Pegasus Project, an international consortium of 17 media organizations. We feature a PBS “Frontline” report on the shocking findings that the Israeli government allowed NSO to continue to do business with Saudi Arabia even after the Saudi journalist and dissident Jamal Khashoggi was assassinated in 2018 in the Saudi Consulate in Istanbul, and allegedly used Pegasus to surveil Khashoggi’s fiancée. “Contrary to what NSO is claiming, the spyware Pegasus is used to target people absolutely unrelated to criminal activities or terrorism,” says Agnès Callamard, secretary general of Amnesty International. She adds that The Pegasus Project has exposed that abuse of powerful surveillance technology “is systematic, and it is global.”
Wahington Post said the numbers on the list are unattributed, but reporters were able to identify more than 1,000 people spanning more than 50 countries through research and interviews on four continents: several Arab royal family members, at least 65 business executives, 85 human rights activists, 189 journalists, and more than 600 politicians and government officials — including cabinet ministers, diplomats, and military and security officers. The numbers of several heads of state and Prime Ministers also appeared on the list.
Host your own dependencies, put a cache directly in front of your application, and make your application resilient to missing resources.
By hosting your own dependencies, you have control over everything your application needs, and you don't have to depend on public infrastructure. By using a cache directly in front of your site, you gain the same caching, content distribution and performance benefits of public CDNs, while keeping mitigations available for the possible downsides.
When talking about caches, I'm primarily suggesting a paid caching reverse-proxy service, like Cloudflare, Fastly, Cloudfront, Akamai, etc (although these are paid, most do have generous free tiers where you can get started or host small sites). In addition to the caching, these each offer various features on top, like DDoS protections, serverless edge workers, server-side analytics, automatic content optimization, and so on.
The UK government is launching proposals to boost the legal status of digital identities, something it claims will ensure they are trusted as much as physical documents such as passports.
The blueprint suggests the technology could take a number of forms such as a phone app or a web-based service.
This won’t mean that life suddenly becomes simple — anything but! The politics of€ today, nationally and internationally, is simple: somebody wins, somebody loses; war is inevitable, there are always several on the horizon, and the primary consequence of every war that is waged is that it spurs more wars, a fact that remains officially unnoticed; only some lives matter, those that don’t are collateral damage, illegal aliens or simply the enemy; nuclear weapons € (ours, only ours) are justified, necessary and must be continually upgraded; national borders, however arbitrary, are sacred (the only thing that’s sacred); if these norms are challenged, the best response is mockery and cynicism.
Transcending this mindset requires facing life in all its complexity, which is a necessary part of our personal lives. But could it be that facing the endless complexity of life is also politically possible? This seems to be the question I’ve been given to ponder — and cherish — as I step into my elder years. Come on! Politics requires simplistic public herding, does it not? You can’t steer a country without an enemy.
A trio of senators on Tuesday introduced legislation that would beef up congressional authority in national security with provisions to narrow presidential power to launch hostilities, make it easier to block certain weapons sales, and sunset authorizations of the use of military force including the 2001 AUMF that paved the way for the U.S. invasion of Afghanistan.
"The founders envisioned a balance of power between the executive and legislative branches of government on national security matters. But over time, Congress has acquiesced to the growing, often unchecked power of the executive to determine the outline of America's footprint in the world," said Sen. Chris Murphy (D-Conn.), who introduced the National Security Powers Act (pdf) along with Sens. Bernie Sanders (I-Vt.) and Mike Lee (R-Utah).
One crucial area the EAGLE Act fails is its very namesake: by focusing almost exclusively on foreign affairs, the EAGLE Act ignores the United States’ most pressing domestic issues like COVID-19, climate change, poverty, hunger, and inequality. How can America project global leadership when we appear incapable of addressing most of our citizens’ most basic needs? U.S. politicians like Gregory Meeks should focus legislation on solving problems in the U.S. before seeking to weigh in on issues in other parts of the world.
