This week has been a slow on Linux news, but exciting because we got a new Ubuntu Touch release on our Linux smartphones, a new Steam Client release with some goodies for Linux gamers (like me), and a new major Mesa graphics stack release that also brings good vibes for Linux gaming.
On top of that, I take a look at Collabora’s contributions to the Linux 5.15 LTS kernel and give you a heads up on the end of life on Linux kernel 5.14. You can enjoy these and much more in 9to5Linux’s Linux weekly roundup for November 21st, 2021, below!
Why do so many folk in the Linux community default to overly complex solutions when it comes to solving problems?
Jim Salter is an extremely technical guy, I get that. Running a LAMP/LEMP stack with RoundCube for him, would be as trivial as my mum starting up MS Word.
But Jim positioned this solution as the best solution for managing email on Linux. At one point Will somewhat flippantly asked so you’re saying that in order to manage email people should spin up an Nginx server?” Jim replied with a definitive “yes”.
That simply isn’t the case.
Just how severe is this DNS cache poisoning attack revealed this week? We'll break it down and explain why Linux is affected. Plus, the feature now removed from APT, more performance patches in the Kernel, and a big batch of project updates.
Hello and welcome to the 442nd installment of Linux in the Ham Shack. In this episode, the hosts discuss databases of various types, especially those used in amateur radio related applications. Topics include styles of databases, storage formats, structured and unstructured data, client and server architectures, management utilities and data manipulation techniques. We hope you enjoy this episode and find the information useful. Thanks for listening and have a great week.
The future of Linux gaming is looking incredibly bright as there are so many new features hitting Linux that are specifically designed for gaming! Plus, with incoming Proton builds, we're seeing support for NVidia's DLSS (deep learning super sampling) and many game-specific builds!
Josh and Kurt talk to David A. Wheeler about everything OpenSSF. The Open Source Security Foundation is part of the Linux Foundation, and there are 6 OpenSSF working groups. David does a great job explaining how the OpenSSF works and what the 6 working groups are doing. The working group are (in no particular order): Identifying Security Threats, Security Tooling, Best Practices, Vulnerability Disclosures, Digital Identity Attestation, Securing Critical Projects.
The following Kernels are available for PCLinuxOS. Kernel 5.15.4, Kernel 5.14.21 (EOL), Kernel LTS 5.10.81 and Kernel LTS 5.4.161.
EROFS-Utils as the collection of open-source user-space utilities for the read-only EROFS file-system is out with a big update.
EROFS continues maturing well since its original introduction two years ago by Huawei. This read-only file-system continues to be geared for use with Android and the needs of other embedded and container environments. Following the recent Linux 5.16 merge window where EROFS added LZMA/MicroLZMA compression support and other improvements, EROFS-Utils 1.4 is now available with the latest user-space utilities.
I was recently contacted by someone who has a small group of compute servers and wanted a simple way to do some sort of fair share scheduling for them, without the various overheads of an actual job allocation system like SLURM. This person was drawn to me because of my entry on how we do per-user CPU and memory resource limits on Ubuntu 18.04. Unfortunately the real answer to their questions is that you cannot really do useful resource management and fair-share scheduling of compute servers with only standard Linux facilities.
In the previous blogpost of this series, we combined the functionality of two drivers, Evilcli and Interceptor, to partially bypass $vendor2. In this post we took a closer look at Interceptor’s capabilities and future features that are in development. In the upcoming blogposts, we’ll see how Interceptor as a fully standalone driver is able to conquer not just $vendor2, but other EDR products as well.
Last year, I wrote about Pinta getting a massive update after 5 years of silence, and now Pinta developers inform 9to5linux.com about the release and general availability of Pinta 1.7.1, the first point release coming more than fifteen months after Pinta 1.7.
The new release is mainly a bugfix update, but it also brings some new features like the ability to scroll the canvas horizontally by holding down the Shift key while using the mouse wheel or the ability to zoom in and out of an image without pressing the Ctrl key.
Adobe Lightroom (officially Adobe Photoshop Lightroom) is a creative image organization and image manipulation software. Its main uses include importing/saving, viewing, organizing, tagging, editing, and sharing large numbers of digital images.
What are the best free and open source alternatives?
The technology used to distribute photos through news wire services inspired a whole bunch of innovations with use cases beyond newspapers. Like television.
Passwords are everywhere. Sometimes they are obvious — hardcoded in the code or laying flat in the file. Other times, they take the form of API keys, tokens, cookies or even second factors. Devs pass them in environment variables, vaults mount them on disk, teams share them over links, copy to CI/CD systems and code linters. Eventually someone leaks, intercepts or steals them. Because they pose a security risk, there is no other way to say it: passwords in our infrastructure have to go.
There are two fundamental issues with passwords.
When I tested out IPFS and Arweave, what I was doing was partly for fun, partly as exploration, and partly to “kick the tires.” After all, IPFS and Arweave make their own bold claims - Arweave that it “stores documents and applications forever” and IPFS that it can “help here and now” and that it can “speed up performance” and “slash bandwidth costs.”
After much discussion and planning it was agreed that it made sense for everyone to switch from Illumos to Linux as the upstream repo. And, it was agreed that future changes would be discussed across platforms before being implemented and that there would be appropriate porting layers to prevent GPL’d or Linux-KPI shim code from being introduced to other operating systems. Continuous integration (CI) for the repo would ensure that all proposed changes would have to pass CI on both Linux and FreeBSD before they could be merged. Thus, the design of OpenZFS 2.0 was born.
Matt Ahrens provides a good visual of the workflow difference between the original OpenZFS and OpenZFS 2.0 in his 2019 OpenZFS DevSummit keynote presentation (slides 11-13).
In Linux system, time zone points to local time of region or county. When time zone is set in linux then it’s time automatically set according to region or country. It is always recommended to set correct time zone according to the geographical location of the system.
Time zone plays an important role in linux system when run cron jobs and data base transactions. In this post, we will learn how to set or change time zone in linux. There are two different ways to change time zone.
As we know podman is an open-source daemon-less tool which provides environment to build, run and manage containers. Running containers as systemd service means that containers will automatically start when the system gets rebooted.
In this post, we will learn how to run containers as systemd service with podman on RHEL based distributions like RHEL 8, CentOS 8 and Rocky Linux 8.
By default, the sendmail runs locally on localhost.localdomain and tries to send the mail with the root@localhost.localdomain to the remote smtp server, which would get rejected as the localhost.localdomain will resolve to the Invalid IP.
You must configure SendMail as SmartHost to resolve this issue.
In this guide, we will explain how to configure a sendmail server to forward all mails generated from localhost to another SMTP server in order to send mail to remote recipients.
This tutorial explains step by step how to install Guix Operating System with GNOME desktop on a virtual machine. We will use the user friendly AQEMU, thus you can exercise this too with another tools if you want. This tutorial can be viewed as a beginner's guide for you who want to try out computing with Guix. By this, we hope you find installing Guix Desktop is reasonably easier compared to any other source code based operating systems. Welcome to GNU system!
Stashed is a neat little app that allows users to place files inside of it to copy later. It’s excellent, especially for those on Linux who regularly copy files. Here’s how you can use Stashed to save your files for copying later!
TuxGuitar is an open-source music composing tool. With it, users can create and edit their own guitar tablature. In this guide, we’ll go over how to install this incredible piece of software on Linux.
If you work a lot with images on Linux but find the built-in image tools lacking, Annotator might be for you. With this app, you can add stamps, text, clip art, drawings, highlights, and even magnification to enhance the image. Here’s how to use Annotator on your Linux system.
In previous tutorials we introduced Ansible and we discussed Ansible loops. This time we learn the basic usage of some modules we can use inside playbooks to perform some of the most common system administration operations.
