09.23.21

[Meme] The EPO’s Carte Blanche and ‘Diplomatic Immunity’ Card

Posted in Europe, Patents at 3:24 pm by Dr. Roy Schestowitz

EPO card: No moral damages, No apology either

Summary: EPO staff is being taken for another ride by António Campinos and his cohorts, whose popularity among staff has likely gone down to sub-zero levels already (even faster than Benoît Battistelli)

As Expected, Minimal Pseudo Compliance From EPO Management, Adding Insult to Injury

Posted in Europe, Patents at 3:03 pm by Dr. Roy Schestowitz

Earlier this month: Two Months of ILO-AT Non-Compliance at the EPO and a Decade of a Docile Administrative Council That Approves Illegal Proposals

Extension of strike judgments to all staff

Summary: SUEPO Central, the core of the staff union of EPO staff (almost 7,000 workers at the EPO, most of whom are SUEPO members), has strong words about the EPO’s attitude and stance, which is perhaps unsurprising but still extremely disappointing

MORE than two months after the historic judgements of ILO-AT the EPO‘s President, António Campinos, writes internally to staff about Benoît Battistelli‘s strike regulations being ruled unlawful. Almost a decade too late!

The staff union is rightly upset and understandably circulates another publication among members. We’ve decided to reproduce it below, in full, as HTML:

23 September 2021
su21024cp – 0.2.1/5.1/5.2

Extension of strike judgments to all staff “No moral damages. No apology.” What next?

In his Communiqué of 14 September, Mr Campinos finally detailed the Office’s approach regarding the strike judgments of the 132nd session of the ILOAT. The Office intends to apply the outcome of the judgments to all staff on strike since July 2013 only insofar as they concern excessive strike deductions or for unauthorised absence on 2 and 3 July 2013. No moral damages will be awarded to those who neither filed a complaint in front of the Tribunal nor an application to intervene1. In a meeting with the Central Staff Committee (CSC) on 15 September, Mr Campinos even strongly excluded any form of apology from the Organisation to its staff.

The Office intends to conclude all payments by the end of the year. For the time being, we strongly recommend that you maintain your pending complaints and applications to intervene. This paper provides more details.

Meeting with the President: Lessons (not) learnt
On 15 September, the staff representation could address for the first time directly with Mr Campinos

the ILOAT strike judgments of 7 July. The staff representation argued that all EPO staff had been adversely prejudiced by the violation of their fundamental right to strike and by abuses of power. An International Organisation cannot take a fundamental right from its staff, give it back more than 8 years later and pretend that nothing happened. In his reply, Mr Campinos threatened to reduce cash injections into the pension reserve funds if he were to grant moral damages to all staff. Mr Campinos added that we should understand that in our Organisation, it’s just about moving money from one place to another. One could expect that upper management could be held accountable for designing HR policies violating fundamental rights, but Mr Campinos preemptively warned anyone who could point the finger at his services which he fully entrusts with further reforms.

The staff representation then suggested that the Organisation takes responsibility for mistakes of the past by at least apologizing to its staff. Mr Campinos bursted out in anger and shouted that he would not apologize and that we would never get an apology from him. With this statement, Mr Campinos confirms that he not only takes full responsibility for the continued policies during the first 3 years of his mandate, but also fully endorses the Battistelli administration. Mr Campinos reproached the staff representation to be not constructive when willing to discuss events that happened ages ago and added that we may have won this one but we don’t win 8 out of 10 of our

_____________
1 According to Laurent Germond, Director Employment Law, the Office identified 38 complaints still pending in front of the Tribunal, some of them being joined by interveners.


cases. Here, Mr Campinos confused quality and production: in terms of legal procedures, some are more fundamental than others.

In the meeting, Laurent Germond, Director Employment Law, recalled that the Tribunal’s statute does not foresee any class action procedure and that complaints will remain of an individual nature. The Office intends to apply the outcome of the judgments to all staff on strike since July 2013 only insofar as they concern excessive strike deductions or for unauthorised absence on 2 and 3 July 2013.

SUEPO expresses its solidarity to all staff in the HR Department who are now striving to conclude all payments by the end of year and have to repair the damages caused by their upper management.

What next?

Concerning the still running procedures against the strike regulations, we recommend the following:

I. Case AT-5 5167: Mr Battistelli abused his power by not organising the UNITY ballot

In his Communiqué of 14 September and as confirmed in front of the staff representation, Mr Campinos excludes the award of moral damages to all staff who were deprived of their right to vote in the ballot for the strike of the “UNITY initative” of 16 May 2014.

SUEPO recommends that complainants and those who file applications to intervene (see instructions here) maintain their procedures.

II. Case AT-5 5179: the SUEPO called strike of 2 July 2013 was lawful

In his Communiqué of 14 September and as confirmed in front of the staff representation, Mr Campinos intends to apply the outcome of Judgment 4433, but only partially, to all those employees who participated in the industrial action of 2 and 3 July 2013. The unlawful deductions for unauthorised absence will be reimbursed, the threatening letter from Principal Director Human Resources (Ms Bergot at the material time) will be removed from the personal file, but no moral damages will be awarded.

SUEPO recommends that complainants and those who file applications to intervene (see instructions here) maintain their procedures.

III. Management review MR/2021-0025
Excessive strike deductions of the January 2021 for the December 2020 strike

Mr Campinos had rejected the management review in a decision dated 21 June 2021.

In his Communiqué of 14 September, Mr Campinos announces that the outcome of Judgment No. 4435 will be applied to all those employees who went on strike since the introduction of CA/D 5/13. This concerns as well the deductions made on the January 2021 salary slip which are now expected to be reimbursed with interests at 5% per annum, less the amounts which could have been deducted on the basis of 1/30th (as applicable prior to the introduction of CA/D 5/13).

SUEPO considers it not necessary that all concerned staff file a mass appeal against the rejection decision for MR/2021-0025 dated 21 June 2021.


IV. Case AT-5 5244: Excessive strike deductions of 1/20th are unlawful and punitive

The extension of the outcome of Judgment No. 4435 concerns the strike deductions during the period of October 2013 until April 2016 covered by this case and which are now expected to be reimbursed with interests at 5% per annum, less the amounts which could have been deducted on the basis of 1/30th (as applicable prior to the introduction of CA/D 5/13).

As long as the payments are not concluded, SUEPO recommends that complainants and those who file applications to intervene (see instructions here) maintain their procedures.

Conclusion
The still pending complaints and the filing of hundreds of applications to intervene since the announcement of the strike judgments on 7 July may have been one of the reasons for Mr Campinos to extend the outcome of some of the judgments to all staff.

We regret that Mr Campinos only decided to opt for a partial extension of the outcome excluding noticeably moral damages. This shows once again that in order to fully safeguard their rights, EPO staff must go to litigation.

SUEPO Central

As a side note, I was having a very productive today. Had a long (and long-distance) call with political entities willing to do something about EPO abuses. Tons of time and energy has been poured into it (research and talking/communicating), but it needs to be done and we hope to have some breakthrough soon. We’ll refrain from sharing any more details as they can jeopardise the process at this relatively early stage.

Links 23/9/2021: PostgreSQL 14 RC 1 and MidnightBSD 2.1

Posted in News Roundup at 1:04 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Audiocasts/Shows

    • Kernel Space

      • A Fix Is Pending For That Linux 5.15 Performance Regression – Phoronix

        Last week was the article on noticing various workloads performing slower on the Linux 5.15 development kernel. There is now a patch pending that in testing so far does indeed correct the performance drop on this forthcoming kernel.

        As outlined in that prior article, the Linux 5.15 performance regression was tracked down to memory accounting “memcg” changes that landed during the Linux 5.15 merge window.

      • “panel-edp” Driver On Its Way To Linux 5.16 To Make For Less Hard-Coded eDP Panel Configs – Phoronix

        The latest batch of miscellaneous Direct Rendering Manager changes are on their way to DRM-Next for Linux 5.16. Notable from this new drm-misc-next batch is the new “panel-edp” driver.

        The panel-edp driver is focused on addressing the issue of right now most Embedded DisplayPort panels rely on hard-coded Device Tree files in the Linux kernel even though much of the information can be automatically probed. Most eDP panels are “99% probable” and this panel-edp driver effort works on that to make for more eDP panels to be probed dynamically at run-time rather than hard-coded.

      • Graphics Stack

        • Microsoft’s “CLOn12″ Mesa Code Adds SPIR/SPIR-V Support [Ed: Microsoft is already polluting Linux with proprietary DirectX in a classic E.E.E. move]

          Microsoft’s “CLOn12″ effort to allow OpenCL over DirectX 12 by leveraging Mesa now has landed a major rework to its code within Mesa.

          There’s been a five month old merge request to Microsoft’s CLC code within Mesa to rework its compiler interface. The focus of this big patch series from Microsoft has been on being able to support SPIR and SPIR-V within CLOn12. Plus this reworked code is in better shape.

        • AMD’s Older Radeon GPUs Get Ray Tracing Support on Linux

          Sometimes new technologies can work on old hardware. Who needs one of the best graphics cards when you can just use older hardware? This week enthusiasts working on Mesa, an open source implementation of OpenGL and Vulkan APIs for Linux, created a merge request for the RADV ray tracing driver for AMD’s RDNA 2 GPUs, enabling it to work with previous-generation graphics cards. The question is, how well will they work?

          “This PR implements ray-tracing for older generations (Navi, Vega, Polaris, etc.),” wrote Joshua Ashton, a developer of DXVK and other Direct3D-on-Vulkan works for Valve, reports Phoronix. “It does this by emulating the AMD bvh intersection instructions in software. Right now this passes CTS the same as on RDNA 2 cards.”

          In recent times software and hardware ray tracing support has been the focus of many industrial discussion as the technology has to be implemented properly to bring significant quality improvements. But that also causes massive performance hits even on modern hardware that supports hardware acceleration for ray tracing, such as AMD’s Radeon RX 6000-series GPUs based on the RDNA 2 architecture.

          Ubisoft’s decision not to implement ray tracing into Far Cry 6 for the latest game consoles greatly illustrates this controversy. But apparently Linux enthusiasts want to enable ray tracing support in Vulkan even on outdated architectures like the original RDNA from 2019 as well as GCN 4/5 from 2016/2017.

    • Applications

      • 3 Best Free and Open Source GUI Image Compression Tools

        Data compression is the process of storing data in a format that uses less space than the original representation would use. Compressing data can be very useful particularly in the field of communications as it enables devices to transmit or store data in fewer bits. Besides reducing transmission bandwidth, compression increases the amount of information that can be stored on a hard disk drive or other storage device.