Instead, Meeks’ promotion of the bill performs classic American Exceptionalism, seeking to address human rights abuse accusations in China while ignoring the very same issues of forced sterilization and forced labor in U.S. prisons, ICE concentration camps that target people for their ethnic origins, and extralegal detention facilities like Guantanamo Bay that have previously detained and interrogated Uyghur Muslims. Beyond that, the EAGLE Act’s rhetoric continues the Sinophobic demonization of China that began under the Trump administration while claiming to rebuke overt racism and the former President.
Media musings on a spike in homicides and shootings over the past year focus on how “defund the police” and other civil rights movement calls to action are affecting public safety—while largely ignoring any policy proposals that could keep guns off the street.
It’s been two decades. There was no legal or moral justification for the war to begin with. They’ve had too much time as it is.
For those of us who have been closely connected to America’s longest war last week’s abandonment of Bagram airbase, the biggest U.S. facility in occupied Afghanistan, makes the long-promised withdrawal feel real.
By no means is The Tomorrow War a masterpiece; I would give it 5 stars out of 10. It is what you would expect from a summer action-adventure blockbuster. However, one thing that stuck with me regarding this film about humans fighting aliens 30 years in the future is that there is little to be seen of drone warfare. In only a couple of scenes do we see drones fighting the aliens. The absence of drones is because Hollywood makes money off of its stars and not robots. The reality, though, is that based upon where we are in the present with robotic killing machines and the predictive course of technological progress and adaption, in 30 years from now, humans will not be present on the battlefront. The likely scenario is that the fictional aliens in The Tomorrow War would not stand a chance against the automatized warfare of the present, let alone the future. What needs to be asked is: what chance do we as non-fictional humans have?
The idea that machines may kill on their own is older than I am. Science fiction writers and futurists crafted laws in their novels and predictions that humans would program robots with constitutional instructions not to harm humans. When I was a boy in the 1980s, Arnold Schwarzenegger shot to stardom as he played the role of the assassin robot in The Terminator. At about the same time, Matthew Broderick starred in Wargames, a movie about the consequences of putting the decision to kill in the hands of computers. Frighteningly, what was once considered gist and speculation for science fiction novels and movies is now existent.
In 1997 a Cuban friend told me "Fidel is a dictator, but not a tyrant." We were in a province of Mozambique where he worked as a doctor and I as an architect. That afternoon, in a courtyard of African red ground, I did not understand his idea. It seemed contradictory. For some reason I never forgot it until a few years later, reviewing declassified documents, I thought that Washington was not a dictatorship, but a tyranny.
The social problems, Tablada told us, derive from the U.S. blockade of Cuba that began in the 1960s but has been deepened by former U.S. President Donald Trump’s 243 coercive measures. “The United States has criminalized Cuban public services,” she said, “including our public health system and our public education system.” These sanctions make it impossible for Cubans to visit their families in the United States. They make it impossible for remittances to be sent into Cuba, and they make it impossible for Cuba to access essential goods and services (including fuel). On top of everything else, Trump€ designated€ Cuba as a “state sponsor of terrorism,” a decision which U.S. Senator Patrick Leahy€ called“frivolous.” The U.S. government claims that the blockade and these coercive measures are to punish the government, but—says Tablada—they “criminalize the country.”
The Miami Mafia
The US-led war in Afghanistan looks to be ending, and not a day too soon. America's father, Benjamin Franklin, wisely wrote: 'No good war; no bad peace.'
Fifty-six-year-old Abdul Latif Nasser is the first Guantánamo Bay prisoner to be released under the Biden administration. He was imprisoned for nearly two decades without charge and had been cleared for release since 2016. Thirty-nine prisoners remain at Guantánamo. “Legally speaking, morally speaking, that space that has been created has no significance other than the harm it is placing on people,” says Agnès Callamard, secretary general of Amnesty International.
When hundreds of protesters in Cuba rallied last week against food and medical shortages, American policy-makers responded the only way they know how. Though the deteriorating economic situation is largely the result of purposeful US sanctions, worsened by the pandemic, lawmakers from both parties seized on the protests to agitate for regime change, calling on the US government to intervene.
The files were the basis for the 2015 series “The Drone Papers” and the 2016 book “The Assassination Complex: Inside the Government’s Secret Drone Warfare Program.”