Wake-on-lan (also known with the “W.O.L” acronym) is a standard ethernet feature which allows a machine to be woken up on the reception of a specific type of network packet (the so called MagicPacket). The main advantage of this feature is that it allows us to keep a machine in a low power consumption state, and be accessed only when needed. In this tutorial we see how to enable the WOL feature on our ethernet card under Linux, and how to send the network packet needed to wake up a machine.
YAML is a data serialization language. The name itself is a recursive acronym which stands for YAML Ain’t Markup Language. It is specifically designed to be human-friendly, easy to read and write, to represent settings and data structures and to work well with modern programming languages. It is used, for example, as the language for docker-compose files and to specify tasks in Ansible playbooks. In this tutorial we learn the YAML basics concepts and we see how the various data types are represented in the YAML syntax.
There are many things to learn and cover when it comes to Linux, such as the different kinds of distributions, their bases, window managers, and the applications that come bundled in them. But one of the prime components of a Linux distribution is a Desktop Environment.
If you’re new to Linux and don’t know what it is. This article looks at a desktop environment and what it’s responsible for in a Linux distribution.
mcabber is a great XMPP (Jabber) console client. It has all the important features and is easy use.
XMPP is an open standard for messaging and presence. XMPP is the Extensible Messaging and Presence Protocol that is developed in 1999 by Jeremie Miller. He called it jabber.
If, for example the chromium SFS is downloaded and installed, either on the main desktop or in a container, there is going to be a menu entry and in the case of a container, an icon on the desktop. Easy 3.1.10 has code in the initrd that checks that the SFS still exists, and if not, then cleans-up the desktop and menu. Except that it doesn't work. Have fixed it.
Most IT people learn by doing. Creating a Linux home-lab environment puts you in a position to accomplish a series of tasks.
Although cloud-based applications continue to grow, some use cases require moving workloads out of cloud data centers. The reason is usually to keep your computing power closer to the users, the source of data, or other things you want to control. Instead of running these workloads as separate entities, you might want to create uniform systems, extending clouds to the edge. This technique is known as edge computing.
The past few years have seen a proliferation of edge computing infrastructure. Today you have a wealth of options, from running containers directly in container runtimes (such as Podman), to joining nodes to Kubernetes clusters, to running whole lightweight Kubernetes distributions on edge nodes.
As infrastructure becomes widely accessible, developers need to think through the edge computing journey. An important question in this arena is, How do we build our workloads for this new world? This article discusses the current state of tools for managing containers at the edge, including what WebAssembly (also known as Wasm) offers in this domain and what to expect from the field of edge computing in the near future.
Every CIO is beginning to make plans for 2022. While there is always an overwhelming list of things to achieve, strategic CIOs can focus on these three key areas to guide their organization forward in the coming year:
In the last 18 months, entire industries were pushed to make decisions in days that would typically be debated and planned for months or even years. Customer-facing brands, in particular, were forced to cope with rapid, unpredictable changes in supply, demand, and logistics.
Adding to these challenges, a recent survey found that nearly 40 percent of respondents give a business only one chance to provide a satisfactory digital experience before moving to another supplier. With just one opportunity to make a lasting impression, many enterprises have made it a top business priority to create more personalized customer experiences.
Here are four key actions that will bring increased urgency to your digital transformation strategies.
Fedora 35 was released on 2 November 2021, slightly after the anticipated launch in late October. I respect their delay, the Fedora team did not want to release a buggy product, or they still had some key issues to workout; nevertheless Fedora 35 is here. For some background, Fedora is a Linux distribution which aims to create, "an innovative, free, and open source platform for hardware, clouds, and containers that enables software developers and community members to build tailored solutions for their users." (Quoted from getfedora.org.) Many Linux users will know Fedora as the community and upstream version of Red Hat Enterprise Linux, the enterprise version of Fedora known primarily for running on servers and a company to provide support.
[...]
Time from the LUKS decryption screen to GNOME Display Manager was approximately 20 seconds, quite good for boot-up times. Consider also that I use a solid-state hard drive for my main installation media, which improves boot times significantly. Its not mere milliseconds, but it is very good for a full distro.
GNOME 41 is super polished. It seems like everything works out of the box (come on NVIDIA, lets get you on board). Whereas on other distros I would need to configure many options and drivers to get everything working properly, Fedora just works. The polish extends to all of the facets of this operating system. The boot-up splash screen is simple and beautiful. The installation of updates is clean, and the rebooting during installation is well polished. Fedora knows how to take control of an operating system and do it properly. I love how dnf (the package manager) handles updates and installing software. My Steam games worked as expected. I could edit photos easily using the photo editing software of my choice. Firefox worked great for streaming media. The HDMI output was perfect. What can I say, Fedora leaves little left to want. Yes there may be more highly configurable distributions, but Fedora seems to be one of, if not the most professional distribution I have used. (I have not been a Fedora user in the past.)
A full month has passed since Claws Mail 4.0.0 was uploaded to Debian experimental, and, somewhat surprisingly, I've received no bug report about it.
This of course can be either because nobody has been brave enough to install it or because well, it works really nice.
For those who don't know what I'm talking about, just note that this version is the first Debian upload for the GTK+3 version of Claws Mail. There was an initial upstream release, namely 3.99, but it was less polished and also I was very busy, so I decided not to upload it. Since then I've been using git's 'gtk3' branch daily without problems, so, for me, it's as stable as its GTK+2 counterpart. There's still some rough edges, of course.
In August 2016, the United States government announced a new federal source-code policy, which mandates that at least 20% of custom source code developed by or for any agency of the federal government must be released as open-source software (OSS). The memo of this policy also states that the Federal Government spends more than $6 billion each year on software through more than 42,000 transactions. Obviously, this is a huge business for all open-source developers. The question is “how can you get the business from the Federal Government?” The answer is FIPS.
Federal Information Processing Standards (FIPS) are standards and guidelines for federal computer systems that are developed by National Institute of Standards and Technology (NIST). Certain federal-related applications are required to be FIPS compliant, and many non-government organizations also follow FIPS standards. Ubuntu Pro provides you with cryptographic packages that are tested and attested by atsec Information Security, a NIST accredited laboratory. And Google automatically encrypts traffic between VMs that travels between Google data centers using FIPS 140-2 validated encryption. Your workloads can easily be FIPS compliant if you properly deploy your workloads on Ubuntu Pro in Google Cloud. Ubuntu 18.04 Pro offers you two FIPS options: FIPS and FIPS-updates. Let’s SSH into your Ubuntu Pro virtual machine. If you haven’t yet upgraded your Ubuntu LTS to Ubuntu Pro, please follow this tutorial. In less than One Minute, you will be able to get your Ubuntu Pro machine without losing any of your mission-critical workloads.
This is the second blog post (part 1 available here) where we look at the history of open source identity management. This post focuses on Oauth and OpenID, the protocols currently used in modern applications and services.
This post does not cover the technical details of the open source identity management standards, which are explained very well in this Okta blog post. Rather, it explains the origins of Oauth and OpenID, and provides insights on the context that led to their creation.
On the imminent voting of the Digital Markets Act - the latest EU proposal on internet platform regulation - the FSFE demands device neutrality as a fundamental element for safeguarding consumer protection in open, fair, and contestable digital markets.
While digital devices are a ubiquitous reality in all aspects of life, control over the hardware and software running on them is increasingly being limited by internet platforms, digital services providers, hardware manufacturers, and vendors. The European Commission's Digital Markets Act (DMA) is a regulatory instrument for targeting large internet companies that act as gatekeepers in digital markets. Such gatekeepers may be internet platforms, service providers, manufacturers, and vendors satisfying criteria defined by law. This regulatory initiative is an attempt to create fairer and more competitive markets for online platforms in the EU. On November 22, the European Parliament's leading IMCO committee will vote on its position.
The FSFE urges the Members of the European Parliament in the upcoming vote to safeguard device neutrality principles based on Open Standards and interoperability, securing the interest of consumers for a contestable, open, and competitive digital market in the EU.