        There are 2 main types of compression. Lossy compression is a data encoding method which reduces a file by discarding certain information. When the file is uncompressed, not all of the original information will be recovered. Lossy compression is typically used to compress video, audio and images, as well as internet telephony. The fact that information is lost during compression will often be unnoticeable to most users. Lossy compression techniques are used in all DVDs, Blu-ray discs, and most multimedia available on the internet.

      • GStreamer 1.19.2 unstable development release

        The GStreamer team is pleased to announce the second development release in the unstable 1.19 release series.

        The unstable 1.19 release series adds new features on top of the current stable 1.18 series and is part of the API and ABI-stable 1.x release series of the GStreamer multimedia framework.

        The unstable 1.19 release series is for testing and development purposes in the lead-up to the stable 1.20 series which is scheduled for release in a few weeks time. Any newly-added API can still change until that point, although it is rare for that to happen.

        Full release notes will be provided in the near future, highlighting all the new features, bugfixes, performance optimizations and other important changes.

        This development release is primarily for distributors and early adaptors and anyone who still needs to update their build/packaging setup for Meson.

    • Instructionals/Technical

      • Basic Networking Commands in Linux

        Today I will be doing a better overview of some basic networking commands in Linux.

        I recently created a short and sweet thread on twitter with these commands, so right now, I will be going over them a bit more with more detail and information.

      • How to disable touchscreen on Ubuntu? – blackMORE Ops

        Recently I installed Ubuntu 20.04 on my Dell Inspiron 5547 laptop. I have replaced the HDD on this laptop with a SSD, swapped WLAN card with a Killer WLAN card. With Linux running, it’s very fast and responsive. However, I needed to disable the touchscreen on Ubuntu permanently.

      • How to Add Distributed Firewall (DFW) Rules in in VMware NSX-T Datacenter – buildVirtual

        Distributed firewall rules are applied at the VM (vNIC) level and control East-West traffic within the SDDC. Traffic attempting to pass through the dfw is subject to the rules that have been defined. The firewall rules are grouped into policies, which in turn belong to a category.

      • Check The Timezone in Linux – Unixcop

        In this small guide, I will explain how to check timezone in Linux using 4 Easy Methods. System time is usually defined by timezone. Please aware that entire globe divided into multiple timezones which determines its local time.

        There are a number of time management utilities available on Linux such as date and timedatectl commands to get the current timezone of system and synchronize with a remote NTP server to enable an automatic system time handling.

      • Distraction free writing in Vim with Goyo | Hund

        I can’t believe that I’ve forgotten to write about one of my most used Neovim plugin ever. The plugin I’m talking about is called Goyo.

        It adds a distraction free mode that helps me focus on my writing by centering the content and hiding all other elements.

      • How to Change Login Screen Background in Fedora Workstation

        In this guide, we will show you how you can change the login screen background image of Fedora Workstation (GNOME edition).

      • How To Configure PostgreSQL to Allow Remote Connections – TecAdmin

        An open-source, object-based relational database PostgreSQL, provides the user with the implementation of SQL and is commonly hosted on Linux. With PostgreSQL users can expand the system by defining self data types, functions, and operators.

        PostgreSQL is used by many large companies to save and store their data for various applications and it supports various programming interfaces as well as videos, texts, and images. In this article we’ll first go through the installation of PostgreSQL on ubuntu 20.04 then we’ll configure it to allow remote connection

      • How To Install Kubectl on Ubuntu 20.04 LTS – idroot

        In this tutorial, we will show you how to install Kubectl on Ubuntu 20.04 LTS. For those of you who didn’t know, Kubectl is a command-line client for running commands against Kubernetes clusters. It is capable of deploying applications, managing the clusters, viewing their logs, etc.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of Kubectl on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

      • Use Variables in Bash Scripts [Unusual Advanced Ways]

        You probably are aware of variables in Bash shell scripting.

        Like other programming and scripting languages, you use variables to store the data and then reference them later in future commands.

        name=”Linux Handbook”
        echo “Hello $name!”
        And it will print “Hello Linux Handbook!”.

        Outside of the example above, there’s also a surprisingly large amount of things you can do with variables, such as filling in a default value when the variable isn’t set, and assigning multiple values to a single variable.

        Let me show you these unusual and advanced usage of variables in bash scripting.

      • How to Add Password to Protect a Vim File in Linux – Unixcop

        Vim a contraction of Vi IMproved) is a free and open-source, screen-based text editor program for Unix

        Vim is a popular text editor for Linux, It’s one of its special features is support for encrypting text files using various crypto methods with a password.

        We will explain one of the simple Vim usage tricks; password protecting a file using Vim in Linux.

      • How to Install Nagios Core and NRPE on CentOS 8 – Unixcop

        Nagios is a free open source tool to monitor various network devices and servers in a network. It support both Linux and Windows OS and provides intuitive web interface to monitor network resources. When configured it can alert you via Email in case of a network device or server goes down or malfunctions. We will move towards installation and configuration of Nagios Core and NRPE (plugin).

      • How to configure bind with Debian 11 – Unixcop

        Today we will learn how to configure bind with Debian 11. World of the internet is not possible without DNS service. For Linux BIND to that DNS jobs. So what is bind or DNS? Well, its basic role is to patch a specific domain name with a specific IP address. When you are looking for a website over the internet it will resolve the domain name to IP address and vice versa. Usually, 53 is the port number for DNS services. Let’s have a look at how we can configure that service step by step.

      • How to Install Python 3.10 on Rocky Linux 8
    • Games

      • Chilly survival game The Long Dark gets Episode 4 in October | GamingOnLinux

        After the third episode of The Long Dark releasing back in October 2019, Hinterland Studio has confirmed Episode 4 will appear on October 6. Two years of waiting, hopefully it will be worth it.

        This episode has been given the title “FURY, THEN SILENCE”. Here’s the synopsis: “A murderous gang of convicts have captured Mackenzie. Desperate to escape one of the darkest corners of Great Bear Island, he must somehow survive his fiercest enemy yet. Can Mackenzie recover the Hardcase, continue his search for Astrid, and save the innocents caught up in this deadly confrontation?”

      • Tiles editor progress report #5

        Here comes a new progress report about the Tiles editor rework. This is most likely the last progress report before the 4.0 alpha. The previous blog post can be found here.

        Tile atlas editing

        Some improvements were made to the tile atlas editor.

        I first reorganized the tiles creation menus, which are now split into 3 modes. The first mode allows editing the atlas properties and creating/removing base tiles, the second one allows selecting and editing tiles properties, and the last one is to paint properties over the tiles.

        In this third mode, I implemented a dedicated editor for tile shapes (collision shapes, occluders, naviagation shapes). Set by default to the tile’s base shapes, it then can be painted over tiles.

      • Steam Client Beta updated with PipeWire desktop capture for Remote Play | GamingOnLinux

        Valve continue upgrading and tweaking the Steam client with a fresh Beta version being released today with a couple of tweaks that are interesting for Linux users.

        Some of the issues fixed are for everyone including slow startup after suspend, Cloud Sync will now happen as soon as possible to avoid delays launching games and for Remote Play they fixed using multiple PS5 controllers from the Steam Link app.

    • Desktop Environments/WMs

      • GNOME Desktop/GTK

        • Linux / Unix desktop Gnome 41: performance boost and better settings dialog

          The Gnome project has released version 41 of its Linux / Unix desktop. In addition to a significantly improved settings dialog, it offers an improved calendar application, “Connections” for remote connections to other computers and improvements to the Nautilus file manager. On top of that, the developers promise more oomph through various performance improvements.

          The now updated Gnome is one of the established desktop environments in the open source world. Similar to KDE, Gnome has existed for over two decades and has reinvented itself several times during this time. Today Gnome sets itself apart from most other environments: The Gnome shell as the main element of the desktop, for example, does not imitate the classic look of Windows, but arranges the desktop completely differently. The previous major version of Gnome, 40th, also brought significant visual changes compared to the previous version.

        • GNOME 41 Overview and Where to Download

          GNOME 41, the latest stable version of an easy and elegant desktop user interface, just released Wednesday 22 September 2021 six month after the previous version. This article overviews the release with step by step guide for you to download and try it out on computer. Thanks to GNOME, now software freedom is more user friendly and accessible for all computer users!

    • Distributions

      • BSD

        • MidnightBSD 2.1

          I’m happy to announce the availability of MidnightBSD 2.1 for amd64 and i386. This is an incremental release focusing on bug fixes, improvements to the package manager and a new system compiler.

      • Gentoo Family

        • Experimental binary Gentoo package hosting (amd64)

          As an experiment, I’ve started assembling a simple binary package hosting mechanism for Gentoo. Right now this comes with some serious limitations and should not be used for security or mission critical applications (more on this below). The main purpose of this experiment is to find out how well it works and where we need improvements in Portage’s binary package handling.

      • SUSE/OpenSUSE

        • The 2021 SUSE One Partner Awards Go To… [Ed: Corporate 'awards'... to corporations]

          It gives me great pleasure to announce the winners of the 2021 SUSE One Partner Awards! The awards are to honour those partners who have gone above and beyond for our joint customers in what has undoubtedly been one of the most challenging years for many.

      • IBM/Red Hat/Fedora

        • IBM manager sued for £290k after filing tribunal case • The Register
        • Red Hat Satellite 6.9.6 has been released

          We are pleased to announce that Red Hat Satellite 6.9.6 is generally available as of September 22, 2021.

          Red Hat Satellite is part of the Red Hat Smart Management subscription that makes it easier for enterprises to manage patching, provisioning, and subscription management of Red Hat Enterprise Linux infrastructure.

        • Red Hat Shares ― DevSecOps

          All organizations are susceptible to information security threats―from cybercrime, which was predicted to cost the world US$6 trillion in 2021, to human error, which accounts for 95% of cybersecurity breaches.

          No matter the type of threat, your organization needs to protect itself by maintaining security controls across its stack. That’s where DevSecOps comes in. Security shouldn’t be an afterthought. DevSecOps means thinking about application and infrastructure security from the start, building it into every phase of the life cycle and stack―especially now that workloads are spread across environments.

          The good news: 74% of organizations that responded to our 2021 “Kubernetes adoption, security, and market trends” survey have a DevSecOps initiative in place, and 25% have an advanced initiative, integrating and automating security throughout the life cycle.

        • Should I migrate my application to the cloud? Here’s how to decide

          There comes a time in the life of an application when someone asks: “Should we move this to the cloud?” Public and private clouds often breathe life into existing applications with more flexibility, simpler maintenance, and better performance. However, these lift and shift migrations come with tradeoffs.

          Should the application be migrated? If so, should you take the opportunity to make changes to the application along the way? How do you make a plan and stick to it? This post answers those questions and more.

        • Poettering: Authenticated Boot and Disk Encryption on Linux

          Here’s a lengthy missive from Lennart Poettering taking Linux distributors to task for inadequately protecting systems from physical attacks.