The Pentagon late Tuesday confirmed U.S. forces were behind the single strike near Galkayo, about 580 kilometers north of the capital of Mogadishu, which was first announced by Somali officials earlier in the day.
The authorities in north-west Nigeria say they have freed 100 women and children - mainly mothers nursing infants - who were seized by bandits.
Expressing alarm over President Joe Biden's support for a number of pipeline projects and his failure to reverse the vast majority of environmental regulatory rollbacks introduced by his predecessor, the Center for Biological Diversity Action Fund on Tuesday gave the president a grade of C-minus and said he "needs improvement" on its Environmental Report Card.
"Biden's€ bold vision during the campaign won't be met if his administration leaves large chunks of Trump’s pro-polluter legacy intact."—Brett Hartl, CBD Action Fund
Will this be the summer we all remember what we were doing? A monstrous landslide after record rainfall in Japan left fifteen dead and dozens missing. Biblical flooding in Germany has caused hundreds of deaths with many more unaccounted for. More than a million acres of the west coast of North America are on fire after temperatures soared to 122€°F (49.9€°C). Will this be the moment we woke up and demanded action? Or will it be the coolest summer of the rest of our lives?
More than 160 organizations launched a new campaign Tuesday, ahead of a United Nations climate summit this fall, demanding that Wall Street and U.S. President Joe Biden cut off funding for companies and projects fueling the climate emergency.
The "Deadline Glasgow—Defund Climate Chaos" campaign is spearheaded by the Stop the Money Pipeline coalition, which targets asset managers, banks, and insurers for their roles in climate destruction.
The International Energy Agency warned Tuesday that global carbon dioxide emissions are on track to soar to record levels in 2023—and continue rising thereafter—as governments fail to make adequate investments in green energy and end their dedication to planet-warming fossil fuels.
In a new report, IEA estimates that of the $16 trillion world governments have spent to prop up their economies during the coronavirus crisis, just 2% of that total has gone toward clean energy development.
Fossil fuel companies are pressing ahead with new oil and gas developments, despite a recent warning from the International Energy Agency (IEA) that this will make the Paris Agreement goals impossible to meet, an analysis has found.
According to the author of the analysis, the companies and industry bodies, most of which have made public statements in support of the world reaching “net zero” emissions by 2050, are “cherry-picking” IEA reports to suit their arguments.
Stay up to date with DeSmog news and alerts
As of Tuesday morning, the Bootleg Fire had burned up more than 364,000 acres across Southern Oregon—becoming so big that not only has it bolstered the case for bold climate action, the fire is also creating its own weather.
"The fire is so large and generating so much energy and extreme heat that it's changing the weather," Marcus Kauffman, a spokesperson for the Oregon forestry department, told The New York Times. "Normally the weather predicts what the fire will do. In this case, the fire is predicting what the weather will do."
Once upon a time, long long ago, people with names like John Glenn, Alan Shepard, Buzz Aldrin, and Sally Ride blasted into space. None was selected on the basis of income or wealth, but on skill and rigorous training. Their heroism – and we regarded them as national heroes – symbolized America’s technological prowess and egalitarianism.
Just minutes after touching down following his successful and brief suborbital flight on Tuesday, billionaire Jeff Bezos expressed hope that humankind will ultimately develop the capacity to move the industries that have heavily polluted and warmed the Earth into space—a vision that one critic slammed as "delusional, toxic nonsense."
Speaking to MSNBC host Stephanie Ruhle in one of his first interviews after the flight, Bezos—the richest person on Earth—said that "you can't imagine how thin the atmosphere is when you see it from space."
Economic justice advocates recoiled on Tuesday at the sight of Amazon founder Jeff Bezos, the world's wealthiest person, launching himself into space—momentarily leaving behind a planetary emergency; a global pandemic that's disproportionately affecting poor countries without access to vaccines; and rampant wealth inequality in the U.S. and around the world—all of which could be eradicated or mitigated with a wealth tax imposed on Bezos and other billionaires.