[...]
After the committee voting on Monday, 22 November, the proposal will incorporate the approved amendments. Next up is the plenary voting to achieve the final position of the European Parliament, planned for December. The FSFE will continue to monitor the whole process closely and demand device neutrality to the full extent in the legislative text, so users are empowered to control technology.
"The digital markets will benefit by the regulatory proposal of the DMA. Device neutrality is fundamental for a fair, competitive, and contestable market. We demand stricter consent rules for pre-installed apps, no vendor lock-in, full interoperability, and real-time data portability. Free Software and Open Standards are key to achieve these goals", says Lucas Lasota, the FSFE's Deputy Legal Coordinator.
Have you ever been on a city street and seen a busker playing music on glasses? Each glass has a different amount of water and produces a different note when tapped. [Cyberlab] must have seen them and created an Arduino robot to play tunes on glasses. You can see the result in the video below.
If we had done this, we might have had a solenoid per glass or used some linear component like a 3D printer axis to pick different glasses. [Cyberlab] did something smarter. The glasses go in a circle and a stepper motor points at the correct glass and activates a solenoid. The result is pretty good and it is a lot simpler than any of our ideas.
If you aren’t musically inclined, you might wonder how you’d program the songs. There’s an example of taking a music box score from a website — apparently, there are lots of these — and removing any polyphony from it. The site mentioned even has an editor where you can import MIDI files and work with them to produce a music box strip that you could then convert. Then you encode each note as a number from 0 to 6.
Sometimes a chance conversation leads you to discover something cool you’ve not seen before, and before you know it, you’re ordering parts for yet another hardware build. That’s what happened to this scribe the other day when chatting on some random discord, to QMK maintainer [Nick Brassel aka tzarc] about Djinn, a gorgeous 64-key split mechanical keyboard testbed. It’s a testbed because it uses the newest STM32G4x microcontroller family, and QMK currently does not have support for this in the mainline release. For the time being, [Nick] maintains a custom release, until it gets merged.
I used the GPIO and 14-pin header present on the Seaberry (which conveniently are identical to the headers on the official CM4 IO Board), and wound up with a fully functionality power button, power LED, and activity LED!
The once-a-decade redrawing of legislative and congressional maps is still in its early phases, but a concerted Republican tactic for defending racially discriminatory maps is already clear. And thanks to a 2019 Supreme Court decision greenlighting partisan gerrymandering, they may just get away with it.
Kirk McKusick sat down with Margo Seltzer and Mike Olson to discuss the history of Berkeley DB, for which they won the ACM Software System Award in 2021. Kirk McKusick has spent his career as a BSD and FreeBSD developer. Margo Seltzer has spent her career as a professor of computer science and as an entrepreneur of database software companies. Mike Olson started his career as a software developer and later started and managed several open-source software companies. Berkeley DB is a production-quality, scalable, NoSQL, Open Source platform for embedded transactional data management.
Schleswig-Holstein is the only federal state that wants to completely replace proprietary programs with open-source programs. What are your reasons?
We have reached our limits with the contracts for proprietary software. Firstly, financially, because license fees have continued to rise over the past few years. Second, with regard to our goals for the digitization of administration. Open source simply offers us more flexibility. At the same time, all the advantages that open source always has apply: sovereignty, data security and data protection.
Can you give a specific example of open source software that makes you more flexible?
During the pandemic, we were able to quickly increase our capacities for video conferences because we had already prepared the Jitsi-based open source system. Many other countries were trapped in proprietary systems that they couldn’t quickly expand. A second example is our school portal: Because we have switched to open source, we can design the interface flexibly and combine services as we want.
Schleswig-Holstein is the northernmost German state that has planned to switch to open-source solutions in its administration and schools.
And, it is not about a couple of systems; as per the report by The Document Foundation, all 25,000 PCs associated with administration and school will be moving from Windows to Linux.
Not just limited to that, the switch also involves replacing Microsoft Office with LibreOffice.
That's a wrap, folks: the MVP, defined as Baseline Interpreter with irregexp and Wasm support for little-endian POWER9, is now officially V. This is the first and lowest of the JIT tiers, but is already a significant improvement; the JavaScript conformance suite executed using the same interpreter with --no-ion --no-baseline --no-blinterp --no-native-regexp took 762.4 seconds (1.53x as long) and one test timed out completely. An optimized build would be even faster.
Currently the code generator makes heavy use of POWER9-specific instructions, as well as VSX to make efficient use of the FPU. There are secondary goals of little-endian POWER8 and big-endian support (including pre-OpenPOWER so your G5 can play too), but these weren't necessary for the MVP, and we'd need someone actually willing to maintain those since I don't run Linux on my G5 or my POWER6 and I don't run any of my OpenPOWER systems big. While we welcome patches for them, they won't hold up primary support for POWER9 little-endian, which is currently the only "tier 1" platform. I note parenthetically this should also work on LE Power10 but as a matter of policy I'm not going to allow any special support for the architecture until IBM gets off their corporate rear end and actually releases the firmware source code. No free work for a chip that isn't!
I’ve spent a bit of time playing with vxlan - which is very neat, but also incredibly insecure by default.
When using vxlan, be very careful to understand how the host is connected to the internet. The kernel will listen on all interfaces for packets, which means hosts accessable to VMs it’s hosting (e.g., by bridged interface or a private LAN will accept packets from VMs and inject them into arbitrary VLANs, even ones it’s not on.
We all know, The Weekly Challenge a.k.a Perl Weekly Challenge started on 25th March 2019. I must confess I didn’t expect it to last this long. What worked in our favour is that we instantly found handful core supporters, who not only took part in the weekly challenge regularly but also started spreading the word. I am fortunate that they are still part of the team. While I was collecting my thoughts for the blog, I read my first RECAPS blog. You will find the format and style of RECAPS has changed a lot since.
When the idea of weekly challenge came to my mind first, I didn’t have the clear plan initially. I was just going with the flow since I didn’t have any help with the management of the weekly challenge. In the week 7, I decided to do weekly review of Perl solutions. The first such review went live on 13th May 2019. I was lucky to found help with the Perl review immediately. The week 8 saw a new reviewer, Kian-Men Ang with first review. She did a fantastic job and became very popular among Team PWC members. The last review she shared with us the week 39. I then took the charge back for few weeks. In the week 43, we finally found our new reviewer, Ryan Thompson. He came up with his own style of review as you can see in this first review from him. Ryan carried on the review till the week 54. I didn’t have the courage to take the charge back. I was looking for volunteer to take the Perl solutions review task. I didn’t have wait long. In the week 65, we found our new reviewer, Colin Crain. We are lucky to have Colin as our current Perl reviewer. His quality review every week is much appreciated by every team members.
Learn why observability is important for Python and how to implement it into your software development lifecycle.
For the last couple weeks, I focused on fixing user-reported bugs and addressing feature requests. Thanks to Miles Alan and bb010g for particularly thorough testing.
The first thing I noticed was that the default configuration of Fish was equivalent to about 30-45 lines of ZSH config. So even starting fresh with Fish was already roughly on-par with my previous ZSH configuration. Moreover, I find that the modern Fish dialect, especially its error-case semantics, are vastly superior considering the frequency with which things go wrong. In this way, Fish gives me a much more solid foundation on which to build a proper environment for myself.
Following an investigation, the Irish data protection watchdog issued a €225m (€£190m) fine - the second-largest in history over GDPR - and ordered WhatsApp to change its policies.
WhatsApp is appealing against the fine, but is amending its policy documents in Europe and the UK to comply.
However, it insists that nothing about its actual service is changing.
I used to give classes on programming style and technique, and one of the maxims I taught was “let the computer do the work”: use the computer to automate repetitive or error-prone tasks.
For centuries, people have been using patterns to communicate information in an eye-catching way. QR codes are no different, although they require a barcode scanner to decode rather than a knowledge of Navajo Native American history.