        • AI applications optimizing actions based on data and predictions with Palantir for IBM Cloud Pak for Data

          Palantir for IBM Cloud Pak for Data enables building no-/low-code line of business applications using data, machine learning, and optimization from IBM Cloud Pak for Data. Ontology managers can define business-oriented data models integrating data from IBM Cloud Pak for Data. Application builders can use Palantir tools to create applications using these data models. Additionally, applications can integrate machine learning models from IBM Cloud Pak for Data to infuse predictions, as well as decision optimization result data from IBM Cloud Pak for Data to determine optimized actions based on data and predictions.

          This blog post explains how to create AI-infused apps using Palantir ontology and application building tools together with IBM Cloud Pak for Data model deployments and data and AI catalog. It also outlines the underlying integration architecture.

      • Canonical/Ubuntu Family

        • GNOME 41 Released! New Remote Desktop App, Multitasking & Mobile Network Settings

          After half a year of development, the GNOME project announced version 41 of its popular Linux desktop environment.

          GNOME 41 comes with some exciting new features. The upper right corner system tray menu now includes option to make it easy to switch Power Mode between “Balanced” and “Power Saver”. It’s said that “Performance mode” is only visible on hardware that supports this feature, though I don’t understand which hardware required, may be a dedicated graphics card.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Web Browsers

        • Chromium

          • Chromium compiled for 12 hours before failing

            Ha ha, the saga continues. Not sure if I should plug away at this, or just give in and use the official binary package. This was the previous attempt:

            https://bkhome.org/news/202109/another-attempt-to-compile-chromium.html

            I learnt a lot from that, so applied some of that new knowledge and had another go. Started the compile at 10am this morning, has just now failed, at just on 10pm. There was one failure in the morning, that I caught just after it happened, and applied a hack to fix it. Here are my notes…

            [...]

            That last error means nothing to me.

      • SaaS/Back End/Databases

        • PostgreSQL 14 RC 1 Released!

          The PostgreSQL Global Development Group announces that the first release candidate of PostgreSQL 14 is now available for download. As a release candidate, PostgreSQL 14 RC 1 will be mostly identical to the initial release of PostgreSQL 14, though some more fixes may be applied prior to the general availability of PostgreSQL 14.

          The planned date for the general availability of PostgreSQL 14 is September 30, 2021. Please see the “Release Schedule” section for more details.

      • CMS

        • Build your website with Jekyll | Opensource.com

          Static website generators and JAMStack have taken off in recent years. And with good reason. There is no need for complex backends with only static HTML, CSS, and Javascript to serve. Not having backends means better security, lower operational overhead, and cheaper hosting. A win-win-win!

          [...]

          The command jekyll serve is great for local testing. But once you’re done with local testing, you’ll want to build the final artifact to publish. The command jekyll build –source source_dir –destination destination_dir builds your website into the _site folder. Note that this folder is cleaned up before every build, so don’t place important things in there. Once you have the content, you can host it on a static hosting service of your choosing.

          You should now have a decent overall grasp of what Jekyll is capable of and what the main bits and pieces do. If you’re looking for inspiration, the official JAMStack website has some amazing examples.

      • FSF

        • GNU Projects

          • GCC 12 Adds Stack Variable Auto-Initialization, Other Security Improvements Forthcoming

            Qing Zhao of Oracle presented yesterday during the LPC2021 GNU Tools Track around the work they and others have been engaged in for improving the security of the GNU Compiler Collection (GCC).

            In some areas this GCC security work is about catching up with security features already implemented by LLVM Clang. Among the features have been for zeroing out caller-used registers on return, auto initializing of stack variables, unsigned overflow detection, and more. For instance with GCC 11 is the zero-call-used-regs compiler feature and now with Linux 5.15 that feature can be optionally used to enhance the kernel security.

        • Licensing/Legal

          • Software freedom podcast with Till Jaeger

            We talk about how Till got involved in Free Software, highlight the short and long term impacts of the first court decisions, about some of the most common misunderstandings of Free Software licensing, as well as the role of the FSFE’s legal network in fostering the discussion and knowledge for Free Software legal and licensing topics. I highly appreciate Till for being able to explain complex legal topics, so non-lawyers can understand them.

  • Leftovers

    • Health/Nutrition

      • 3D Printed Sensor Detects Glyphosate

        Typically, detecting glyphosate — a herbicide — in a beverage requires a sophisticated test setup. But Washington State University has a 3D printed sensor that uses nanotubes to simplify the detection of the toxin.

        The idea is very similar to inexpensive blood glucose monitors. The test will eventually find use for human samples, but the initial testing was for detecting contamination in orange juice.

    • Integrity/Availability

      • Proprietary

        • Pseudo-Open Source

          • Privatisation/Privateering

            • Linux Foundation

              • The Linux Foundation & edX Teach Open Source to 2 Million Learners [Ed: So-called ‘leaning’ [1, 2]]

                The Linux Foundation, the nonprofit organization enabling mass innovation through open source, is proud to announce there have been two million enrollments to date across all of its online courses offered on the edX platform. These open source training courses have continually increasing rates of enrollment growth as the curriculum continues to expand, with offerings covering technologies like cloud infrastructure, blockchain, networking, and DevOps.

        • Security

          • ROT8000

            ROT8000 is the Unicode equivalent of ROT13. What’s clever about it is that normal English looks like Chinese, and not like ciphertext (to a typical Westerner, that is).

          • EnduraData Updates File Synchronization for Ransomware & Linux Containers
          • Cisco Releases Security Updates for Multiple Products

            Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

          • Security updates for Thursday

            Security updates have been issued by Debian (ruby-kaminari and tomcat8), Mageia (389-ds-base, ansible, apache, apr, cpio, curl, firefox, ghostscript, gifsicle, gpac, libarchive, libgd, libssh, lynx, nextcloud-client, openssl, postgresql, proftpd, python3, thunderbird, tor, and vim), openSUSE (chromium, ffmpeg, grilo, hivex, linuxptp, and samba), Oracle (go-toolset:ol8, kernel, kernel-container, krb5, mysql:8.0, and nodejs:12), SUSE (ffmpeg, firefox, grilo, hivex, kernel, linuxptp, nodejs14, and samba), and Ubuntu (ca-certificates, edk2, sqlparse, and webkit2gtk).

          • CISA Releases Guidance: IPv6 Considerations for TIC 3.0

            The federal government has prioritized the transition of federal networks to Internet Protocol version 6 (IPv6) since the release of Office of Management and Budget (OMB) Memorandum 05-22 in 2005. In 2020, OMB renewed its focus on IPv6 through the publication of OMB Memorandum 21-07. That memorandum specifically entrusts CISA with enhancing the Trusted Internet Connections (TIC) program to fully support the implementation of IPv6 in federal IT systems.

    • Environment

      • Wildlife/Nature

        • ASMR Video Shows Tortoise Eating Veggies | Mental Floss

          It takes the tortoise in the video more than eight minutes to devour the strawberry, blueberry, broccoli floret, and piece of pumpkin laid out in front of it. The microphones poking into the top half of the frame capture every satisfied crunch and nibble. The audio will only trigger ASMR in people who are sensitive to the phenomenon. If you don’t experience the “brain tingles” that characterize ASMR, you may still enjoy watching the cuteness on display below.

    • Censorship/Free Speech

      • China’s tech crackdown – for consumers’ good or greater control?

        China’s moves are about control of data of tech firms, say civil society groups, who fear other governments may follow suit

        [...]

        China last month banned under-18s from playing video games during the week, with play restricted to just one hour on Fridays, weekends and holidays.

        It also instructed gaming companies to prevent children playing outside these times and ensure they have real-name verification systems to limit abuse.

        Last week, the short video app Douyin, the Chinese version of TikTok, said that all its authenticated users below the age of 14 will now access the app in “youth mode” – limiting users access for up to 40 minutes a day, between 6 am and 10 pm.

        Authorities have also sought to increase oversight of the algorithms tech companies use, saying that companies must abide by business ethics and principles of fairness, and ordering food delivery companies to provide better protection for workers.

    • Civil Rights/Policing

      • Advocates to U.S. Congress: Fund FTC to combat data abuse

        Today, Access Now joined a coalition of civil society organizations to support the U.S. House Energy and Commerce committee’s proposal to increase the Federal Trade Commission’s (FTC) funding by $1 billion over ten years. The funding would be used to create a new FTC bureau that will focus on policing privacy, security, and data abuse matters.

        “Privacy and data protection issues have human rights and racial equity implications,” said Willmary Escoto, U.S. Policy Analyst at Access Now. “With such paltry funding and staffing, the FTC has been forced to ration its limited resources to focus on cases with the biggest impact, likely letting many violators off the hook. Increased funding will allow the Commission to hire more staff and take more cases that help reduce racial inequity.”

    • Internet Policy/Net Neutrality

      • Nitter and other Internet reclamation projects

        The world wide web has become an annoying, ultra-commercialized space. Many websites today are prioritizing the interests of the company behind the domain, at the expense of the user’s experience and well-being. This has been a frustrating problem for several years, but lately there’s been a heartwarming trend of users fighting back against the corporate web and stepping up to help and serve each other’s needs in spite of them, through what I’ve come to think of as Internet reclamation projects.

        I think the first of these which appeared on my radar was Invidious, which scrapes information off of a YouTube page and presents it in a more pleasant, user-first interface— something which NewPipe also does well for Android. These tools pry data out of YouTube’s hands and present it on a simple UI, designed for users first, with no ads or spyware, and with nice features YouTube would never add, like download links, audio mode, and offline viewing. It shows us what users want, but YouTube refuses to give.

        Another project which has been particularly successful recently is Nitter, which does something similar for Twitter. Twitter’s increasingly draconian restrictions on who can access what data, and their attitude towards logged-out users in particular, has been a great annoyance to anyone who does not have, and does not want, a Twitter account, but who may still encounter Twitter links around the web. Nitter has been quite helpful in de-crapifying Twitter for these folks. I have set up an automatic redirect in my browser which takes me straight to Nitter, and I never have to see the shitty, user-hostile Twitter interface again.

    • Monopolies

Links 23/9/2021: More UPC PR Stunts and IBM (Poettering) TPM for Linux

Posted in News Roundup at 8:01 am by Dr. Roy Schestowitz

  • GNU/Linux

    • Audiocasts/Shows

      • BSDNow 421: ZFS eats CPU

        Useless use of GNU, Meet the 2021 FreeBSD GSoC Students, historical note on Unix portability, vm86-based venix emulator, ZFS Mysteriously Eating CPU, traceroute gets speed boost, and more

    • Kernel Space

      • The rest of the 5.15 merge window

        Linus Torvalds released 5.15-rc1 and closed the merge window for this release on September 12; at that point, 10,471 non-merge changesets had found their way into the mainline repository. Those changesets contain a lot of significant changes and improvements. Read on for a summary of what came into the mainline in the roughly 7,000 changesets pulled since our first-half summary was written.