The New Shepard launch came days after business magnate Richard Branson launched his own spacecraft, beginning what the news media has called a "billionaire space race."
Maxim Reznik, a prominent opposition politician in St. Petersburg, who is currently under house arrest, has announced that he will not be running for re-election to the city’s legislative assembly in the fall.€
He spoke of threats from states such as Russia, China and Iran; from far-right activists, Islamic terrorists, and the resurgence of violence in Northern Ireland. Alongside these were the more amorphous threats posed by encrypted messaging, online spying, and cyber attacks.
Many of these developments are less threatening than they look. Russia may engage in gangster-type assassinations, such as the poisoning of the Skripals in Salisbury, but the very crudity of its attacks on its critics underlines the limitations of Russian capabilities. President Putin may relish the fact that his country is treated like a superpower – albeit a demonic one – but it has nothing like the power of the Soviet Union. The idea, for instance, that the Kremlin determined the outcome of the 2016 US presidential election was always a myth. Hillary Clinton’s dire campaign is sufficient explanation for Donald Trump’s election.
Moreover, he is playing hardball while Biden is weakening the presidential bully pulpit by lobbing softballs urging Republicans to pass his For the People Act and the Voting Rights Advancement Act to make voting state suppression laws null and void.
McConnell cannot be expected to vote for something against the wishes of state-level Republicans who insist on trying to prevent as many votes as possible for Democratic candidates. For him, the big picture is his party, not the country.
Officials on Monday night declared socialist candidate Pedro Castillo the winner of last month's presidential election in Peru, following weeks of delays caused by far-right candidate Keiko Fujimori's baseless allegations of electoral fraud.
Castillo, the son of illiterate peasant farmers from a poor Andean region, defeated Fujimori, the daughter of jailed former Peruvian dictator Alberto Fujimori and symbol of the South American nation's wealthy elite, by a margin of more than 44,000 votes in the June 6th runoff election. But the official results were postponed for over a month due to appeals made by Fujimori's campaign.
The number of federal political committees that have spent money in the first half of 2021 at Trump Organization properties has dropped dramatically from the same period two years ago, Federal Election Commission filings show. Those continuing to spend: a smaller circle of loyal supporters of former President Donald Trump and candidates jockeying for his favor in contested Republican primaries.
During the first six months of 2021, 27 federal committees have reported spending $348,000 at Trump Organization properties, with the Republican National Committee accounting for more than half the total. That’s a steep decline from the 177 committees that did so during the 2019-2020 election cycle or the 78 committees that spent more than $1.6 million at Mar-a-Lago, the Trump International Hotel in Washington and other company sites in the first half of 2019, filings show.
Support independent cartooning: join€ Sparky’s List—and don’t forget to visit TT’s€ Emporium of Fun, featuring the new book and plush Sparky!
A municipal court judge in New Jersey who apparently doesn't understand either the First Amendment or local ordinances has just ordered a resident to take down some f-bomb-laden signs from her yard. (h/t Peter Bonilla)
Journalists from MBX Media have published an investigation into a major construction site near Novo-Ogaryovo, Vladimir Putin’s official residence on the outskirts of Moscow. Work on the project, which experts estimate could cost 20–50 billion rubles (about $269–672 million), reportedly began in the summer of 2020. The property in question is now home to two massive guest houses, as well as a wellness center and a sports complex, which allegedly includes an underground tunnel that connects directly to Putin’s estate. Journalists uncovered the site after construction began on a bridge across the Moskva River, just a stone’s throw away from the presidential residence. According to MBX Media, the Russian Secret Service (the FSO) is responsible for both the construction site and the bridge. But Kremlin spokesman Dmitry Peskov says “there are no construction projects at Novo-Ogaryovo.”
Secretary of State Antony Blinken vowed Monday that the United States "will always support the indispensable work of independent journalists around the world"—a commitment that the Biden administration has refused to apply to WikiLeaks founder Julian Assange, whom the U.S. government is attempting to prosecute for releasing classified information that exposed war crimes in Iraq and elsewhere.