November is National Native American Heritage Month, and as part of their celebration, [ngaskins] and their students are making seed bead bracelets with QR codes. When scanned, each QR triggers a story written by the student in the form of an audio file, a video clip, or an animation. [ngaskins] says that this project was inspired by eyeDazzler, a beadwork tapestry made with software that generates Navajo weaving patterns.
Europe is in the grip of a potentially devastating fourth coronavirus wave and the United States has now recorded more Covid-19 deaths in 2021 than it did in 2020, heightening alarm among public health experts who fear another brutal winter surge.
Dr. Hans Kluge, the World Health Organization's regional director for Europe, warned Saturday that the coronavirus could kill 500,000 more people in Europe by March if political leaders don't take immediate action to forestall the current spread and increase vaccine uptake, which has been lagging in parts of the continent due, in some cases, to anti-vaccine sentiment.
The number of dead from COVID-19 in the U.S. in 2021, as of yesterday, November 20, surpassed the deadly toll of 2020.
A quiet monthslong legal fight between the U.S. National Institutes of Health and drugmaker Moderna over COVID-19 vaccine patents recently burst into public view. The outcome of the battle has important implications, not only for efforts to contain the pandemic but more broadly for drugs and vaccines that could be critical for future public health crises.
I say when you buy an Apple product, you already get one great big incredibly expensive pile of shit. (In the case of Airpods, they didn’t even follow the specification for the simple Subband Codec properly.)
Microsoft is changing the classic BSOD to black. It’s changing in Windows 11, and is part of a broader visual overhaul to the operating system.
A few years ago, it was discovered that the root account was not locked out in Alpine’s Docker images. This was not the first time that this was the case, an actually exploitable case of this was first fixed with a hotfix in 2015, but when the hotfix was replaced with appropriate use of /etc/securetty, the regression was inadvertently reintroduced for some configurations.
It should be noted that I said some configurations there. Although CVE-2019-5021 was issued a CVSSv2 score of 9.8, in reality I have yet to find any Alpine-based docker image that is actually vulnerable to CVE-2019-5021. Of course, this doesn’t mean that Alpine shouldn’t have been locking out the root user on its minirootfs releases: that was a mistake, which I am glad was quickly rectified.
Lately, however, there have been a few incidents involving CVE-2019-5021 involving less than honest actors in the security world. For example, a person named Donghyun Lee started mass-filing CVEs against Alpine-based images without actually verifying if the image was vulnerable or not, which Jerry Gamblin called out on Twitter last year. Other less than honest actors, have focused instead on attempting to use CVE-2019-5021 to sell their remediation solutions, implying a risk of vulnerability, where most likely none actually exists.
In a post in The Telegraph, Antigone Davis, Meta’s head of safety, attributes the delay to concerns about user safety. Since E2EE means only the sender and recipient will see their conversations, Davis says Meta wants to ensure that this doesn’t interfere with the platform’s ability to help stop criminal activity. Once E2EE does become available by default, Davis notes that the company will “use a combination of non-encrypted data across our apps, account information and reports from users” to help keep them safe, all while “assisting public safety efforts.”
WhatsApp is owned by Facebook, now renamed Meta Platforms. With the update, users in Europe will see a banner notification at the top of their chat list that will take them to the new information.
WhatsApp is taking the action after getting hit with a record 225 million euro ($267 million) fine in September from Ireland's data privacy watchdog for violating stringent European Union data protection rules on transparency about sharing people's data with other Facebook companies.
The chat service said it disagreed with the decision, but it has to comply by updating its policy while it appeals. The update doesn't affect how data is handled, and users won't have to agree to anything new or take any other action.
Some VPN companies like NordVPN advertise “Onion over VPN”, but is it safe?
The short answer is, no. It’s not.
The long answer is, hell no…and this is why.
Tor isn’t just an anonymity network proxy system. It’s a special browser with special settings designed to resist fingerprinting attacks, isolate sites from each other, and forget everything you do.
If you use a normal Web browser with the Tor network, you don’t get any of these protections. It also means that if someone has compromised the VPN server you’re using, well, Tor is running on that server and not your computer.
Obviously, this is less private, and much less secure, than running Tor and the Tor Browser on your computer. There is no safe way to use onion domains on a normal Web browser, even if your VPN provider knows what they’re doing.
EFF’s Certbot tool helps to automate TLS/SSL certificates for web servers—and we believe that should be a global right. Certbot is a free, open source software tool for automatically using Let’s Encrypt certificates, and is part of EFF’s larger effort to encrypt the entire Internet. Websites need to use HTTPS to secure the web. Along with HTTPS Everywhere, Certbot aims to build a network that is more structurally private, safe, and protected against censorship.
A long standing goal is to make Certbot more accessible to those needing it in languages other than English. Today, we have taken that first step, by translating our Instructions Generator into Farsi.
In this article, CIA mind-control programs are linked to experiments on returning Korean War POWs. Also revealed is the extent to which CIA officials from Projects Bluebird, Artichoke and MKULTRA collaborated with U.S. biological warfare efforts, including the top secret “processing” of high-ranking POWs who confessed to U.S. use of biological weapons. This is a long involved story, and the full history has never been told before.
Beijing views self-governed Taiwan as a Chinese province and vows to reunify it with the mainland, even by force if necessary. Under its "One China" policy, Beijing wants countries to officially recognize the Chinese government over that of Taiwan and break formal political ties with the island.
In his desire to ratchet up the pressure on Europe, Lukashenko has created a shameful system that now stretches as far as Syria, Iraq and Turkey. A team of DER SPIEGEL journalists spent several weeks reporting in Minsk, Istanbul and along the Polish border. The reporters evaluated flight data and visa documents, interviewed smugglers and middlemen who bring migrants to Belarus for the regime. Their research reveals a smuggling system against which the EU hasn’t yet found a remedy. Every day, hundreds of people land at the airport in Minsk; every day, more and more people push towards the border.
On the evening of November 5, a Moroccan migrant on an Air Arabia Maroc flight between Morocco and Turkey pretended to be suffering from a diabetic coma. The supposed medical emergency forced the pilot to land the plane in Palma, a city on the Spanish island of Mallorca, located in the western Mediterranean Sea.
Upon landing, an airplane door was opened to allow a medical team to transfer the allegedly sick traveler to a local hospital. At that moment, more than two dozen migrants rushed to the door, exited the aircraft, fled across the runways, and jumped the airport's perimeter fence. A video of the incident, initially censored by Spanish media, was made public by Vox, a conservative party opposed to mass migration.
After hours of searching, twelve of the migrants were eventually found and detained. At least 13 others, thought to be Moroccans and Palestinians, remain at large. They are believed to have boarded ferries for the seven-hour voyage from Mallorca to Barcelona on the Spanish mainland.
Once in Spain, illegal immigrants are protected by European Union human rights laws and are unlikely ever to be deported. They are also able to travel unhindered from Spain to other EU countries including France, Belgium and the Netherlands, all of which have large Moroccan communities. At this point, the fugitives could be anywhere in Europe and are not likely to be found.
Spanish police said that the plot, which forced the closure of the Palma de Mallorca airport, the third-busiest in Spain, was hatched by a Moroccan Facebook group called Brooklyn.
“Now a bit of a new method has been taken on by the migrants and Belarusian services... Smaller groups of people are trying to cross the border in many places.”
He added that “there is no question that these attacks are directed by Belarusian services.” The West accuses Belarus of artificially creating the crisis by bringing in would-be migrants — mostly from the Middle East — and taking them to the border with promises of an easy crossing into the European Union.
Apple co-founder Steve Wozniak's startup Privateer aims to help humanity get the goods on space junk before it's too late.
The Hawaii-based company, whose existence Wozniak and co-founder Alex Fielding announced in September, wants to characterize the ever-expanding space debris population like never before. Privateer will do this by incorporating a variety of data, including crowdsourced information and observations made by its own sizable satellite fleet.