      • The folio pull-request pushback

        When we last caught up with the page folio patch set, it appeared to be on track to be pulled into the mainline during the 5.15 merge window. Matthew Wilcox duly sent a pull request in August to make that happen. While it is possible that folios could still end up in 5.15, that has not happened as of this writing and appears increasingly unlikely. What we got instead was a lengthy discussion on the merits of the folio approach.

        The kernel’s memory-management subsystem deals with memory in pages, a fundamental unit that is generally set by the hardware (and is usually 4KB in size). These “base” pages are small, though, so the kernel often needs to deal with memory in larger units. To do so, it groups sets of physically contiguous pages together into compound pages, which are made up of a head page (the first base page of many in the compound page) and some number of tail pages. That leads to a situation where kernel code that is passed a struct page pointer often does not know if it is dealing with a head or a tail page without explicitly checking.

        It turns out that the “make sure this is a head page” checks add up to a certain amount of expense in a running kernel. The use of struct page everywhere also makes kernel APIs unclear — it can be difficult to know if a given function can cope with tail pages or not. To address this problem, Wilcox created the concept of a “folio”, which is like a struct page but which is known not to be a tail page. By changing internal functions to use folios, Wilcox is able to speed up the kernel and clean up the API at the same time. The patch set is huge and intrusive, but it appeared to have overcome most resistance and be ready to head into the mainline kernel.

      • Extended attributes for special files

        The Linux extended-attribute mechanism allows the attachment of metadata to files within a filesystem. It tends to be little used — at least, in the absence of a security module like SELinux. There is interest in how these attributes work, though, as evidenced by the discussions that have followed the posting of revisions of this patch by Vivek Goyal, which seeks to make a seemingly small change to the rules regarding extended attributes and special files.

        Specifically, extended attributes (often referred to as “xattrs”) are name-value pairs that can be attached to a file. The name of an extended attribute is divided into a namespace and an identifier within the namespace. The namespace is currently one of security, system, user, or trusted; each namespace has its own special rules. As a general rule, system and trusted see little use. The security namespace, instead, is used by a number of Linux security modules. An example of a security attribute can be seen by running getfattr on a system that is set up for SELinux

      • systemd OOMD Maturing Nicely, Adds Support For User Services – Phoronix

        Systemd-oomd as the out-of-memory daemon originally developed by Facebook has been maturing nicely since being merged last year and then its most notable deployment to date has been with Fedora 34′s debut earlier this year. Anita Zhang of Facebook provided an update today on the systemd-oomd effort.

      • Graphics Stack

        • Peter Hutterer: What’s new in XI 2.4 – touchpad gestures

          After a nine year hiatus, a new version of the X Input Protocol is out. Credit for the work goes to Povilas Kanapickas, who also implemented support for XI 2.4 in the various pieces of the stack [0]. So let’s have a look.

          X has had touch events since XI 2.2 (2012) but those were only really useful for direct touch devices (read: touchscreens). There were accommodations for indirect touch devices like touchpads but they were never used. The synaptics driver set the required bits for a while but it was dropped in 2015 because … it was complicated to make use of and no-one seemed to actually use it anyway. Meanwhile, the rest of the world moved on and touchpad gestures are now prevalent. They’ve been standard in MacOS for ages, in Windows for almost ages and – with recent GNOME releases – now feature prominently on the Linux desktop as well. They have been part of libinput and the Wayland protocol for years (and even recently gained a new set of “hold” gestures). Meanwhile, X was left behind in the dust or mud, depending on your local climate.

          XI 2.4 fixes this, it adds pinch and swipe gestures to the XI2 protocol and makes those available to supporting clients [2]. Notably here is that the interpretation of gestures is left to the driver [1]. The server takes the gestures and does the required state handling but otherwise has no decision into what constitutes a gesture. This is of course no different to e.g. 2-finger scrolling on a touchpad where the server just receives scroll events and passes them on accordingly.

    • Applications

      • Roundup: managing issues for 20 years

        The Roundup Issue Tracker is a flexible tool for managing issues via the web or email. However, Roundup is useful for more than web-based bug tracking or help-desk ticketing; it can be used as a simple wiki or to manage tasks with the Getting Things Done (GTD) methodology. The 20th-anniversary edition of Roundup, version 2.1.0, was released in July; it is a maintenance release, but there have been a number of larger improvements in the last year or so. Here we introduce Roundup’s features along with the recent developments that have helped make Roundup even more useful for tracking issues to their resolution.

    • Instructionals/Technical

      • How To Install PostgreSQL on Debian 11 – idroot

        In this tutorial, we will show you how to install PostgreSQL on Debian 11. For those of you who didn’t know, PostgreSQL is a powerful, open-source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. With over 30 years of active development, PostgreSQL is widely used as a database for numerous mobile and web applications.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of PostgreSQL 13 on a Debian 11 (Bullseye).

      • How to Convert xlsx to CSV Format in Linux

        The windows-based Microsoft Excel application is known for its indisputable open XML spreadsheet files support. This same support also extends to XLSX file formats.

        As you adapt or migrate to the Linux operating system environment, you will find the use of CSV or Comma-Separated file format a lot more convenient due to some of the following prime reasons…

      • How to Install Nextcloud on Debian 11

        Nextcloud is open-source software for creating public and private file storage. It allows you to create your self-hosted services like Dropbox, Google Drive, or Mega.nz. Originally, it’s created by the original owncloud developer Frank Karlitschek. In 2016, he forks the Owncloud project and creates a new project with the new name “Nextcloud”

        By this time, the Nextcloud project growing rapidly and becoming more than file hosting software, it’s more like a file sync and content collaboration platform. Backed with a lot of plugins, Nextcloud becomes such a powerful collaboration software. You can install plugins for project management, video conferencing, collaborative editing, note-taking, email client, etc.

        In this guide, you will learn how to install Nextcloud on the latest Debian 11 Bullseye. You will be installing Nextcloud under the LAMP Stack (Linux, Apache2/httpd, MySQL/MariaDB, and PHP).

      • How to Install and Use Docker on Rocky Linux 8 – VITUX

        Imagine a box in which you can put all of your files, and it will maintain integrity. This is what Docker does, providing an easy way to manage containers for any application on-premise or cloud-hosted with ease.

        What’s even better about this tool: It comes free (yes, really) as well as being open source so that everyone benefits from its use–not just those who have paid subscriptions like most big companies do these days.

        Docker allows you to put your application in a container, ship it and preserve the environment, as well as make sure that all of those pesky updates don’t break it. You can access much smaller servers and reduce bandwidth since everything is self-contained.

        The Docker team has been working very hard on this tool for a while now–and they have succeeded in making a very excellent and useful product. Those who have been working on or with Linux for a time can appreciate how amazing this is–finally an IT tool that works.

      • How to Remove Directories in Linux

        Spring cleaning is not only necessary for homes, Your Linux Mint 20 file system also needs to be decluttered regularly. An organized file system will save you or the system administrator a lot of headaches in the long run.

        In this article, you will learn how to remove your directories to organize your file system.

      • How to create documents with Bash scripts | Enable Sysadmin

        Bash “here documents” are a useful way to create uncomplicated YAML and HTML documents, inventory files, and emails.

      • Guide to Linux Ubuntu/Debian log files for beginners

        Updated – Ubuntu logs system events into the log files in order to help administrators maintain, analyze and diagnose system related issues and applications problems.

        Log files contain messages related to kernel, services and applications events that are kept on a centralized repository of log files under /var/log directory.

        There are various log files in Linux Ubuntu for different informations. For instance, there is a default log file dedicated to the system, another for security messages another for cron tasks. These log files are actually plain text (ASCII) written in a standardized log file format. Many of these log files are generated by the so called system log daemon, syslogd while some other applications generate their proper logs by writing to files under the directory /var/log.

        The log files generated can therefore be classified into four categories: event Logs, application Logs , system Logs and service Logs.

        In this article, we will provide an overview of Ubuntu log files, and show how to configure and use syslogd. You will also learn how log rotation works and how to view and read the log files. A brief introduction to systemd will be provided at the end .

    • Games

      • Valve answer questions about the Steam Deck in a new FAQ, anti-cheat for all Linux systems | GamingOnLinux

        After gathering questions from pretty much everyone, Valve has put up a new official FAQ page for the Steam Deck that answers some pretty important questions and it’s good news.

        One really important questions was answered on anti-cheat support too. There were concerns that with Valve working to get the likes of Easy Anti-Cheat and BattlEye to support Proton that it might somehow be locked to the Steam Deck. Thankfully, that is simply not the case. Valve has said very clearly that the improvements will “will make it to all systems using Proton”.

        [...]

        Sounds like it’s pretty much all good news. Being able to boot multiple systems clearly shows how it really is just a small-form factor PC, that will come with SteamOS (based on Arch Linux) by default. Users will be able to do whatever they want with it.

      • 10 Best Disney Mobile Games to Play in 2021

        Disney is one of the most popular and one of the largest global media companies. From movies to video games, Disney makes a variety of stuff with a long and detailed history. The history of Disney’s video games goes back overdecades when they were made for multiple game console platforms. However, Disney did not make a mark on the mobile platform until recently.

        In recent times, Disney has launched some decent games, both new and old, which are worth playing. That being said, Disney games are known for their simplicity and easy gameplay. The media house has some famous games under its name, which includes Star Wars and Marvel components. The best part about these games is the fact that they are generally free to play.

      • Creative farming and village life game Staxel is now available for Linux | GamingOnLinux

        Staxel, created by developer Plukit (the founder is a former Starbound developer) and publisher Humble Games is a popular and highly rated creative farming and village life game. As of today along with a Nintendo Switch release it’s also now available official on Linux.

        “In Staxel you build your world block by block from the ground up, so everything is customizable – whether it’s your own farmhouse or a redesign of the village shop to fit your desired aesthetic. Experience the world from a first-person perspective to really immerse yourself in your ideal country life. Whether you want a cozy overgrown cottage or your own wizard tower, you can build it!”

      • Q1K3 is a homage to Quake made with 13 kb of JavaScript | GamingOnLinux

        Games seem to be getting bigger all the time taking up vast amounts of drive space but what can be done with very little resources? Quite a lot actually as the Quake homage Q1K3 has shown.

        Developed for the js13kGames competition, where developers are given one month to create a game with HTML5 / JavaScript and possibly get a prize. The main constraint is that the file size limit for submissions is 13 kilobytes. It doesn’t sound like a lot and not much bigger than a blank LibreOffice document.