"The United States believes all journalists, whatever their nationality, wherever they are, have a legal duty to keep the U.S. government's dirty secrets. Now I'm sorry, but that's not 'supporting' journalists."—Clare Daly, European Parliament
As WikiLeaks founder Julian Assange faces up to 175 years in prison if he is extradited to the U.S. under the Espionage Act for publishing classified documents exposing U.S. war crimes, Amnesty International Secretary General Agnès Callamard says his detention since 2010 “is arbitrary and that he should be released.” She adds that allegations made against him by the U.S. authorities “raise a large number of problems and red flags in relation to freedom of the press.”
Despite the prospect of lengthy prison sentences, Ressa is more focused on social media manipulation and how it's affecting the "retreat of democracy."
Ressa has regularly come under attack from online trolls since President Rodrigo Duterte came to power in 2016, using Facebook to directly reach supporters. At one point, she was the target of an average 90 hate messages an hour, according to analysis by the International Center for Journalists.
Frito-Lay workers in Topeka, Kansas are entering their 12th day of striking today over poor working conditions, outrageous schedules, and poor treatment.€
Samuel Huntsman, 23, is one of those workers. He has been with the company for three years and in that time has seen conditions at the plant go from bad to worse.€
The article argues that it is futile to dwell on the racist history of the USA and to instead look forward to breakthroughs like the Civil War, the civil rights movement, etc. Essentially, Karp aligns himself with the cadre of historians that complained bitterly about all the falsehoods they supposedly saw in the 1619 Project. Among them, his Princeton colleague Sean Wilentz barked the loudest at Hannah-Jones. Mostly, the complaints were about her introductory article that stated that the colonists fought for independence in order to maintain slavery and that racism was in America’s DNA. Except for Wilentz, the historians took their case to the World Socialist Website (WSWS), an outlet distinguished by its hysterical Henny-Penny warnings that WWIII was always about to break out and that Socialist Workers Party leader Joe Hansen was a GPU agent.
Karp summed up opinion on the 1619 Project from the right and the left. There were only a “handful” of Republican legislators hoping to keep it out of classrooms. Somehow, he had not noticed the UNC’s egregious attack on Hannah-Jones’s right to tenure. As for the left, the Communist Party supported the project and the WSWS’s Socialist Equality Party did not. If these two sects were meant to represent the left, it would seem that Karp has tunnel vision. Jacobin, which has a far greater reach, published four articles pushing back on attacks on the 1619 Project, including two by Marxist historian Timothy Messer-Kruse. It might come as a surprise to Karp but most younger historians, especially those aligned with the new history of capitalism, identify with Hannah-Jones. Unlike Sean Wilentz, they see slavery as living on through white supremacy, a problem that Karp sweeps under the rug.
Earlier this month, a Honduran court found David Castillo, a U.S.-trained former Army intelligence officer and the head of an internationally financed hydroelectric company, guilty of the 2016 murder of celebrated Indigenous activist Berta Cáceres. His company was building a dam that threatened the traditional lands and water sources of the Indigenous Lenca people.€ For years, Cáceres and her organization, the Council of Popular and Indigenous Organizations of Honduras, or COPINH, had led the struggle to halt that project. It turned out, however, that Cáceres's international recognition—she won the prestigious Goldman Environmental Prize in 2015—couldn't protect her from becoming one of the dozens of Latin American Indigenous and environmental activists killed annually.
On July 6, the Israeli Knesset failed to renew the Citizenship and Entry Law that prohibits family unification among Palestinians. This is good news. But the suspension of the law was accomplished for all of the wrong reasons.
When cops are looking to perform warrantless searches, the only thing more useful than drug dogs is officers' own noses. The invocation of the phrase "smell of marijuana" magically dissipates the protective shield of the Fourth Amendment, allowing officers to engage in searches that often seem to resemble "general rummaging."