His painting of the dead bees is from his long-term project “Testaments of Loss”. Loss of biodiversity, habitats, and the consequences of trophic cascades are considered as serious an environmental threat as climate change (to which each is intricately linked). In this ongoing project, Derek is creating a series of direct paintings and sketches documenting small-scale incidents of environmental loss. These will be collected to form a large wall of 100 or more paintings that give a sense of scale and range beyond their small and immediate observations. He had begun these using the same methods he uses for other field sketchings. They are sketchbook pages- direct observations annotated with notes in the field. They are framed as objects, with ragged edges of spiral bindings.
The Roadmap for Fossil-Free Transport sets ambitious goals for the future, including 700,000 electric and 130,000 gas-powered passenger cars by 2030.
Less than four years ago, Crypto.com was the personal blog of a University of Pennsylvania computer science professor.
By the end of this year, the name will be emblazoned on one of the most storied U.S. sports venues, part of an expensive marketing blitz from a little-known company that took over the web address and turned the site into a cryptocurrency playground.
Oil and gas companies like ExxonMobil and the Canadian giant Suncor have transformed the tar sands — also called oil sands — into one of the world’s largest industrial developments, covering an area larger than New York City. They have built sprawling waste pits that leach heavy metals into groundwater and processing plants that spew pollutants into the air, sending a sour stench for miles.
The mines’ ecological impacts are so vast and so deep that L’Hommecourt and other Indigenous people here — mostly from the Dene and Cree First Nations — say the industry has challenged their very existence, even as it has provided jobs and revenue to Native businesses and communities. People in this region have long suspected that the tar sands mines were poisoning the land and everything it feeds.
The U.S. Coast Guard on Saturday dispatched aircraft and boats to investigate the oil sheen measuring about 70 feet (21 meters) by 30 feet (9 meters) off the coast of Orange County.
Facebook has registered this month to lobby Congress on blockchain policy, following a rebranding of the company that is intended to take the company beyond its social media roots.
The lobby registration was filed on November 4 and it comes after the infrastructure bill, signed into law this week, established tax reporting requirements for cryptocurrencies, which require the decentralized transaction ledger known as the blockchain to function.
Revenue secretary Tarun Bajaj said that in terms of income tax, some people are already paying capital gains tax on the income from cryptocurrency, and in respect of goods and services tax (GST) also the law is "very clear" that the rate would be applicable as those in case of other services.
Chief Brigadier Etienne Mutazimiza Kanyaruchinya, 48, was killed Saturday evening when 100 heavily armed men, presumed to be former members of the M23 rebel group, attacked a patrol post near the village of Bukima in Congo’s North Kivu Province. The rest of the rangers fled unharmed, said the statement.
The institute said it was the second attack in two weeks by the same group, which operates along the Rwandan and Ugandan borders and is trying to establish bases in the park. The previous attack was repelled by the Congolese military but several soldiers were killed.
After three decades of neglect, more environmentalists are waking back up to the need to limit human numbers. But like Rip Van Winkle, we find that the world changed while we were asleep. There are now billions more people, consuming more than ever, while our world has grown warmer, tamer, and more polluted. A new article in The Ecological Citizen discusses what just population policies might look like in an overpopulated world.
In a particular place, over population can also be caused by an influx of people forced into the area due to war, famine or other disasters making their previous home uninhabitable. Climate Change is causing an increase in the number of hurricanes and floods and is likely to cause many more people to become displaced in the future. Overcrowding leads to further demand for limited resources and this, in turn, can lead to more conflict and warfare.
As humans seek out more resources, they take over land that was once the habitat of other species leading to huge biodiversity loss. Present extinction rates may be as high as 140,000 species lost every year due to humans over fishing and taking over large areas of land (such as tropical rainforests) to use for farming food and fuel crops.
With all the attention paid to environmental destruction and global warming by ordinary citizens and world leaders, I fail to see why overpopulation is never addressed.
It is a subject that no-one seems to want to talk about and yet, logic dictates that a smaller global population will automatically decrease the ever-growing demand for the consumables that are destroying our climate.
The disposition of the Boeing manslaughtering of 346 trusting passengers and crew in the 737 MAX crashes (Indonesia – 2018 and Ethiopia – 2019) further weakens the system of tort law and individual pursuits of justice after wrongful deaths.
Date on which the terms of Ron Bloom, chair of the U.S. Postal Service's Board of Governors, and board member John Barger end: 12/8/2021
Rep. Alexandria #OcasioCortez of New York warned Sunday that congressional Democrats risk depressing turnout in upcoming elections if they further weaken their flagship reconciliation package, which right-wing lawmakers have already stripped of popular programs and cut by roughly $2 trillion overall.
"I think that the worst and most vulnerable position we could be in is to over-promise and under-deliver."
The Heritage Foundation, a€ prominent conservative think tank, is publicly opposing a€ new Biden administration regulation that would force the weapons industry to report its greenhouse gas emissions related to federal contracts. It turns out the Heritage Foundation also receives significant funding from the weapons industry, which makes the case worth examiningââ¬â°—ââ¬â°because it reveals how the arms industry pays supposedly respectable institutions to do its policy bidding at the expense of a€ planet careening toward large-scale climate€ disaster.
There have been news reports that have been circulating that a mosque in Kakraban area of Gomati district in Tripura has been damaged and vandalized. These news reports are fake and are a complete misrepresentation of facts. The mosque in Dargabazar area of Kakraban has not been damaged and the Tripura Police in Gomati district is working to maintain peace and tranquillity.
Members of the mainstream political media inadvertently furthered an Iranian disinformation campaign Wednesday by writing a number of viral reports suggesting that the far-right Proud Boys group was threatening Democratic voters via email, just hours before the FBI and the DNI announced the emails were actually sent by Iranians looking to disrupt the election.
Instead, Iran is signaling that U.S.-Iranian relations will remain unchanged regardless of who wins. Khamenei has already ruled out nuclear negotiations with the U.S. altogether. More recently, Iranian state media reported that Iran sees "no difference" with regard to the candidates, and on Telegram, a popular social media app in Iran, a channel affiliated with the Islamic Revolutionary Guard Corps claimed that pressure against Iran would continue regardless of whether Trump or Biden wins.
On Tuesday noon, public broadcaster ORF reported on its homepage about the new OSCE report, according to which the number of anti-Christian and anti-Semitic hate crimes in Europe has increased significantly. However, only for a short time – because the report was suddenly deleted without comment and cannot be found since.
A Somali journalist with state-run media was killed Saturday in Mogadishu when a suicide bomber blew up his car, government officials and his colleagues said. Another journalist also was injured.
Abdiaziz Mohamud Guled, better known as Afrika, the director of the state-run Radio Mogadishu, died from his wounds, while fellow journalist Sharmarke Warsame, who was traveling with Guled, sustained a severe injury, according to government spokesperson Mohamed Ibrahim Mo’alimuu.
Islamic militant group al-Shabab had reportedly been "hunting" Abdiaziz Afrika for a long time. The director of the state-run Radio Mogadishu was reportedly attacked after leaving a restaurant.
Chinese dissident Ai Weiwei, a famed artist and activist, warned Americans during an interview that aired late last week that they are already under the control of an authoritarian state, they just don’t realize it yet.
Weiwei said that the situation in China has become “more extreme, in terms of censorship, in terms of their tolerance to dissidents.” He later added that he was not hopeful for China’s future given the direction that China is going.
According to the European Court of Human Rights, only an “overriding public interest” can justify requiring a journalist to reveal a source, and only if this requirement is “reasonably proportionate to the legitimate aim pursued.”
These conditions have not so far been demonstrated by the Polish authorities. When the Gdansk appeal court ordered WÃ âodkowska to reveal her source on 15 October, the court simply said the “good of the justice system requires it.”