        One clever developer named Dominic Szablewski announced Q1K3 as their entry, which is a first-person Quake inspired shooter and it’s actually quite amazing considering just how tiny it is.

      • Valve Publishes New Steam Deck FAQ With A Few New Details Shared – Phoronix

        Valve today published a “Steam Deck FAQ” page sharing some additional information on this forthcoming Arch Linux powered handheld game system that will begin shipping at the end of Q4.

      • How I Built My New Linux Gaming Desktop in 2021 with AMD (CPU+GPU) and GNU Guix

        After my unexpected luck in getting a new GPU (the AMD 6700XT), it was finally time to build a new computer. While my previous desktop was still ticking, at 6 and a half years old (an Intel i5-4690K, Nvidia GTX 970; see details in our gaming rigs article) it was certainly not up to 4K gaming and VR. The GPU was by far the hardest thing to get, but by this summer most everything else was available and at more regular prices.

        [...]

        Overall, the main components follow a pretty typical mid-range to enthusiast gaming build for 2021. These are all solid, well recommended choices, at a good price to performance ratio. I’ll discuss my choice to move to all AMD below, but overall there wasn’t anything I had to worry about being Linux compatible. These days I’d mostly be concerned about Wi-Fi, along with any specialty hardware. I opted out of Wi-Fi since my desktop is right next to my router for a wired connection, though the Bluetooth would be handy for things like controlling the Valve Index’s base stations. That and Wi-Fi can be handled with a cheap USB adapter if I want it. (Honestly, the motherboard I wanted in white also didn’t have Wi-Fi, so that made the choice easier, too.) The only thing for me was wondering about controlling all that RGB, but open source comes through again, as I’ll detail later.

        In terms of specifics the 5600X is a great performer with the latest Zen 3 architecture and good single core performance to go with the 6 cores and 12 threads. This has become easily available, at least in the US, at or below MSRP. There are some great Zen 2 CPUs to pick from, but in my case I wanted the latest (I tend not to upgrade frequently, obviously) as well as plenty of power for photo editing and compiling as I’ve been contributing patches and packages to Guix.

    • Desktop Environments/WMs

      • GNOME Desktop/GTK

        • GNOME 41 Released, Available In 38 Languages | Itsubuntu.com

          GNOME 41 is now officially available for the public use and is available for download from the website of GNOME. GNOME 41 is loaded with tons of new features, improvements and tweaks. GNOME 41 is the second release to use GNOME’s new version numbering scheme. The next release, version 42, is planned for March 2022. GNOME 41 is available in 38 languages. You can also see the number of smaller enhancements.

        • GNOME 41 Desktop Environment Released, Download Now

          GNOME 41 Desktop Environment Released, Download Now, After six months of development represented by the release of desktop environments GNOME 41 . For a quick assessment of the capabilities of GNOME 41, specialized live builds based on openSUSE and an installation image prepared as part of the GNOME OS initiative are offered . GNOME 41 is also included in the experimental build of Fedora 35 builds .

          [...]

          A new Multitasking panel has been added to the configurator (GNOME Control Center) for customizing window and desktop management. In particular, in the Multitasking section, options are provided for disabling the call of the overview mode by touching the upper left corner of the screen, resizing the window when dragging it to the edge of the screen, selecting the number of virtual desktops, showing desktops on additionally connected monitors and switching between applications only for the current one. desktop by pressing the combination Super + Tab.

    • Distributions

      • IBM/Red Hat/Fedora

        • Fedora Community Blog: Outreachy final blog post

          My internship of 3 months with Fedora has come to an end. From submitting the form 2 times and finally making it the 3’rd time, the journey has been quite challenging. My project “Improve Fedora QA dashboard” motive was to make the dashboard more impactful so that it will be simplified for the newcomers and they can easily understand and contribute without any complexity.

          [...]

          The journey of Outreachy was very great. I learned lots of things, no more a noob now. My mentors were Lukas and Josef. Whenever I got stuck into something they always sought to help me. I didn’t even have the confidence in myself that I would be able to complete the tasks, but eventually, I did. I knew JavaScript, basic ReactJS, and Vanilla Js, however, the project was not about all this, I have implemented the things for the first time like react-i18n, docker, etc, the beginning of the internship was very smooth and easy going but as I came to the second task it was a bit challenging for me as I had to implement the same page twice with two different approaches so that mentors can choose the better one but what matters here was my learning, I feel the more complicating the tasks are, the more you build up yourself while making it easy, learned how to google finally, more about ReactJs and flourished my skills.

        • Leader election in Kubernetes using Apache Camel

          When deploying applications on Kubernetes, certain platform characteristics strongly influence the application’s architecture. In a greenfield setting, it’s all about harnessing the ephemeral nature of stateless applications. Applications are built to run in scenarios where there is an expectation of high availability via horizontal scaling. Not only can the application scale out, but Kubernetes’ orchestration characteristics emphasize that no individual pod is safe from destruction. Kubernetes is the epitome of the old U.S. Navy Seal saying: “Two is one, and one is none.”

          Workloads on Kubernetes don’t always fit this model, however. Some workloads are singular in nature, and parallelization isn’t an option. For example, suppose an application connects out to an external service and receives information asynchronously via a TCP socket or websocket. As part of this process, the application receives data, transforms the structure, and publishes that data into an Apache Kafka topic. In this case, only a single connection can be active at one time because of the possibility of publishing duplicate data (see Figure 1).

        • What is ethical Artificial Intelligence (AI)? 7 questions, answered

          Do you have some anxiety about Artificial Intelligence (AI) bias or related issues? You’re not alone. Nearly all business leaders surveyed for Deloitte’s third State of AI in the Enterprise report expressed concerns around the ethical risks of their AI initiatives.

          There is certainly some cause for uneasiness. Nine out of ten respondents to a late 2020 Capgemini Research Institute survey were aware of at least one instance where an AI system had resulted in ethical issues for their businesses. Nearly two-thirds have experienced the issue of discriminatory bias with AI systems, six out of ten indicated their organizations had attracted legal scrutiny as a result of AI applications, and 22 percent have said they suffered customer backlash because of these decisions reached by AI systems.

          As Capgemini leaders pointed out in their recent blog post: “Enterprises exploring the potential of AI need to ensure they apply AI the right way and for the right purposes. They need to master Ethical AI.”

        • Authenticated Boot and Disk Encryption on Linux

          Linux has been supporting Full Disk Encryption (FDE) and technologies such as UEFI SecureBoot and TPMs for a long time. However, the way they are set up by most distributions is not as secure as they should be, and in some ways quite frankly weird. In fact, right now, your data is probably more secure if stored on current ChromeOS, Android, Windows or MacOS devices, than it is on typical Linux distributions.

          Generic Linux distributions (i.e. Debian, Fedora, Ubuntu, …) adopted Full Disk Encryption (FDE) more than 15 years ago, with the LUKS/cryptsetup infrastructure. It was a big step forward to a more secure environment. Almost ten years ago the big distributions started adding UEFI SecureBoot to their boot process. Support for Trusted Platform Modules (TPMs) has been added to the distributions a long time ago as well — but even though many PCs/laptops these days have TPM chips on-board it’s generally not used in the default setup of generic Linux distributions.

          How these technologies currently fit together on generic Linux distributions doesn’t really make too much sense to me — and falls short of what they could actually deliver. In this story I’d like to have a closer look at why I think that, and what I propose to do about it.

          [...]

          Many of the mechanisms explained above taken individually do not require UEFI. But of course the chain of trust suggested above requires something like UEFI SecureBoot. If your system lacks UEFI it’s probably best to find work-alikes to the technologies suggested above, but I doubt I’ll be able to help you there.

        • Lennart: Linux Comes Up Short Around Disk Encryption, Authenticated Boot Security [Ed: All those proprietary software OSes have back doors in their ‘encryption’ (see e.g. [1, 2]) so quit helping their propaganda]

          Most Linux distributions are currently coming up short from offering adequate security around full disk encryption and authenticated boot. Prominent Linux developer Lennart Poettering even argues that your data is “probably more secure if stored on current ChromeOS, Android, Windows or macOS devices.”

          Lead systemd developer Lennart Poettering wrote a lengthy blog post today around the state of authenticated boot and disk encryption on Linux. While many Linux distributions offer full-disk encryption, offer UEFI SecureBoot, and begun embracing TPMs, many of the technologies aren’t being used to their best potential yet especially now by default / out-of-the-box.

      • Canonical/Ubuntu Family

        • How many Android containers can you fit on your VM?

          The Register speaks to Canonical about running the OS in the cloud

          Developers targeting Android are spoiled for choice with their platforms.

          There are a variety of options available for running Android application development environments these days. Even Microsoft has promised that its upcoming Windows 11 will eventually be able to run the apps on the desktop and has long since supported the mobile OS via its Your Phone app, even while smothering its ailing Windows Phone with a cuddly Android pillow.

          For Canonical, however, Anbox remains a cloud product, according to Simon Fels, engineering manager and is therefore unlikely to feature in any desktop version of the company’s Ubuntu distribution any time soon, although with September’s announcement it will now cheerfully scale from the heights of the cloud down to a single Virtual Machine via the Appliance version.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Web Browsers

        • Mozilla

          • 5 reasons to switch to Firefox right now

            Mozilla Firefox was one of the applications that opened my eyes to open source. It wasn’t by any means the tipping point, but it was part of a larger cumulative effect of several open source applications grabbing my attention, which ultimately resulted in me switching to Linux, and never looking back. Since switching to Firefox, which occurred well before I consciously changed to open source, I’ve been an avid Firefox user. My mobile phone was a Firefox OS mobile phone, and it was until the project was abandoned. Interestingly, though, I didn’t necessarily consider myself a Firefox fan. I used it then and continue to use it today because it continues to be the best browser available in many different ways. Here are five reasons you should switch to Firefox right now.

      • Programming/Development

        • Dirk Eddelbuettel: prrd 0.0.5: Incremental Mode

          The key idea of prrd is simple, and described in some more detail on its webpage and its GitHub repo. Reverse dependency checks are an important part of package development that is easily done in a (serial) loop. But these checks are also generally embarassingly parallel as there is no or little interdependency between them (besides maybe shared build depedencies). See the (dated) screenshot (running six parallel workers, arranged in a split byobu session).

          This release brings some new features I used of late when testing and re-testing reverse dependencies for Rcpp. Enqueuing jobs can now consider the most recent prior job queue file. This allows us to find new packages that were not part of the previous runs. We added a second toggle to also add those packages who failed in the previous run. Finally, the dequeue interface allows to specify a date (rather than defaulting to the current date, useful for long-running jobs or restarts).