The mass shooting of massage parlor workers on March 16 in Atlanta was not the first time that Asian migrants were the targets of racial violence. Nor was it the first time that some Asian Americans and many politicians called for what always seems to be the solution to attacks: more police. CAAAV: Organizing Asian Communities (formerly known as the Committee Against Anti-Asian Violence), a grassroots organization composed mostly of working-class migrants from China, Bangladesh, and Korea, has seen the reaction before. Amid apparent upticks in anti-Asian violence, people feel afraid, and bringing a well-funded police force to one’s neighborhood is often presented as the only response. But CAAAV insists that law enforcement doesn’t exist to protect its membership. The group’s executive director, Sasha Wijeyeratne, told us, “They can’t call the police when their boss pays them half their paycheck. But their landlord can call the police to evict them.”
After a federal judge struck down DACA, or Deferred Action for Childhood Arrivals, we look at what may come next with Cesar Espinosa, a DACA recipient and executive director of the Houston, Texas-based, immigrant-led civil rights organization FIEL. He says the latest ruling is “heartbreaking,” and urges lawmakers to create a legislative solution for the millions of undocumented immigrants in the U.S. “We want to see Congress and the president take action.”
The team wore thigh-length elastic shorts during their bronze medal match against Spain in Bulgaria on Sunday to protest against the regulation bikini-bottom design that the sport's Norwegian federation president called “embarrassing.”
Through Wednesday, anyone can join EFF or renew their membership for as little as $20 and get a pack of issue-focused Digital Freedom Analog Postcards. Each one represents part of the fight for our digital future, from releasing free expression chokepoints to opposing biometric surveillance to compelling officials to be more transparent. We made this special-edition snail mail set to further connect you with friends or family, and to help boost the signal for a better future online—it's a team effort!
New and renewing members at the Copper level and above can also choose our Stay Golden t-shirt. It highlights your resilience through darkness and our power when we work together. And it's pretty darn fashionable, too.
Today, Governor Newsom signed into law one of the largest state investments in public fiber in the history of the United States. No longer will the state of California simply defer to the whims of AT&T and cable for broadband access, now every community is being given their shot to choose their broadband destiny.
California’s new broadband infrastructure program was made possible through a combination of persistent statewide activism from all corners, political leadership by people such as Senator Lena Gonzalez, and investment funding from the American Rescue Plan passed by Congress. All of these things were part of what led up to the moment when Governor Newsom introduced his multi-billion broadband budget that is being signed into law today. Make no mistake, every single time you picked up the phone or emailed to tell your legislator to vote for affordable, high-speed access to all people, it made a difference because it set the stage for today.
Arguably, what pushed us to this moment was the image of kids doing homework in fast-food parking lots during the pandemic. It made it undeniable that internet access was neither universal nor adequate in speed and capacity. That moment, captured and highlighted by Monterey County Supervisor Luis Alejo, a former member of the Sacramento Assembly, forced a reckoning with the failures of the current broadband ecosystem. Coupled with the COVID-19 pandemic also forcing schools to burn countless millions of public dollars renting out inferior mobile hotspots, Sacramento finally had enough and voted unanimously to change course.
Australia's dominant telco, Telstra, has revealed the nation's government has asked it to consider a partnership to acquire Digicel Pacific – the largest mobile carrier in the Pacific Islands – in a move seemingly designed to contain China's influence in the region.
For many reasons, it seems we're deep in the mire of the techlash: everywhere you look, there are stories about the evils of technology. And while it is important to explore the risks and downsides of technology -- especially after a few decades dominated by boosterism and PR-pretending-to-be-news -- there's a real danger of throwing out all the good (and potential good) while trying to deal with everything bad.
South Korea will attempt to pass a law that gives app developers the right to use in-app payment services other than those offered by app stores.
The nation's Science, ICT, Broadcasting and Communications Committee yesterday recommended amendments to the relevant telecoms legislation after more than a year of debate.
[...]
Google yesterday posted an update that said it has heard developer feedback that the COVID-19 pandemic has made it hard to complete remediation work, so will accept applications for extensions to March 2022.
Members of the main opposition party in the Committee did not vote to advance the law to a vote in the National Assembly, because they felt the USA would be upset by the implications for Apple and Google. As the governing Democratic Party – which does support the bill – has a majority on the floor, the proposal has very good prospects of becoming law.