The fiancée of the slain Saudi journalist Jamal Khashoggi has published an open letter in The Washington Post asking the singer Justin Bieber to cancel his performance at a Formula One race in Saudi Arabia.
In the letter, Hatice Cengiz urged Bieber to cancel his scheduled Dec. 5 performance in the Red Sea city of Jiddah to "send a powerful message to the world that your name and talent will not be used to restore the reputation of a regime that kills its critics."
Khashoggi's "brutal murder made headlines all over the world," Cengiz wrote. "Ever since, many human rights organizations and individuals, including myself, have been calling for justice and accountability."
For two weeks, we’ve heard trial testimony and seen evidence of the events that occurred on August 25, 2020 — the night that Kyle Rittenhouse shot and killed two people and injured another during a Black Lives Matter protest in Kenosha, Wisconsin. While Rittenhouse was not held accountable, he was not the only one whose conduct on that deadly night should be scrutinized. The actions — and inaction — of the Kenosha Police Department and the Kenosha County Sheriff’s Department in the preceding 72 hours played a critical part in the tragic events that took place.
Women have been banned from appearing in television dramas in Afghanistan under new rules imposed by the Taliban government.
Female journalists and presenters have also been ordered to wear headscarves on screen, although the guidelines do not say which type of covering to use.
Reporters say some of the rules are vague and subject to interpretation.
Her father, Murad Khan, a day laborer who hasn’t found work in months and has eight children to feed, looks much older than his 55 years — his face is worn with worry. His decision to sell Benazir to marriage at such a young age comes down to a cold calculation.
“We are 10 people in the family. I’m trying to keep 10 alive by sacrificing one,” he said in Pashto.
Others have in the meantime fully embraced home office culture, although there was not really a chose with two lockdown periods being imposed last year. As the most recent report from the National Institute of Statistics and Economic Studies (STATEC) dates back to June this year, it is difficult to assess where exactly the country is standing at the moment.
STATEC did however find that remote work slowed down during the second trimester of the year. Nevertheless, it remains considerably elevated with 41% of employees affected, although the highest point ever was even higher at 52%, reached during the second trimester of 2020, at the height of the pandemic.
Apple’s change of heart is being seen as a victory for a growing “right to repair” movement. Around the world, organisations such as The Repair Association, an American advocacy group, are fighting manufacturers’ tendencies to bar people from fixing their own goods, whether smart gadgets, cars or washing machines. Carmakers are coming under increasing pressure. John Deere, a tractor manufacturer, is embroiled in a long-running row with farmers, many of whom have downloaded hacked software for their vehicles so that they can make repairs without going through a costly authorised dealership. Right to repair is a popular cause. A YouGov survey carried out last month, for example, found that 81% of Britons would support the expansion of right-to-repair legislation to include smartphones, tablets and laptops (it already covers things such as white goods and televisions). Politicians seem to be on board too. Twenty-seven American states are considering right-to-repair legislation, according to the US Public Interest Research Group (US PIRG), a lobby group, although none has yet passed into law. The European Parliament recently voted to beef up regulation in the EU, so that certain new electrical goods will need to be repairable for at least ten years.
Last week, police in the central state of Madhya Pradesh arrested two men for allegedly trafficking 20kg of the drug to other Indian states.
Police say the men had traded cannabis on the site in the guise of selling stevia leaves, a natural sweetener.
You may not have noticed, but Google limits the number of blocked addresses you can have.
Favipiravir is a broad-spectrum antiviral drug used in the treatment of multiple diseases and is the first drug that has been approved by various countries as an emergency treatment for covid-19. Thailand's Department of Intellectual Property has rejected a Thai patent application filed under the compulsory licence system for a specific formulation of Favipiravir in tablet form.
In Design Patent Law’s Identity Crisis, presented at the Berkeley Center for Law & Technology’s February 2021 “Design Patents” symposium, we traced the origins of design patent law’s ornamentality/non-functionality doctrine and showed how the Federal Circuit, the nation’s de facto design patent emperor over the past four decades, has turned the doctrine on its head: it has upended the 1902 Act’s intent and reversed three-quarters of a century of regional circuit jurisprudence. So much so that the post-1902 Act regional circuit design patent cases invalidating design patents on functionality grounds would come out oppositely under the Federal Circuit’s lax standards. Those standards led to the absurd result that Apple could disgorge Samsung’s profits on its smartphones because they employed rounded rectangular shapes. We showed that the Patent Act limited design protection to original, ornamental articles of manufacture, and excluded protection for functionality.
BCLT invited practitioners and academics to comment on our analysis. While none of the commentators questioned, no less refuted, our core finding that the Federal Circuit has flipped the ornamentality/non-functionality doctrine, several offered fig leaves to clothe the Federal Circuit’s lax standards for design patent eligibility and infringement. In responding to our article, practitioner Perry Saidman and Professor Mark McKenna suggested that the design patent regime can be justified in part based on the tighter functionality screen that the PTO applies to design patents than the low threshold that the Copyright Office applies to copyright registrations to useful articles.
On September 17th, Junior Party the University of California/Berkeley, the University of Vienna, and Emmanuelle Charpentier (collectively, "CVC") filed its Motion to Exclude certain evidence presented by Senior Party ToolGen Inc. in Interference No. 106,126. ToolGen filed its Opposition to CVC's motion on October 8th, and CVC filed its Reply on October 15th.
[...]
(all of which factual predicates are satisfied here, ToolGen argued). ToolGen asserted three bases for establishing the interview's trustworthiness: Dr. Doudna herself confirmed the article was written after she was interviewed; the sentiments contained in the interview were ones she had voiced in several other instances; and Dr. Doudna has never corrected or retracted she made in the interview, even in her deposition when given an opportunity to do so.
ToolGen also asserted that this evidence should not be excluded because it is "highly probative of Dr. Doudna's contemporaneous thoughts regarding the doubts she had that CRISPR-Cas9 could be adapted for use in eukaryotic cells," citing United States v. U.S. Gypsum Co., 333 U.S. 364, 395–96 (1948), and the Board's own preference for contemporaneous statements on this very issue in Interference No. 105,048 and in the Decisions on Motions in Interference No. 106,115.
In its October 15th reply, CVC directed its counterargument to ToolGen's "belated" attempt (in its view) to authenticate Dr. Carroll's YouTube video with reference to ToolGen Exhibit Nos. 1614 (the Innovative Genomics Institute website, Innovative Genomics Institute) and 1615 (Opening Screen of Ex. 1283 (Dana Carroll, Issues in CRISPR-Cas Editing, YOUTUBE, 32:42–32:57 (Nov. 4, 2017)). The time to authenticate was August 5, 2021 (in response to CVC's timely objection) and the Board should not permit ToolGen to supplement its evidence with these attempts to corroborate, CVC argued. CVC also rebutted ToolGen's argument that only 15 seconds of the Carroll lecture were to be excluded, saying that CVC had move to exclude the video "in its entirety" (emphasis in brief). Rather, ToolGen submits a video "excerpt" unauthenticated as to "who excerpted it, and whether it still accurately portrays the original subject matter in its excerpted form" (emphasis in brief).
Law-and-economics literature talks a lot about the risk of error, including the risk of judicial error, as a reason for or against various rules and standards. Error costs, for example, are a standard consideration in the law-and-economics analysis of property rules versus liability rules, as I have discussed, e.g., here. Outside of antitrust law, however, where the balancing of type I (false positive) and type II (false negative) errors has become something of a commonplace, you don’t see courts address the risk of judicial error all that much. (At least, that’s my impression; though I suppose you could argue that anytime a court considers whether to grant a preliminary injunction, its consideration of the potential irreparable harm to the parties if the ruling goes against them is an implicit acknowledgment that its analysis could be wrong. There is no legally cognizable harm, after all, if the court decides correctly.) Anyway, I mention this here because one thing that struck me in the recent decisions by Mr. Justice Meade in Optis Cellular Technology LLC v. Apple Retail UK Limited and by His Honour Judge Hacon in Nokia TechnologiesOy v. Oneplus Technology (Shenzhen) Co., Ltd. both address the risk of judicial error, to some extent, albeit by way of concluding that it isn’t a substantial concern in either case.