        • Python

          • Revisiting NaNs in Python

            Back in January 2020, we looked at some oddities in Python’s handling of Not a Number (NaN) values in its statistics module. The conversation went quiet after that, but it has been revived recently with an eye toward fixing the problems that were reported. As detailed in that earlier article, NaNs are rather strange beasts in the floating-point universe, so figuring out how best to deal with their presence is less straightforward than it might seem.

        • Rust

  • Leftovers

    • Punks, Goths & Mods on Irish TV, 1983
    • Allies

      What role did white women play in the story of Donald Trump? In the months after his election, pink-pussyhat-clad white women positioned themselves as the paradigmatic victims of a misogynistic president, even as commentators pointed out that 47 percent of them (or, I should say, 47 percent of us) voted for him. By the end of his term, news-making “Karens” showed that white women not only voted for Trump in large numbers but were often active participants in the racist state violence he championed. Pink pussyhats recalled the moment when Trump was caught on tape bragging about his ability to assault women with impunity; now white women were caught on video, bragging about their ability to deploy the police against people of color.1

    • Science

      • Steve Wozniak Wants to Clean Up Space Trash [Ed: How about, stop asking your super-rich friends to stop flying trash into orbit?]

        There are definitely romantic aspects to space exploration, with moments like Neil Armstrong’s first walk on the moon seared into the public consciousness.

        But one oft-neglected part of space travel is in the inevitable accumulation of garbage. Abandoned satellites, launch vehicle rockets, debris, heat shields, and dozens of other types of discarded space junk remain in orbit. NASA estimated that 6000 tons of waste are tumbling around Earth’s low orbit. Armstrong and Buzz Aldrin left trash on the moon. All told, there are about 400,000 pounds of man-made waste on the lunar surface.

    • Health/Nutrition

      • Baby Poop Has Ten Times More Microplastic in It Than Adult Poop: Study

        Infants have an average of 10 times the concentration of a type of microplastic in their poop than adults, a pilot study released Wednesday found.

        The research, published in the journal Environmental Science and Technology Letters, follows previous studies reflecting the ubiquity of microplastics—small fibers less than 5 mm in size originating from everyday objects like plastic bottles and polyester clothing and that end up in the planet’s waterways and human guts.

      • WHO’s New Air Pollution Guidelines Reflect Deadly Toll of Fossil Fuels

        Bolstering arguments for rapidly phasing out fossil fuels to not only combat the climate emergency but also potentially save millions of lives annually, the World Health Organization on Wednesday updated its guidelines on air quality for the first time in over 15 years.

        “The science is unequivocal… but these targets for clean air are meaningless if they aren’t addressed with government action.”—Aidan Farrow, Greenpeace International

      • Opinion | Biden’s Global Summit Covid-19 Targets Are Terribly Insufficient

        As part of President Biden’s plan to address the global Covid-19 pandemic and inequitable distribution of vaccines, medicines, and tests to many parts of the world, he convened a global summit held virtually on Wednesday.

      • Experts to Biden: Strongarm Big Pharma to Erase ‘Moral Stain’ of Vaccine Apartheid

        President Joe Biden has the authority to compel U.S. pharmaceutical companies to share their coronavirus vaccine formulas and technological know-how with pandemic-ravaged developing countries, a fact that experts and public health campaigners amplified with urgency on Wednesday as world leaders convened for a virtual Covid-19 summit.

        According to the New York Times, Biden has privately pushed both Pfizer and Moderna—the makers of the two available mRNA vaccines—to “enter into joint ventures where they would license their technology to contract manufacturers with the aim of providing vaccines to low- and middle-income countries.”

    • Integrity/Availability

      • Proprietary

        • Security

          • Exchange Autodiscover feature can cause Outlook to leak credentials

            Security researchers warn that a design issue in how the Microsoft Exchange Autodiscover feature works can cause Outlook and other third-party Exchange client applications to leak plaintext Windows domain credentials to external servers. The risk is significantly higher for devices that are used outside of corporate networks, a common scenario during the pandemic.

            The goal of Microsoft’s Autodiscover protocol for Exchange is to help client applications to configure their connection to Exchange automatically. To do this, they rely on a remote configuration file hosted on what is intended to be a company domain. However, because of a design issue that has been highlighted in the past as well, the protocol can end up searching for the configuration on external domains that are or can be registered by anyone.

          • Apple tried to patch this security hole in macOS Finder but didn’t consider upper and lowercase characters

            Apple’s macOS Finder application is currently vulnerable to a remote code execution bug, despite an apparent attempt to fix the problem.

            A security advisory published Tuesday by the SSD Secure Disclosure program, on behalf of researcher Park Minchan, explains that macOS Finder – which provides a visual interface for interacting with files – is vulnerable to documents with the .inetloc extension.

            “[T]hese files can be embedded inside emails which if the user clicks on them will execute the commands embedded inside them without providing a prompt or warning to the user,” the advisory says.

    • Defence/Aggression

      • Pick Up the Stone: The American Way of Vengeance

        “Vengeance is mine,” saith the Lord, and for this reason there is a peculiar perversity to the spectacle of fanatical Christians embracing vigilantism and de facto bounty hunting to “save the children,” punish the women, avenge the fetuses consigned by law to limbo ever since Roe v. Wade allowed women a measure of bodily autonomy in 1973. The Lord, after all, did not say, “Vengeance is yours; go get ’em!”

      • Opinion | End US War-Making Everywhere

        The U.S. withdrawal from Afghanistan, after 20 years of brutal occupation, should just be the beginning. The United States must also end the disastrous “War on Terror,” including the bombing campaigns targeting Somalia and Yemen. And it must also put a stop to the brutal sanctions against Cuba, Venezuela, Iran and other countries in the Global South. 

      • Nearly 50 Groups Demand Passage of Amendments to Cut Pentagon Budget

        Members of Congress must “stem the tide of exorbitant military spending” by backing two amendments to the annual defense bill that would cut the Pentagon budget.

        That was the message delivered to lawmakers Tuesday in a letter (pdf) from a diverse collection of 49 organizations including Demand Progress, Greenpeace USA, Public Citizen, and Veterans for Peace.

      • Opinion | The Feminist Case for Cutting the Pentagon Budget

        I was eight years old when the United States invaded Afghanistan in October of 2001. By that time, politicians and the media had used every trick in the book to justify invading an entire country that had nothing to do with the September 11 terrorist attacks.

      • Ex-Prisoners Recall US Torture at ‘Afghanistan’s Abu Ghraib’

        In a chilling reminder of the war crimes committed during the 20-year Afghanistan War, former inmates of a notorious prison at the largest U.S. military base in the country recently returned there to recount the torture and other horrors they endured during their captivity.

        “They used to tie us to this chair, our hands and feet, and then applied electric shocks.”—Hajimumin Hamza, former prisoner

      • Opinion | End the Pentagon’s New Anti-China Slush Fund and Reinvest in Our Communities Instead

        As the last U.S. troops left Afghanistan, the military establishment and the contractors who have raked in the profits as Afghanistan’s civilians suffered immeasurably had already turned their attention to the next war they could use to justify allocating nearly half of the United States’ total discretionary spending on the Military-Industrial Congressional Complex. The process of constructing America’s next “great threat” to justify militarism began with President Obama’s “Pivot to Asia,” which started the current U.S. military buildup in the Asia-Pacific region and initiated an era of anti-China legislation that continues to this day. One of the more recent and alarming anti-China initiatives is the Pacific Deterrence Initiative (PDI), which would allocate $5.1 billion to the Department of Defense’s $66 billion Indo-Pacific budget for fiscal year 2022. 

      • “Life Has Become Unlivable in Honduras”: How Corruption & Drug Trade Fueled Migration to U.S.

        We look at a new Reuters special report examining corruption and the drug trade in Honduras, which human rights groups say are pushing tens of thousands of people to flee the Central American country for the United States. “People really describe feeling that their life has become unlivable in Honduras,” Reuters correspondent Laura Gottesdiener says. This comes less than six months after a federal court in New York sentenced Tony Hernández, the brother of Honduran President Juan Orlando Hernández, to life in prison for drug trafficking and listed the president as a co-conspirator. We also speak with Adriana Beltrán, executive director of the Seattle International Foundation, who says the instability in Honduras today is directly linked to the U.S.-backed coup of 2009 that deposed President Manuel Zelaya. “To a large extent, the crisis that you continue to see in Honduras and its democracy has its roots in the coup,” Beltrán says. “Honduras has been struggling to build representative democracy, to fight corruption and crime.”

    • Environment

      • ‘Groundbreaking’ Win as Court Rules USFWS Can’t Ignore Climate Impacts on Joshua Tree

        “Our climate-imperiled species—plants and animals alike—do not have time for political gamesmanship that questions unambiguous science.”—Jennifer Schwartz, WildEarth Guardians

      • Opinion | U.S. Militarism’s Toxic, Planet-Killing Impact on Climate Policy

        President Biden addressed the UN General Assembly on September 21 with a warning that the climate crisis is fast approaching a “point of no return,” and a promise that the United States would rally the world to action. “We will lead not just with the example of our power but, God willing, with the power of our example,” he said.

      • Groundbreaking Legal Win for the Joshua Tree: Court Rules That Federal Government Cannot Ignore Impact of Climate Change on the Desert Icon

        The Service disregarded overwhelming scientific evidence showing that climate change poses a major threat to the Joshua tree’s survival when the agency denied listing the species as threatened under the Act. The decision stems from a 2019 lawsuit filed by WildEarth Guardians, challenging the Service’s decision that the desert icon did not warrant federal protection, despite all the available scientific evidence pointing to the same conclusion: Joshua trees will be in danger of extinction throughout most of their current range by century’s end from climate change driven habitat loss, invasive grass fueled wildfire, and other stressors.

        “The Court’s decision represents a monumental step forward for the Joshua tree, but also for all climate-imperiled species whose fate relies upon the Service following the law and evaluating the best scientific data available with respect to forecasting future climate change impacts,” said Jennifer Schwartz, staff attorney for WildEarth Guardians and lead attorney on the case. “The Court’s unequivocal holding—that the Service cannot summarily dismiss scientific evidence that runs counter to its conclusions—will force the federal government to confront the reality of climate change and begin focusing on how to help species adapt.”

      • Energy

        • ‘Huge Step Forward’: China Applauded for Pledge to Stop Building Overseas Coal Plants

          “China’s pledge to scale up support to green energy is also a show of great commitment that will inject much needed momentum in the pursuit of a just transition in developing nations mostly vulnerable to the climate crisis.”—Landry Ninteretse, 350Africa.org

          “This move will scale down fossil fuels in the continent, and limit harmful impacts of coal that are already being felt in parts of the continent,” said Landry Ninteretse of 350Africa.org. “China is paving the way for other governments that continue to venture into deadly fossil fuel projects to stop them and instead accelerate plans to phase out coal, end public finance for oil and gas and implement a just transition based on renewable energy for the continent.”