On 1 June 2021, the Amended Patent Law took effect and introduced patent term extension (“PTE“) and patent linkage (“PL“), which are closely related to the pharmaceutical industry. The legislative amendment reflects China’s determination to promote the research and development of innovative drugs in the pharmaceutical industry. The China National Intellectual Property Administration (“CNIPA“), the National Medical Products Administration (“NMPA“) and the Supreme People’s Court (“SPC“) recently issued further rules to complete the establishment of PL system. As for PTE, as the amended Implementing Rules of the Patent Law (“Amended Implementing Rules“) have not been issued yet, the CNIPA issued some temporary measures to address the issue.
The vast majority of ex parte patent appeals (92%) are focused on obviousness, with 2/3 of those only addressing obviousness questions.
[...]
Applicants rarely win appeals based upon Section 101 — Eligibility rejections are affirmed in 90%+ of cases.
Catalyst Pharmaceuticals has secured a second U.S. patent covering Firdapse (amifampridine), an approved oral treatment for Lambert-Eaton myasthenic syndrome (LEMS).
On October 17, China’s National People’s Congress (NPC) formally adopted a revised patent law that makes significant changes to that country’s legal framework for pharmaceutical patents. The regulation, promulgated by China’s National Medical Products Administration (NMPA), is the result of a preliminary trade deal with the U.S. signed in January that aimed to incorporate aspects of American patent law into the Chinese legal system. Principally, the NMPA law protects pharmaceutical patent rights and encourages competition by establishing a Hatch-Waxman-style litigation scheme for branded pharmaceutical companies and generics.
[...]
The new NMPA law is a significant departure from prior Chinese law and should strengthen the rights of patent holders in one of the world’s largest pharmaceutical markets.
In most standards-setting organizations, including the ones involved with High Efficiency Video Coding (HEVC) (H.265), participants designate their intellectual property as relevant or essential to practice a portion of the standard without scrutiny. This has led to widespread inflation of unmerited licensing demands even from well-respected companies.
This has only been exacerbated by the current patent pool ecosystem, whereby multiple pools purport to each license a single standard. These pools claim to offer thousands or tens of thousands of allegedly-essential patents, both without providing evidence that the patents are, in fact, essential, and generally without evidence of what percentage of the patent landscape the pool actually has power to license. But even a cursory review of many of the patents can lead to a quick conclusion that it should not be designated essential, as the following analysis of U.S. Patent 10,250,913 (part of the Access Advance patent pool) demonstrates. As such, it is important to perform truly objective analyses of standard-essential patents.
Although it's taken a bit of a back seat lately, the topic of patents has long been important here at Techdirt. Now that we're in the first ever Patent Quality Week, it's time to dig back in and talk about changing the patent system and turning it into something that enables good patents without allowing so many bad ones. So for this week's episode, we're joined by Engine's IP Counsel Abby Rives to talk about the inception and goals of Patent Quality Week, and how to fix our broken approach to patents.
Danielle Baskin is something of a brilliant creative force who constantly comes up with hilarious art projects/commentary/satire -- some of which end up turning into actual businesses. This included, somewhat recently, her Maskalike business that would print yours (or someone else's?) face on a mask. That operation just closed up shop, but was quite popular in the midst of the pandemic. She's also created satirical services such as one that puts blue checks on your home (a la being "verified" on Twitter or Facebook) or stained glass film over airplane windows, or a "Decruiter" service to help you figure out when to quit your job, or a hoodie that will let you replace corporate logos with velcro. There's also the website that runs obituaries for expired domain names.
Week in and week out, the Russian telecoms watchdog Roskomnadzor orders Google to remove hundreds of URLs. The requests, which are sent under the country's VPN law, target sites and services that allow access to pirated content. Over the past two years, more than half a million links were targeted through these requests.
UEFA, the governing body of football in Europe, has obtained an extension to a High Court injunction that requires major ISPs to block consumer access to pirated streams in Ireland. The plan is to continue blocking measures so that pirating customers of Eir, Sky, Virgin Media, and Vodafone can less easily watch UEFA Champions League and Europa Conference League matches.