Nokia recently announced that it has reached the milestone of 4,000 patent families declared as essential to 5G standards. The milestone reflects Nokia’s continued leadership in cellular technology R&D and standardization.
Joint inventorship has been called "one of the muddiest concepts in the muddy metaphysics of patent law" because the "exact parameters of what constitutes joint inventorship are quite difficult to define." Mueller Brass Co. v. Reading Indus., 352 F. Supp. 1357, 1372 (E.D. Pa. 1972), aff'd, 487 F.3d 1395 (3d Cir. 1983). The consequences of an improper (or improvident) determination of inventorship (and the sometime difficulties that can arise when a change of inventorship is delayed until a patent is being asserted at trial) is illustrated in the Federal Circuit's recent non-precedential decision in Horizon Medicines LLC v. Alkem Laboratories Ltd.
[...]
And the Federal Circuit dismissed consideration of Horizon's arguments regarding non-infringement of the '033 patent as moot in view of their affirmance of the invalidity of the '033 patent's asserted claims.
Regarding the '451 patent, Horizon argued that the District Court erred in construing the term "comprising" as recited in the claim with regard to the barrier layer limitation to mean "consisting essentially of." The Federal Circuit rejected this argument, first, because the panel held that Horizon had not established harmful error in its briefing, and second, "the prosecution history of the '451 patent supports the district court's construction." Specifically, the opinion points to "multiple exchanges with the Examiner" where Horizon made amendments to overcome rejections over the prior art that purportedly "focus[ed] on an embodiment of the invention that uses Opadry€® White (YS-1-7003) as a barrier layer." In view of this history the panel found no clear error in the District Court's construction nor the factual basis for its finding of non-infringement.
IP lawyers call for WIPO to revamp the Nice Classification in view of the changing nature of goods and services such as influencer activities
The Federal Circuit Bar Association (FCBA) will be offering a remote program entitled "International Innovation and Patents: TRIPS and Vaccine Waivers" on November 18, 2021 from 11:00 am to 12:00 pm (ET).
In-house counsel in the wind energy sector tell Managing IP how their IP strategies have adapted to a difficult business climate
A new division of Ireland's Commercial Court dedicated to intellectual property cases and disputes about complex technology has been established under a revised Order 63A of the Rules of the Superior Courts (revised Rules). The new Intellectual Property and Technology List (IP & Technology List), a sub-division of the Commercial Court list, comes into operation on 22 October 2021. Judges will be assigned to the IP &Technology List by the President of the High Court.
The introduction of the IP & Technology List follows recommendations contained in a report from a review group established under Mr Justice Peter Kelly to review the administration of civil justice in Ireland (Review Group). The Review Group published its Review of the Administration of Civil Justice Report (Report) in October 2020. The Review Group recognised the likely benefits that would result from the introduction of a "specialised intellectual property list". It also recommended that appropriate resources be made available to ensure that the Irish courts remain an attractive forum for resolving intellectual property (IP) and technology disputes in as timely and cost-effective manner as possible. The revised Rules implement these recommendations.
The Biologics Price Competition and Innovation Act (BPCIA), passed by Congress in 2010, aimed to streamline the process of getting biosimilar drugs to market by creating an abbreviated approval pathway for these versions of the original high-priced biologic drugs. Given that potential for savings, where has the process gone awry?
At first glance, BPCIA seems to have worked: Approximately 30 biosimilars have been approved by the FDA since 2015 (bit.ly/2XtPc4U). Unfortunately, at least eight cannot enter the market between two and nine years because of patent litigation and exclusivity.
The years-long dispute between Certhon and PlantLab has come to an end now that the European Patent Office has revoked PlantLab's European patent. PlantLab's patent EP2348841 was directed to the application of LED lighting in climate chambers in combination with controlled leaf and root heating. Certhon argued at the European Patent Office that the technology on which the European patent is based has been general prior art since the 1990s and does not contain any new techniques. The European Patent Office reversed the decision because of the patent "not being inventive."
The dispute between Certhon and PlantLab did not only play out at the European Patent Office; PlantLab initiated several proceedings before the Court of Justice The Hague over the years, all of them in connection with PlantLab's claim that Certhon was infringing the European patent (and the Dutch patent NL2002091 derived from it). Back in May 2018, the Court of Justice The Hague ruled that Certhon did not infringe either of PlantLab's patents, and this judgment was upheld in the appeal initiated by PlantLab against this judgment of the Court of Justice The Hague. The Hague Court of Appeal also ruled that Certhon did not infringe the PlantLab patents.
[...]
Leon van Duijn of PlantLab: "On 10 November, the EPO found that one claim of the six of the patent was not sufficiently new, so, unfortunately, the patent has now expired as a whole. The method of working, however, was found to be novel. The trajectory of the first PlantLab Indoor Farming patent in Europe will now be continued. This first patent is only one of the patents that PlantLab has in its portfolio. An application (divisional of the first patent) is pending at the EPO that will also secure the PlantLab IP. This also has the same priority date (October 13, 2008). We expect that a final decision on this Indoor Farming patent status will be made in the coming year."
Juristat will offer a one-hour webinar entitled "Examiner Procrastination at the USPTO: How End-Loading Impacts Your Organization" on November 17, 2021 from 1:00 to 2:00 pm (ET).
In an exclusive interview, the circuit judge says she might promote the importance of the patent system and serve on some boards after she leaves in March
Anybody to whom you disclose your invention must agree in advance that it is confidential and that the information will not be used by them or passed on. Outside an immediate circle of family and possibly friends, you should have a written confidentiality agreement signed. The safest thing is to limit disclosures strictly until a patent application has been filed.
If there have already been disclosures of your invention, you should give us details of those. In many cases they may be treated as confidential in any event but we need to assess the situation. Even if patent protection cannot be obtained in the UK or elsewhere in Europe, there will be other countries where it may be possible. One of those is the United States, where a patent application can be filed up to a year after your own disclosures.
The U.S. Patent Office (USPTO) provided notification to Cure that U.S. Patent No. 11,179,331 (the ’331 patent) is set to issue on November 23, 2021. The ‘331 patent (“Oral Soluble Film Containing Sildenafil Citrate”) covers Curefilm blue.
If there is one legal issue that ought to be taught to all software engineers, it is, "Don't read patents!" I am sure that the company lawyer pointed out that had you not read the patent and violated it, the penalty would be much lower than if you had read the patent, and accidentally violated it. It is trivially easy to accidentally violate a software patent because, of course, lawyers write such patents to be overly broad, and thereby set traps for the unwary coder.
An SAP patent was not "inventive enough" to be legally binding, according to a US judge in an intellectual property case which also saw Teradata's claim in the dispute reduced.
The federal judge in California last week trimmed down claims from both sides of an ongoing dispute over a joint venture the firms entered into back in 2008.
Teradata alleged that the German software company used the JV to try to access the US company's intellectual property and build its HANA in-memory database, which it would try to get its customers to use, according to a 2018 filing at the US District Court for the Northern District of California.
On 6 September 2021, Denmark introduced new, stricter rules for registrants of '.dk' domain names. If domain name registrants do not keep their contact information up-to-date, all of the registrants' domain names may risk getting suspended and deleted. Secondly, 'Registrar Management' has been introduced. A registrant can hereby allow a registrar to manage the domain name administration. Thirdly, higher prices have been introduced.
The registration of a trademark is one of the most important steps in the development of a brand. A registered trademark gives its owner the right to be the exclusive user of a given sign in relation to the goods and services for which it has been registered. The trademark owner's monopoly over the brand, provides an advantage over the competition, as well as a powerful tool to counteract imitators and infringers.