        • Rapid Shift to Electric Vehicles Could Create Over 150,000 Jobs in US by 2030

          While the transition to electric vehicles is “inevitable,” the consequences for U.S. workers depend on how policymakers manage the shift. With “smart policy,” lawmakers can turn the coming auto industry “upheaval” into an opportunity to create up to 150,000 “good jobs” by 2030.

          “We can ensure the shift to electric vehicles creates jobs and benefits workers—if policymakers act.”—Jim Barrett, Economist

        • ‘Enough Is Enough’: Report Shows Big Oil’s Offshore Tax Loopholes Cost US at Least $86 Billion Per Year

          A new report released Wednesday identifies $86 billion worth of offshore tax loopholes that a dozen U.S.-based oil and gas companies exploit each year as part of a “tax bonanza,” a finding that comes as climate justice advocates push Congress to eliminate subsidies to the fossil fuel industry.

          “Our government cannot continue to bankroll climate destruction,” Friends of the Earth tweeted Wednesday.

      • Wildlife/Nature

        • Clearcutting Yellowstone

          The Forest Service claimed that utter destruction, pictured above, in the Helena National Forest would be “forest restoration” supposedly intended to “protect Helena’s municipal water supply” from wildfire just like they are claiming that clear-cutting 8.6 square miles will restore the forest on the border of Yellowstone National Park and make it more resilient. But a picture is worth a thousand words: clear-cuts are not restoration.

          It is also well-documented that wildfires burn right through clear-cuts in Montana and across the West. Clear-cuts are full of highly flammable weeds, logs they didn’t want, and kindling-like slash, and the removal of the large fire-resistant trees and moisture-retaining, shade-creating forest canopy during logging leaves a landscape that is dramatically hotter, drier, and windier — precisely the type of conditions that increase the risk of wildfire ignition and spread.

    • Finance

      • Wagging the Bitcoin Dog

        Bukele came to power in 2019, riding on a wave of anti-establishment sentiment. Exhausted and frustrated by the inability of the traditional parties on the right and the left (ARENA and FMLN) to deliver on their promises of security and shared economic growth, the country turned to a young, charismatic politician whose primary qualification was that he was not aligned with either traditional party. Early in what is supposed to be a five-year term in office, Bukele had to deal with the COVID-19 crisis and he took a hard line, imposing a toque de queda, a stay at home order, with only limited exceptions. Though the order faced opposition, it arguably did succeed in saving the country from the harms experienced by countries whose leaders did not take the virus seriously. His success was rewarded in the midterm elections, with his party winning a supermajority of seats and both ARENA and FLMN reduced to shells of their former selves.

        With the legislative branch fully in his pocket after the midterms, Bukele moved to neutralize the only remaining the check on his ambitions, the country’s high court. Using their supermajority, Bukele’s party sacked the sitting judges of the Constitutional Chamber of the Supreme Court as well as Attorney General Raul Melara in early May of this year. Earlier this month, the reconstituted Supreme Court did the master’s bidding, signing off on the President seeking reelection and serving a non-consecutive second term. For a country that passed through a lengthy civil war, a long series of coups, and that continues to suffer from deeply entrenched insecurity and violence, the current move towards authoritarianism should be deeply troubling.

      • What is Neoliberalism? A Primer

        The most common mistake people make in trying to understand neoliberalism is to think that it is simply a resurgence of traditional anti-tax, anti-regulation, anti-union free-market liberalism (also called market conservatism). There’s something different about neoliberalism, which explains the “neo”. What is it?

        Basically, neoliberalism is strong-government market liberalism. Traditional market liberals (Adam Smith) believed in freedom in general. Their freedom began with market freedom, in which business and trade are only minimally impacted by the multitude of assigned monopolies, licensing rules, required permissions, regulations, prohibitions, taxes, and fees which cramped the economy under earlier feudal and absolutist states. But classic liberalism also was (up to a point) egalitarian and libertarian, doing away with the enforced social categories (noble, bourgeois, clergy, and commoner, and serf) which prescribed who could participate in which activity. Finally, classic liberals usually supported increased personal freedoms in non-economic, including such rights as religious freedom, freedom of speech, the right to bear arms,  habeas corpus,  the right to a fair trial, the prohibition of arbitrary punishment, the right to political participation, and so on.

      • Letter Urges Progressives to Fight ‘Wall Street Democrats’ Holding Biden’s Agenda Hostage

        A pair of advocates for higher taxes on the rich sent a letter Wednesday urging members of the Congressional Progressive Caucus to keep up their fight against “Wall Street Democrats” who are attempting to water down—or even kill entirely—a centerpiece of their party’s domestic policy agenda.

        “As a matter of national policy, the United States does not negotiate with terrorists. It’s time for the Congressional Progressive Caucus to extend that principle to the legislative process,” Morris Pearl and Erica Payne of the Patriotic Millionaires wrote in their letter (pdf) to Rep. Pramila Jayapal (D-Wash.), the chair of the CPC.

      • Opinion | Pass the PRO Act to Demand More for ALL Workers

        We need to pass the PRO Act to better represent all workers, especially those most vulnerable to discrimination and employer abuse.

    • AstroTurf/Lobbying/Politics

      • ‘We Are Trying to Save It,’ Progressives Say as Right-Wing Dems Sabotage Biden’s Agenda

        The Democratic Party’s sweeping domestic policy agenda—from sizable climate investments to drug-pricing reforms to Medicare expansion—is under growing threat from the inside as right-wing members backed by corporate cash aim to tank or pare back central components of a multitrillion-dollar reconciliation plan.

        “Big Pharma, Big Oil, Wall Street, and their foot soldiers in Congress are doing everything in their power to kill President Biden’s agenda.”

      • Opinion | And Then There Were Guys On Horseback: We Have Not Yet Forgiven Haiti For Being Black

        For Haitians and anyone else appalled by their fate, there was one last indignity: the racist, hysterical fear-mongering swiftly taken up by a right-wing eager for blood, from the reptillian Greg Abbott – we need to “stop these caravans from overrunning our state” – to GOP Texans decrying an “invasion” of migrants who could “take over our country without firing a shot.” On Fox, a Del Rio woman ominously reported, “We’ve had footprints from illegals, in the middle of night, underneath our daughters’ bedroom windows”; Red State blasted a “national security disaster” overseen by “a mental invalid” who’s “on the beach again for a long weekend.” Leading the slimy charge was Ted Cruz, never one to miss a performative photo op while spreading hate and lies and pretending to be outraged by something. “I am on the ground in Del Rio,” he intoned in a bumptious, Monty-Python-like video, gesturing to huddled black bodies behind him. “As of this moment, there are 10,503 illegal aliens…This man-made crisis was caused by Joe Biden.” Bullshit, said America, which noted the GOP runs Texas so maybe some of this is on them: “You’re right, Haiti’s earthquake, hurricane and collapse of the government probably had nothing to do with it….Mother of God!…I hope they come to my neighborhood – welcome, friends… I assume Cancun Cruz headed directly to his office to work on legislation to double funding to process refugees and sent staff to make sure they are properly fed (as) their processing continues. Or he went out for a lobbyist-paid steak.” Finally, you smug, racist, self-righteous, opportunistic son of a Cuban migrant: They’re not illegal aliens. They’re human beings.

      • A Tough Candidate Forum in Virginia Previews the GOP Playbook for 2022

        If November’s election for control of the state House of Delegates is anything like Tuesday night’s candidate forum in this coastal, military swing district, it could be a tough night for Democrats. Which could also foreshadow a bad 2022 midterm cycle.

      • The Anglo Unilateralists Strike

        The fact that such diplomacy had never gone away seemed to escape him.  In the simpleton’s view of politics, his predecessor had abandoned the jaw jaw approach to international relations for muscular and mindless US unilateralism.  Allies had been belittled, ignored and mocked.  Strongmen had been feted, admired and praised.  It was now incumbent upon the United States, urged Biden, that “American leadership” confront “this new moment of advancing authoritarianism, including the growing ambitions of China to rival the United States and the determination of Russia to damage and disrupt our democracy.”

        It would have been more accurate to say that President Donald Trump’s coarse, business board room model was simply too much of a shock for those familiarly comfortable with guile, deception and dissimulation.  But Biden’s return to acceptable hypocrisy did not mask the “America First” note in his temper.  Since then, that temper has seen a dramatic, ahead-of-schedule exit from Afghanistan, building on Trump’s undertakings to conclude open-ended wars and commitments.  US allies began to wonder whether the Biden model was that different from Trump’s cruder original.

      • 11 Senators Support House Progressives’ Push to Pass Full Biden Agenda

        With rising uncertainty about the fate of a U.S. Senate-approved bipartisan infrastructure bill and the broader reconciliation package Democrats are crafting, 11 senators on Wednesday expressed support for House progressives fighting to pass both simultaneously.

        “We strongly support the Congressional Progressive Caucus and other members in the House who have said they intend to vote for the bipartisan infrastructure bill only once the Build Back Better Act is passed.”—11 senators

    • Censorship/Free Speech

      • Unsealed Documents In Nunes’ Family Farm’s Lawsuit Against Ryan Lizza Raise More Questions About The Lawsuit Than They Answer

        The saga of Devin Nunes’ family’s lawsuit against reporter Ryan Lizza and Esquire Magazine got even more bizarre last week. Back in June, we had written about some heavily redacted documents in the case that suggested that Nunes’ lawyer, Steven Biss, was playing some very dangerous games in order to try to keep the employees of the NuStar Farms (owned by Nunes’ relatives) from testifying as to their immigration status. As you may recall, the only part of the lawsuit that was still going on were defamation claims regarding the implication that the farm might employ undocumented workers, which would be noteworthy, considering Devin Nunes hardline stance on immigration.

      • Content Moderation Case Study: Bing Search Results Erases Images Of ‘Tank Man’ On Anniversary Of Tiananmen Square Crackdown (2021)

        Summary: On the 32nd anniversary of the Tiananmen Square protests, internet users noticed Microsoft’s Bing search engine was producing some interesting results. Or, rather, it wasn’t producing expected search results for some possibly interesting reasons.

      • Welcome To The New Techdirt Greenhouse Panel: Content Moderation At The Infrastructure Level

        Today we’re launching our latest Techdirt Tech Policy Greenhouse discussion in which we bring in a bunch of actual experts to discuss and debate complex and nuanced subjects regarding tech policy — this time about content moderation at the infrastructure layer. We’re excited that we’re doing it in partnership with our friends over at the Electronic Frontier Foundation (EFF)! Also, we’re going to conclude this new series of posts on Techdirt with two virtual events. On October 6th from 9am to noon PT, we’ll have many of this series’ authors discussing and debating their pieces in front of a live (though virtual!) audience (register to attend here). The following day, on October 7th, EFF and Techdirt will be hosting a smaller workshop event to take some of what we learned and discussed the previous day, and see if we can come up with more concrete steps and approaches to make sure providers, policymakers, and others understand the risks and challenges of infrastructure moderation, and how to respond to those risks.