If a business needs trademark protection in Bulgaria, this can generally be achieved via registering a Bulgarian trademark, or via registering an European Union trademark (as EU trademarks are also valid in Bulgaria.
The World Intellectual Property Office’s latest research shows that despite the onset and continued impact of the COVID-19 pandemic, companies have continued to offer up new goods and services, and seek out trademark registrations for the corresponding branding. Based on data supplied by 150 national and regional authorities, the Geneva-based WIPO revealed in its recently-released 2021 World Intellectual Property Indicators Report that an estimated 13.4 million trademark applications for registration covering a total of 17.2 million classes of goods/services were filed worldwide in 2020, up 16.5 percent from the number of applications filed during pre-pandemic 2019.
In the latest legal battle over footwear, Vans is accusing Walmart of embarking on “an escalating campaign to knock off virtually all of [its] bestselling shoes” and running afoul of its trademark rights in the process. In the complaint that they filed in a California federal court on Monday, Vans and its parent company VF Corp. assert that in light of the fact that Walmart is not an authorized retailer of Vans and thanks to the “tremendous value” tied to Vans’ many well-known trademarks, Walmart “started shamelessly selling copycat shoes in a direct effort to confuse consumers, unlawfully siphon sales from Vans, and intentionally damage Vans’ valuable intellectual property rights.”
[...]
For some larger context, the case (and Walmart’s alleged infringement spree) comes as the retail titan, which has solidly held the title of the largest retailer in the world for decades, is looking to bolster its offerings – and its e-commerce presence – in an attempt to compete with rival Amazon and also to stay in stride with digitally-connected consumers. This quest has seen Walmart endeavoring to amass a larger piece of the mainstream apparel and accessories market, including by way of M&A activity and private labels, such as the ones at issue in this case, as well as ones that has been launching with the help of famous faces. “We are in the process of building these brands that have their own DNA,” Denise Incandela, Walmart’s EVP, Apparel Division and Private Brands, said back in 2019 about the retailer’s increased activity on the private label front. “We are keen on building out great quality products at an exceptional value.”
Beyond that, Walmart has also doubled-down on its third-party marketplace, which grew to an estimated 70,000 sellers in 2020, per Reuters, “fueled by a surge in online shopping due to the Covid-19 pandemic and a series of investments in technology and vendor relationships.” Data firm Marketplace Pulse reported earlier this year that it expects growth in the number of sellers on Walmart’s marketplace to surge by 146 percent by the end of 2022.
Yeezy LLC and Walmart have put proceedings in a fight over their respective sun burst logos on hold temporarily, with the Kanye West-owned fashion brand and the American retail behemoth telling the U.S. Patent and Trademark Office’s Trademark Trial and Appeal Board (“TTAB”) that they are “actively engaged” in settlement negotiations. In a filing on November 11, the TTAB granted Yeezy’s recent motion to suspend the opposition proceedings for 60 days, giving the two companies time to potentially work out their differences in the matter that Walmart initiated this spring in a quest to block Yeezy from registering a similar sun rays graphic.
The suspension of the opposition proceedings comes on the heels of Yeezy filing its answer to Walmart’s amended notice of opposition, in which the Bentonville, Arkansas-based giant claims that “it will be damaged by registration of [Yeezy’s] mark” – a sun burst mark that Yeezy claims that it intends to use on clothing and retail store services, and musical sound recordings and streaming to hotel services and the construction of “non-metal modular homes,” among other things, given its use of a similar mark since at least 2007.
Walmart (again) and Kanye West are reaching an agreement. The supermarket titan and the rapper are showing negotiating skills at their finest.
Everything we covered on WTR over the past seven days – and all you need to know from the world of trademarks to set yourself up for the start of another busy week.
Members of the MARQUES International Trade Mark Law and Practice Team are taking part in the Working Group on the Legal Development of the Madrid System for the International Registration of Marks this week.
The Team is represented by Chair Jessica Le Gros, as well as Tove Graulund, Gaving Stenton and Paola Tessarolo.
The meeting, which lasts from Monday to Wednesday, is in hybrid format and will deal with important topics such as the calculations of time limits to respond to provisional refusal and the reduction of dependency period for the basic mark.
Metal guitarist thinks Doomscroll is a great name for a band. Id Software disagrees.
Dustin Mitchell was scanning the local news one day when inspiration struck in an unlikely article. The report was on a woman who, in a fit of QAnon mania, had destroyed a display of face masks at a Scottsdale, Arizona, Target store. The woman later explained what brought her to that point: “All I did was doomscroll,” she said, referring to her voracious consumption of disastrous news on social media. Something in Mitchell clicked.
And finally, it seems like someone over at Id Software is a bit confused. The story began when a metal guitarist named Dustin Mitchell stumbled across the term “doomscroll” and decided that it would make a great name for a progressive thrash metal band. After diligently filing a trademark application with the US Patent and Trademark Office, he got an email from an attorney for Id saying they were going to challenge the trademark, apparently because they feel like it will cause confusion with their flagship DOOM franchise. It’s hard to see how anyone who lived through the doomscrolling years of 2020 and 2021 is going to be confused by a thrash metal band and a 30-year-old video game, but we suppose that’s not the point when you’re an attorney. Trademark trolls gonna troll, after all.
Germany has always had an extensive judicial practice in copyright law. Usually, judges with a specialist knowledge of copyright law issue the decisions because among German courts, decision making bodies specialised in copyright law have been created. There is even one senate at the highest German civil court, the German Federal Court of Justice (BGH), which has copyright law as one of its specialist areas. The case law of that copyright law senate of the BGH from 2015 to 2019 is summarised below. An English translation of the relevant statutory provisions from the German Copyright Act (UrhG) can be found here. The decision practice of the BGH in 2020 will be described separately in a later article.
Earlier this year, Creative Commons announced that four working groups of the Creative Commons Copyright Platform would examine policy issues affecting the open ecosystem from a global perspective: (1) artificial intelligence and open content; (2) platform liability; (3) copyright exceptions and limitations; and (4) the ethics of open sharing.
The CC Copyright Platform was established as a discussion space to strategize on copyright reform as a complementary action to developing and stewarding CC licenses. Over the last few months, each working group has discussed, researched and dissected these issues, and produced four Position Papers encapsulating their outcomes, available now on the CC Medium Publication.
At ‘The Future of Open’ webinar, hosted on 9 November 2021, the four working group leads presented their work to CC Global Network members, practitioners, policymakers and the general public. Speakers at the webinar included: Catherine Stihler, CEO, Creative Commons (Welcome Remarks), Brigitte Vézina, Director of Policy, Open Culture, and GLAM, Creative Commons (Moderator), Max Mahmoud Wardeh, WG 1 Lead (Artificial Intelligence and Open Content), Emine Yildirim, WG 2 Lead (Internet Platform Liability), André Houang, WG 3 Lead (copyright exceptions and limitations), Josie Fraser, WG 4 Lead (the ethics of open sharing). Below you will find the webinar recording, summaries of the four papers, and links to read them.
the 21 for 2021 project, a CREATe project within the AHRC Creative Industries Policy and Evidence Centre (PEC). The 21 for 2021 project offers a synthesis of empirical evidence catalogued on the Copyright Evidence Portal, answering 21 topical copyright questions for the 21st century. In this post, Bartolomeo Meletti (Creative Director, CREATe) explores the empirical evidence on copyright exceptions.
[...]
This blog offers a synthesis of the empirical evidence on exceptions catalogued on the Copyright Evidence Portal, with a view to suggesting potential directions for future research.
Piracy tracking firm MUSO recently asked Google to remove tens of thousands of non-existing URLs, including those of mainstream sites such as Amazon, Variety, Billboard, the Huffington Post, and ABC News. The company explains that the incorrect DMCA notices are the result of a misconfiguration that has since been addressed. Meanwhile, the company is working with Google to ensure that the incorrect reports are retracted.