    • Civil Rights/Policing

    • Digital Restrictions (DRM)

      • Apple Training Videos Highlight Company’s Adversarial Stance On Affordable Repairs

        Apple has never looked too kindly upon users actually repairing their own devices. The company’s ham-fisted efforts to shut down, sue, or otherwise imperil third-party repair shops are well established. As are the company’s efforts to force recycling shops to shred Apple products (so they can’t be refurbished and re-used), and Apple’s often comical attacks on essential right to repair legislation, which only sprung up after companies like Apple, Microsoft, Sony, John Deere, and others created a grass-roots counter-movement via their attempts to monopolize repair.

    • Monopolies

      • Google experiments with user-choice-defying Android search box

        Google has been spotted testing a web technology that a former staffer fears will further undermine the already often ignored choices people make about their browsers.

        Alex Russell, who joined Microsoft in June as partner program manager on Edge after more than 12 years as a senior engineer at Google, noted on Twitter the appearance of WebLayer.

        WebLayer, as Google describes it, is “a high level embedding API to support building a browser.” It’s sort of like WebView on steroids. WebView is an API in Android and iOS for presenting web content within a native app and is the basis for WebView in-app browsers (IAB) implemented in apps like Facebook, Microsoft Bing Search, Facebook Messenger, Instagram, Pinterest, and Snapchat.

      • Patents

        • BioArctic receives European patent for antibodies targeting Alzheimer’s disease [Ed: More patents or monopolies instead of patients, even monopolies on antibodies]

          BioArctic AB has announced that the European Patent Office (EPO) has issued a decision to grant European patent EP 2 448 968 B1 for novel antibodies that could be developed into a treatment for Alzheimer’s disease. The patent comes into force on 27 January 2021 and expires in 2030.

        • How India can witness a new wave of IP savvy startups and MSMEs [Ed: Incredible patent propaganda with conflict of interest; people who sell litigation want us to think this climate of litigious behaviour is good for small businesses. It is a lie.]

          Innovation is a critical factor for the advancement of society. Problem-solving inventions, especially technological ones, enhance society’s capacity to act and drive economic growth. That said, countries across the globe have varying levels of innovativeness, which can be gauged by global innovation ranking. As per the Global Innovation Index (GII) rankings 2020, India holds the 48th rank in 131 countries. Since a vast majority of companies in India include startups and MSMEs, this data essentially shows the status of their innovations. The following article covers how India can witness a new wave of IP savvy startups and MSMEs. Let’s start by exploring the global rankings data.

          Are Global Rankings on IP Filings Reliable?

          Intellectual property is a reasonable pointer to gauge the innovativeness of a country. That’s because if a company is innovative and wants to hold a dominant position in the market based on it, it would protect its intellectual asset via IP rights such as patents and trademarks.

          India stands at the 8th position in terms of patent filings. While the country does make it to 8th rank, the margin between India and other top-performing countries is huge.

        • Exclusive: Slovenia ratifies UPC protocol [Ed: Laughable PR stunt from Team UPC because UPCA is already dead, UK left the EU, so this is just for faking momentum with meaningless move]

          One more country will still be required to ratify the PAP protocol before the next phase of the UPC can begin

        • ToolGen Files Reply Brief to CVC’s Opposition to its Substantive Preliminary Motion No. 2 [Ed: More on the efforts to privatise life and nature using patents or misuse of patent law]

          In June, Senior Party ToolGen filed its Substantive Preliminary Motion No. 2 to deny Junior Party the University of California, Berkeley; the University of Vienna; and Emmanuelle Charpentier (collectively, “CVC”) priority benefit to its U.S. Provisional Application No. 61/757,640, filed January 28, 2013 (“Provisional 3″), pursuant to 37 C.F.R. §§ 41.121(a)(1)(ii) and 41.208(a)(3) and Standing Order ¶ 208.4.1. CVC filed its Opposition to this Motion. On August 26th, ToolGen filed its Reply.

The EPO is on the Run (Escaping Negative Press Coverage)

Posted in Europe, Patents at 5:20 am by Dr. Roy Schestowitz

Video download link | md5sum 875c84c4e182945b75bfeec9d456d292

EPO catSummary: Aside from tens of millions of euros granted to media and academia (to keep them complicit or silent about EPO corruption, which also implicates the EU) there’s also SLAPP and threats against staff representatives; but Members of the European Parliament are becoming interested in what’s really going on in Europe’s second-largest institution, so this utter waste of EPO money (manipulating the press and gaming universities’ research) might in itself become a scandal sooner or later

THE latest Moroccan puff piece (warning: epo.org link) from the EPO, dated yesterday, brings back memories of Frenchman Benoît Battistelli visiting former French colonies to make himself seem important (he loves lesser important countries in the patent context; there, he can meet high-level officials without fear of being blasted for his corruption).

“It’s just a space filler. Like those other Moroccan PR stunts.”This time, Frenchman António Campinos (yes, he’s French) is interjecting his own name a lot in order to make himself seem like an ‘IP’ guru, not the well-dressed imposter that he really is; no photo ops due to COVID-19, so basically it’s a spammy pile of fluff about a webchat. Was something unprecedented signed? No. It’s just a space filler. Like those other Moroccan PR stunts [1, 2, 3].

Anyway, the video above mostly discusses some progress I’ve been making, bringing to the attention of MEPs the abuses of the EPO. I’ve only contacted 3 officials, all of whom interested in SLAPP aspects. After a day I received a response expressing interest and maybe by the week’s end there will be more. It’s precisely targeted; I’m not contacting MEPs at random.

“The EPO’s officials are ‘on the run’… a runaway from bad publicity.”Whether the EPO will ever be redeemed (or guilty officials be held accountable) we cannot tell for sure, but there has been considerable progress this past month. Many people read the articles and wish to know more. It’s very likely that the EPO heard directly from them, hence the face-saving ‘fluff’ in the intranet and so-called ‘news’ section. When the EPO is accused of intolerance it resorts to pinkwashing and when challenged over illegal surveillance it's then 'cloudwashing time'! Never mind the constant greenwashing and whitewashing. The EPO’s officials are ‘on the run’… a runaway from bad publicity.

Patents Morocco
After recording the video I’ve looked up the number of European Patents of Morocco (back when the EPO still published those figures)

[Meme] Lowering the Standards…

Posted in Europe, Patents at 5:04 am by Dr. Roy Schestowitz

1,000 times fewer European Patents than Germany (4,000 fewer than Japan and US), still gets VIP treatment
Numbers from this report (warning: epo.org link)

Show me to your leader
EPO dictators Benoît Battistelli and António Campinos love small economies where love can be bought cheaply (that they also speak French is a bonus, being their mother’s tongue)

Summary: It’s time for another round of fluff at the EPO, this time without even travelling (PR-over-’ViCo’)

Gemini HTTP/HTML/Web Proxies and Self-Hosting Your Own Proxy

Posted in Free/Libre Software, Site News at 4:01 am by Dr. Roy Schestowitz

Video download link | md5sum 875c84c4e182945b75bfeec9d456d292

Summary: Gemini protocol (gemini://) and the fast-growing Geminispace (expected to exceed 2,000 known capsules by year’s end, in effect quadrupling in a single year!) are possible to access using Web browsers, at least for those who do not have Gemini clients/browsers just yet; today we examine and give an outline of the options

THE past week or so we spent researching proxies for Gemini — a subject that we covered in the past albeit not in an in-depth fashion. Now that we serve close to half a million pages per month over gemini:// it’s worth exploring the possibility of setting up our very own Web proxy, relaying Gemini pages over the Web (as HTML pages). Yesterday I revisited HtmGem, which I first studied in the summer (back when it used Sourcehut for hosting; it has moved to another host) and looked into some of the code and requirements of kineto, gopherproxy (it does Gemini also; that’s a legacy name), and GemProxy, which we use at the moment. GemProxy 2.0.1 was released earlier today. There’s also Xenia, a Gemini proxy for Android, and geminize, a Mozilla Firefox addon that merely redirects gemini:// URLs to a known and reliable proxy. I’ve used that for many months as an HTTP-to-Gemini proxy although Firefox is also configured to open suitable URLs in a proper Gemini client, Lagrange in my case. I have two versions of Lagrange installed and one of us is building Lagrange from source.

“Eventually we’d love to have it all self-hosted (proxies also), but we are using third parties for the time being.”Those are most of the options that currently exist, but few more are out there, quite likely with more on the way… I went through some of them a few months ago but lost track of their names and URLs, so the above list is certainly not complete.

For those not willing or unable to set up their own, there’s this bunch of open proxies [1, 2, 3] including one that is currently down and was also down over a month ago (poor reliability for uptime; they barely even notice when there’s downtime until days later). Well, there used to be several more open proxies, but just like GUS they decided to shut down or change direction, so it’s a bit of a ‘moving target’. The list of existing/available proxies will change over time.

“Gemini isn’t going away. It’s growing.”As I mention in the video above, my main findings are that those proxies use bloated frameworks, some of them hosted on Microsoft’s proprietary software trap (GitHub) but most are not, their quality is not high (bugs) and the documentation even worse. This means that the maintenance overhead can be high in case one considers self-hosting.

Eventually we’d love to have it all self-hosted (proxies also), but we are using third parties for the time being. They’re easy to swap between, e.g. when we have downtimes. We’re not provisioning a whole box or container just for that, at least not yet, but eventually it will make sense, especially as Gemini usage grows.

Gemini isn’t going away. It’s growing. Its functionality too is constantly expanding without having to modify the intentionally-rudimentary specification. This way we avoid replicating the dire mistakes of the World Wide Web (steered by monopolies through the W3C).

IRC Proceedings: Wednesday, September 22, 2021

Posted in IRC Logs at 2:04 am by Needs Sunlight

Also available via the Gemini protocol at:

Over HTTP:

HTML5 logs

HTML5 logs

#techrights log as HTML5

#boycottnovell log as HTML5

HTML5 logs

HTML5 logs

#boycottnovell-social log as HTML5

#techbytes log as HTML5

text logs

text logs

#techrights log as text

#boycottnovell log as text

text logs

text logs

#boycottnovell-social log as text

#techbytes log as text

Enter the IRC channels now

« Previous Page« Previous entries « Previous Page · Next Page » Next entries »Next Page »

Further Recent Posts

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts