• Distributions
• Devices/Embedded

Windows vs. Linux vs. Mac: the channel comparison

Linux is open source meaning you can customise and modify the code any which way you like. This flexibility has made the system hugely popular amongst the developer community. This is not the same in Windows and Mac. Neither the Windows and Mac programmes nor the operating systems are open source.

So there we have it, three entirely different operating systems offering unique experiences that can meet the differing demands of the modern user, whilst offering unique opportunities throughout the channel. So the real question now is, are you a Mac Linux or Windows user?

Linux Journal October 2016

There was a show a few years back called, “Extreme Makeover: Home Edition”. The premise of the show was to find families who needed their houses overhauled, but couldn’t afford to do it on their own. Generally, those chosen had sacrificed for others rather than spend time and money on themselves. Then the show would completely redo their houses, making it so nice the happy families no longer could afford the taxes, and they’d soon be homeless. I might have missed the point of the show, but the idea of improving on outdated infrastructure certainly rings true for IT folks. This month, we look at improving our lives by improving on the tech we depend on every day.

Desktop

• Xiaomi Notebook Air vs Macbook Air / Linux vs MacOS vs Windows 10

Server

• Kubernetes 1.4 Improves Container Security

  The latest release of the open-source container orchestration technology adds new security features, including TLS bootstrap.
  The open-source Kubernetes 1.4 release, which debuted Sept. 26, provides users with a host of enhanced security capabilities for container deployment and orchestration.

  Kubernetes originated at Google and is now part of the Cloud Native Computing Foundation, benefiting from the contributions of multiple vendors.

  Among the new features in Kubernetes 1.4 is TLS bootstrap, which is designed to improve the use of encryption for data in motion across a cluster. TLS (Transport Layer Security) is widely used on the internet today for encryption.

  “The TLS bootstrapping work done in Kubernetes 1.4 is a step toward automating the addition of new hosts to the Kubernetes cluster,” Clayton Coleman, Red Hat’s lead architect for OpenShift, explained to eWEEK.

Kernel Space

• Why kernel development still uses email

  In a world full of fancy development tools and sites, the kernel project’s dependence on email and mailing lists can seem quaintly dated, if not positively prehistoric. But, as Greg Kroah-Hartman pointed out in a Kernel Recipes talk titled “Patches carved into stone tablets”, there are some good reasons for the kernel community’s choices. Rather than being a holdover from an older era, email remains the best way to manage a project as large as the kernel.

  In short, Greg said, kernel developers still use email because it is faster than any of the alternatives. Over the course of the last year, the project accepted about eight changes per hour — every hour — from over 4,000 developers sponsored by over 400 companies. It must be doing something right. The list of maintainers who accepted at least one patch per day contains 75 entries; at the top of the list, Greg himself accepted 9,781 patches over the year. Given that he accepts maybe one third of the patches sent his way, it is clear that the patch posting rate is much higher than that.

  Finding tools that can manage that sort of patch rate is hard. A poor craftsman famously complains about his tools, Greg said, but a good craftsman knows how to choose excellent tools.

  So which tools are available for development work? Greg started by looking at GitHub, which, he said, has a number of advantages. It is “very very pretty” and is easy to use for small projects thanks to its simple interface. GitHub offers free hosting and unlimited bandwidth, and can (for a fee) be run on a company’s own infrastructure. It makes life easy for the authors of drive-by patches; Greg uses it for the usbutils project and gets an occasional patch that way.

• Fireside Chat with David Rusling and Linus Torvalds

• The Problem with Linux Kernel Documentation, and How We’re Fixing it

  The Linux Kernel has one of the biggest communities in the open source world; the numbers are impressive: over 4,000 contributors per year, resulting in about 8 changes per hour. That results in 4,600 lines of code added every day and a major release every 9-10 weeks. With these impressive numbers, it’s impossible for a traditional printed book to follow the changes because by the time the book is finally written, reviewed and published, a lot of changes have already merged upstream. So, the best way to maintain updated documentation is to keep it close to the source code. This way, when some changes happen, the developer that wrote such changes can also update the corresponding documents. That works great in theory, but it is not as effective as one might think.

• How To Use Systemd For Application Sandboxing & How To Easily Crash Systemd

  Another one of the interesting systemd.conf 2016 presentations in Berlin was a talk by Djalal Harouni of EndoCode for using systemd to carry out application sandboxing.

• Graphics Stack

  • Experimental Unity Vulkan Demos For Linux

    Some of the exciting news this week was Unity releasing their Vulkan renderer in preview form and this initial debut did contain Linux support. There are now some unofficial Unity demos built for Linux with the Vulkan renderer enabled.

    Levi Bard is hosting some sample Linux player builds with the Vulkan preview support enabled. There are two demos currently offered: Corridor Lighting Example and Viking Village. There are both x86 and x86_64 builds and should work with newer Vulkan Linux drivers.

  • The Talos Principle native radv vulkan amdgpu (SI)

  • We Might Never See A New OpenGL Version, At Least Not For A Long Time

    During past Khronos press briefings about OpenGL/Vulkan and in other communications, while Vulkan is the organization’s big graphics API focus, it was implied during these conversations that OpenGL would continue to march to its own beat and evolve as needed. While OpenGL continues to be significantly used by cross-platform graphics application/game developers, it turns out there might not be a new official version for a long time – if ever.

Applications

• Say not Goodbye, say Sayonara

  Sayonara is a new little player. But that’s it. If you don’t like its looks or the particular way it brings you songs, there is no reason for you to use it over any other generic player of choice you can find in your distro. Don’t get me wrong, work it does, yes, with an odd error or five, but then every other one offers pretty much the same bevy of features, pretty much the same experience. There’s nothing revolutionary in Sayonara to warrant extra chance, extra time. It’s as good as the rest, and then equally lacking, making it ill suited for the modern aural topography.

  Apart from the obvious stability and usability, I would love to see an easy way to integrate online streaming services, an ability to buy music directly through the player, some way to port and sync my collections, as well as better connectivity to external devices. It is Year 2016, and we can’t be so casual about the fact there’s an entire world out there built and designed to be consumed at 0.99 dollars per transaction. I’m not saying that’s all there is, but having this whole new world added into the player, as an optional extra, would make Sayonara far more appealing to a much wider audience. And it could also potentially help transform the world of Linux applications to a higher level. But the investment needed is dauntingly complex and big. Perhaps we won’t see it any time soon. Or maybe we will. Let us see what the next edition of Sayonara brings us. Worth testing, for sure, so do it.

• Luatex 1.0.0 announcement

  After some ten years of development and testing, today we have released LuaTeX 1.0.0! Instead of staying below one and ending up with versions like 0.99.1234, we decided that the moment is there to show the TeX audience that LuaTeX is stable enough to loose its beta status. Although functionality has evolved and sometimes been replaced, we have been using LuaTeX in production right from the start. Of course there are bugs and for sure we will fix them.

• Desktop app snap in 300KB

  KDE Neon developer Harald Sitter was able to package up the KDE calculator, kcalc, in a snap that weighs in at a mere 320KB! How did he do it?

• 7 Best Free Online Radio Apps for Linux Users

  Music is a breather in this fast life style of us. Music has been in our habits for centuries. In the olden days, it was the stages enact that people enjoyed or the street performers that entertained thousands. With the change in time and technology things are better and faster nowadays. Now, Music is not just meant for entertainment, it became huge business all round the world and has been a very successful industry since then with glamour and style within. Music is a source of stress buster.

  The world has changed from the old days to these days of technologies where people prefer faster and better life. People spend most of their hectic life at work. Although there are several ways of entertainment during the holidays and of the work period, Music is one such source that most people prefer for entertainment. One can enjoy Music in radio and MP3 players which are very popular everywhere nowadays. From shopping malls to multi complexes you can find these radio stations playing all over the places. With a broad range of Music and television serials has been successful in attracting thousands of people all round the world.

• issue #47: OpenSSL, ripgrep, httpstat, CouchDB, Latency & more!

• mailcow 0.14 is final

• BubbleKern

  At ATypI 2016 in Warsaw, Toshi Omagari presented an open-source tool he has developed to partially automate the repetitive task of generating kerning data for fonts. The program is called BubbleKern and, although it does not fully automate the kerning process, it may strike a balance that many font designers find useful.

  Kerning traditionally referred to carving cutouts into the physical metal sorts for particular letters, Omagari said, which we would today refer to as negative sidebearings. It enabled letters with an overhang, like “f”, which could otherwise not fit next to standard letters. The wood-type printing era used an approach more like what is done in digital type today, however. Many standard blocks would be cut down so that would fit together more closely. The visual gap between problematic pairs like “AW” is a common example; Omagari showed images of wood-type blocks cut down with carpentry tools to produce a better fit. That fine-tuning is akin to what designers do in digital type.

• Variations fonts and OpenType 1.8

  The first day of the 2016 ATypI conference was marked by the release of a major update to the OpenType font format. A panel of speakers representing the major players in font technology over the past several decades announced the update together. Although there are several changes under the hood, the key new feature is the ability for a single font file to encode sets of delta values that programs can use to automatically interpolate changes in font weight, width, and other features, each throughout a continuous range. When software support is fully rolled out, that will all but eliminate the need to distribute font families as collections of individual font files, as well as removing many longstanding assumptions about font usage.

• 11 Best Graphical Git Clients and Git Repository Viewers for Linux

  Git is a free and open source distributed version control system for software development and several other version control tasks. It is designed to cope with everything from small to very large projects based on speed, efficiency and data integrity.

  Linux users can manage Git primarily from the command line, however, there are several graphical user interface (GUI) Git clients that facilitate efficient and reliable usage of Git on a Linux desktop and offer most, if not all of the command line operations.

  Therefore, below is a list of some of the best Git front-ends with a GUI for Linux desktop users.

• Progress – A Tiny Tool to Monitor Progress for (cp, mv, dd, tar, etc.) Commands in Linux

  Progress, formerly known as Coreutils Viewer, is a light C command that searches for coreutils basic commands such as cp, mv, tar, dd, gzip/gunzip, cat, grep etc currently being executed on the system and shows the percentage of data copied, it only runs on Linux and Mac OS X operating systems.

• Instructionals/Technical

  • How to Install the Paprius Icon Theme for KDE on Kubuntu 16.04

  • Install Nextcloud on openSUSE Leap 42.1

  • Zsh magic: remove all raw photos that don’t have a corresponding JPEG

  • How to Fix “Username is not in the sudoers file. This incident will be reported” in Ubuntu

  • How to install and use KDEConnect on Ubuntu 16.04LTS

  • How to install OpenSC on IPFire Firewall

  • Learn How to Speed Up Websites Using Nginx and Gzip Module

  • Adding API dox generation to the build by CMake macros

  • How to Run Multiple Web Applications in One Apache Tomcat Server

  • Mount LVM filesystems in live session

  • Dave’s QML Binding Loop Backtrace Printer

  • How to Install Nmap From Source

  • Getting jiggy with Busybox and LD_PRELOAD

  • Advanced Multimedia on the Linux Command Line

  • Linux bcc Tracing Security Capabilities

  • Aspell and Hunspell: A Tale of Two Spell Checkers

  • How to Configure BIND On Linux (RHEL7/CentOS7)

  • How to Secure Your SSH Using Fail2Ban on CentOS 7

  • Arch Linux Hydra Build

  • How To Install and Configure Varnish with Apache on Ubuntu 16.04

  • How to use SSH keys for Authentication (for beginners)

  • Working with terrain in #FreeCAD

  • Making Viewer UIs for Pitivi

  • Install and Configure Chef Server on Ubuntu-14.04

  • Containerizing Graphical Applications On Linux With systemd-nspawn

  • Working with Logical Volume Management

  • Make the less Command More Powerful

  • How to install and run Dropbox from a headless Linux server

• Wine or Emulation

  • Wine Announcement

    The Wine development release 1.9.20 is now available.

  • Wine 1.9.20 Has New Clipboard API Reimplementation

    -
    Wine 1.9.20 is now available as the latest bi-weekly development release of this cross-platform program to run Windows programs/games on other operating systems.

  • The Wine Development Release 1.9.20 Is Now Available

  • Upcoming Native Xinput Support in WINE

    If you have ever looked at playing games on Linux through WINE, you are probably aware by now that there’s a bunch of hacks involved to getting a Xbox360 pad to work with games. Usually this means grabbing an older version of the little Windows tool called xbox360ce.exe, a few xinput dlls, and a xbox360 configuration file and dump that unholy mix into the Windows’ game’s folder, and pray that everything works as expected. It’s just like witchcraft, except that you won’t be burned for that anymore these days. Honestly, this situation is far from being satisfying. I know we all want clean ports for Linux anyway, but there’s always going to be a ton of games that will never get ported, and WINE can be a good solution for those. The less hackery tricks it needs to support controllers, the better.

• Games

  • The Humble Artifex Mundi Bundle has all its Hidden Object games with full Linux support

  • The Dolphin emulator for GameCube & Wii games merges in Vulkan support

  • Dolphin GameCube/Wii Emulator Lands Its Vulkan Backend

    The past few months we’ve written a few times about the Dolphin Emulator working on a Vulkan back-end. Dolphin is an open-source project providing cross-platform emulation for Nintendo’s GameCube and Wii games.

  • BUTCHER from Transhuman Design releases on the 5th, has a brutal new trailer

    I have an advanced copy and I can already say the Linux version works beautifully and it is rather gory. More thoughts after release.

  • ‘Cossacks 3′ officially due on Linux in the second half of October

    The developers of Cossacks 3 [Official Site, Steam] have now put up an official forum post on Steam about the Linux version. They say it will be officially available in the second half of October.

Desktop Environments/WMs

• K Desktop Environment/KDE SC/Qt

  • KDE neon Korean Developer Edition (… and future CJK Edition?)

    Among many other locations around the planet, the local community in Korea is planning to put on a KDE 20th Anniversary birthday party in Seoul on October 14th. The KDE neon Korean Developer Edition was directly created on request for this event, to be made available to attendees.

    That said – this is actually something we’ve been wanting to do for a while, and it’s not just about Korean.

    None of the bits that make up the new image are new per-se; KDE has supported Korean for a long time, both with foundational localization engineering and regular maintenance activity. And as of the Plasma 5.6 release, our Input Method Panel is finally bundled with the core desktop code and gets automatically added to the panel on first logon in a locale that typically requires an input method.

    Yet it’s pretty hard to keep all of this working well, as it requires tight integration and testing across an entire stack, with some parts of the whole living upstream or downstream of KDE.org. For example: After we attempted to make the Plasma panel smarter by making it auto-add the Input Method Panel depending on locale, we couldn’t actually be sure it was working as desired by our users, as it takes time for distros to get around to tuning their dependency profiles and for feedback from their users to loop back up to us. It’s a very long cycle, with too many opportunities to lose focus or domain knowledge to turnover along the way.

  • Qt Champion nominations for 2016 now open

  • MediaWikiToLearn Hackathon + Editathon

  • Mobile IMG 20160930-021219

  • KIO GDrive 1.0 released

    I’m happy to finally announce the first stable release of KIO GDrive. KIO GDrive enables KIO-aware applications (such as Dolphin, Kate or Gwenview) to access and edit Google Drive files on the cloud.

    Given the lack of an official Google Drive client for Linux, KIO GDrive can be used as replacement for managing your Drive files with Dolphin. Even better, you don’t have to use space on your disk! The files are still in the cloud, yet you can edit them as if they were locally stored on your machine.

    For example you can edit a text file in Kate or crop an image in Gwenview, and just save those files as you normally would. The edited file will be automatically uploaded on the cloud. This will also work with non-KIO applications, for example Libreoffice, but in this case a dialog will explicity ask if you want to upload the new version of the file.

  • In Defence for Permissive Licences; KDE licence policy update

  • My Adventures and Misadventures in Qt Quick Land

    I have the worst sense of timing when adopting technologies and always find myself at transition points. Python 2 to 3, OpenGL fixed to programmable pipeline, and Qt widgets to Qt Quick. Perhaps the most significant thing to come out of Nokia’s short stewardship of Qt, Qt Quick (originally Qt QUICK, or Qt User Interface Creation Kit) is perhaps the biggest, and somewhat most controversial, change in Qt in recent years. Unless The Qt Company makes a highly unlikely U-turn, it is also probably Qt’s future (without discarding regular widgets, of course). It is also definitely the future for Plasma, the KDE desktop. In fact, it is already its present. Of course, I just had to sink my teeth into it, if only briefly. Since I still wasn’t yet set firmly in the ways of the Widget, I thought it might be easier to wrap my head around this new way of coding. I was both wrong and right. Here is my story.

  • Qt on Android: How to create an Android service using Qt

  • Using Qt Quick for prototyping

  • KDAB talks at QtCon 2016

  • Tomorrow is a New Day – Joining Blue Systems

  • [Krita] New Stable and Development Builds

  • Kubuntu 16.10 Beta 2 is here! Test Test Test! And then more Testing

  • RFC: How to fix a tricky leak in QFormLayout?

  • Kirigami 1.1

  • Kirigami 1.1

  • Emoji restyling

    I started to restyling and try to finish the Emoji.

• GNOME Desktop/GTK

  • An Introduction to GNOME Boxes (virtualization) on Linux

    GNOME Boxes is a system virtualization application that is a core part of the GNOME desktop environment. Based on the QEMU machine emulator, it offers a simplified and user-friendly approach to the whole OS virtualization idea. This post is just an introduction to its capabilities and a statement that it finally works in other distributions besides Fedora.

    Once you launch Boxes, you are greeted with a message to press the “New” button to add a new system. Doing so will let the application quickly search in your home folder to find any supported image files. You may either select from the list, navigate your disk, or even insert a URL address.

Distributions

• This Week in Solus – Install #36

  Welcome to the 36th installation of This Week in Solus.

• Reviews

  • Sabayon Bizarre But Useful

    Sabayon, which gets its name from the the Italian egg-derived dessert known as zabaione, is a distribution that we don’t hear too much about these days, although the British Linux press gave it some love a few years ago. It was unassuming…with a hint of mystery. I tried it back then, when I was still fairly new to actually using Linux and thought it was a nice effort, but a little too weird. That wasn’t their fault; that was mine. I was still clinging sharply to Ubuntu at the time. Plus, I was a bit more shallow in those days because I was really set on the idea that an operating system had to look good before I would really put some hours into using it. I still am in many respects. I’m just not crazy about boring.

    So when I approached Matt with the idea of documenting a revisitation to Sabayon, he greenlighted it immediately. Team Sabayon has been very busy. It still has a hint of mystique that I find very attractive. It’s got a lot of applications at default and offers you a lot of decision-making power as well. More on that later.

• Screenshots/Screencasts

  • What’s New in Elementary OS 0.4 Loki

• OpenSUSE/SUSE

  • Mesa, Kernel, GNOME, KDE apps update in Tumbleweed

    Another week and another five snapshots for openSUSE’s rolling release Tumbleweed produced updates for openSSL, GNOME 3.22, Mesa and the Linux Kernel.

    Dominique Leuenberger, a core member of the openSUSE release team, informed subscribers of the openSUSE Factory Mailing List about some of the packages that were updated during the week and some packages users can expect over the next couple of weeks.

    Snapshot 20160928 produced an update for openSSL to 1.0.2j, which patched a high severity Online Certificate Status Protocol vulnerability. The same snapshot also gave users the updated 4.7.5 Linux Kernel.

• Red Hat Family

  • Heads up: CentOS 5 goes end-of-life in 6 months

    So you have 6 months left to plan and execute a migration to a newer OS, like CentOS 7 (which’ll get you to 2024).

    Let’s face it, CentOS 5 has had it’s prime and is long due for a more modern replacement. Go and get the benefits of a more up-to-date kernel and packages!

  • Finance

    • Red Hat Inc. (NYSE:RHT) Receives $88.33 Consensus Target Price from Brokerages

    • Pay Close Attention To These Analyst Ratings Red Hat Inc (NYSE:RHT), Oracle Corp. (NYSE:ORCL)

• Debian Family

  • Derivatives

    • Canonical/Ubuntu

      • Ubuntu Phone pre OTA 14 quick view

      • Canonical Brings Kubernetes to Ubuntu

        It appears as if the guys and gals at Canonical have been working overtime to stay ahead in the cloud, where its Linux distribution, Ubuntu, is the decisive winner as far as the number of deployments goes. Evidently, they’d like to keep it that way. On Tuesday the company unveiled its own fully supported enterprise distribution of Kubernetes. This comes only a week after the company announced it had worked with IBM to bring its own implementation of OpenStack to Big Blue’s hardware.

        If you don’t know, Kubernetes is a container tool for DevOps that was originally developed by Google but which is now managed by the Cloud Native Computing Foundation and available under the Apache open source license. To develop its own distribution, Ubuntu copied its IBM mainframe move and worked with the source, in this case Google. They’ve come up with what Canonical founder Mark Shuttleworth is calling a “pure, vanilla version” of the platform.

      • Flavours and Variants

        • Mintbox Mini Pro: A Cheap Linux Machine With Compelling Specs

          The Mintbox Mini has been received a major hardware upgrade and it is now called Mintbox Mini Pro. The Linux machine comes at a price of $395 and features an all-metal casing which eliminates the need for a cooling fan. Significant bumps having been given to the storage, RAM, processor, wireless, and other hardware components.

        • budgie-remix 16.10 beta 2 is now available

        • Addressing FUD

          I find it really despicable to see developers, maintainers and communities from competing projects create and spread FUD about Linux Mint in an effort to promote their own distribution.

          At this cost, getting more users is futile. Of course, a project needs a large audience to succeed, but what matters the most is how happy your users are. If you want your project to work, make it great. If you want to promote it, highlight your own work and efforts.

          At the time when Ubuntu was dominant in the Linux market, it continuously received a huge amount of FUD. It was unfair, it was stupid and frankly, it was embarrassing for the entire Linux community. It still is and it has gotten worse for us because we’re now receiving a significant chunk of that FUD, some of it coming from the very same project who already suffered so much from it.

        • Monthly News – September 2016

          Many thanks to you all for your help, support and donations. This month has been very exciting for us because the release cycle was over, the base jump to the new LTS base was achieved, we had plenty of ideas to implement, nothing got in our way and we could focus on development. Not only that but the development budget was high, and that’s thanks to you, and it tightens the bonds a little more between us. It makes everybody happy, some developers start looking for a new laptop, others use the money to relax. No matter how it’s used, it always helps, and because it helps them, it helps us.

          Another team was set up recently to gather artists and web designers who are interested in improving our websites. This is a new team, with 9 members who just started to get to know each others. It’s hard to predict how the team will evolve, or if it will be successful. It’s hard to know also who in this team might end up being central to our designs and maybe not only to our websites but also to our software, our user interfaces.

Devices/Embedded

• Raspberry Pi launches new PIXEL desktop environment

• Raspberry Pi Launches New PIXEL User Interface For Desktops

• Raspberry Pi Adds Beautiful “Pixel” Desktop Environment To Raspbian Linux Distro

• Meet Pixel, a gorgeous, much-needed visual overhaul for Raspberry Pi’s main distro

• Raspberry Pi’s most popular operating system gets a visual overhaul

• The New Raspberry Pi OS Is Here, And It Looks Great

• Raspberry Pi gets its own official desktop environment: PIXEL

• 50 Great Raspberry Pi Projects In Latest Mag Pi Magazine

• Raspberry Pi gets VNC remote access bundle with Raspbian

• Raspbian PIXEL offers major UX overhaul for Raspberry Pi owners

• Raspberry Pi Pixel: Desktop Operating System Environment Built on Debian

• Raspberry Pi Gets ‘More Visually Appealing’ Pixel Desktop OS

• Raspberry Pi operating system gets a visual upgrade with the launch of PIXEL

• The Slashdot Interview With Raspberry Pi Founder and CEO Eben Upton

• PIXEL is the new desktop environment for Raspberry Pi’s Raspbian OS

• Introducing PIXEL

• Phones

  • Android

    • Oracle loses another appeal in never-ending Google Java battle

      ORACLE HAS LOST its appeal in its long-running Java battle with Google, in which it suggested that APIs should be subject to copyright and demanded as much as $9.3bn in compensation from the latter.

      Oracle wanted a new case after a conclusion was again found in Google’s favour in May this year, and has repeatedly appealed the decision in the six years since the company first brought the dispute to court.

      In this particular appeal, Oracle has accused Google of failing to disclose its intent to develop tools to run Android on the desktop using the Android App Runtime for Chrome (ARC). It claimed that this invalidated Google’s previous argument that its use of Java APIs was limited to mobile devices and could be considered fair use.

      However, San Francisco District Court Judge William Aslup denied Oracle’s motion, stating that Oracle and Google had agreed that the case was only concerned with how Java APIs were used Android smartphones and tablets.

    • Android Circuit: Note 7 Nightmare Haunts Samsung, Goodbye Faithful BlackBerry, New Galaxy S8 Leaks

    • Google is finally kicking out unsupported cards from Android Pay in mid-October, causing people to freak out

Trainline creates open source platform to help developers deploy apps and environments in AWS

The Trainline, the independent rail ticket retailer, has created an open sourced standardised way for its developers to deploy and manage individual applications and environments in Amazon Web Services’ public cloud.

The company has 150 staff in its development area, who focus on improving user experience, and in order to ensure that its underlying infrastructure wasn’t a constraint on time to market, the firm recently migrated all of its development, staging, UAT and production environments from a legacy private data centre to Amazon’s public cloud.

Trainline creates open source platform to let developers test apps in AWS

Yahoo open-sources machine learning porn filter

Yahoo is the latest tech company to open source its computer vision code. The beleaguered outfit’s application for it? Filtering porn. Yahoo hopes that its convolutional neural net (CNN) will empower others to better guard innocent eyes, but admits that because of the tech’s very nature (and how the definition of “porn” can vary wildly), that the CNN isn’t perfect.

“This model is a general purpose reference model, which can be used for the preliminary filtering of pornographic images,” a post on the Yahoo Engineering Tumblr says. “We do not provide guarantees of accuracy of output, rather, we make this available for developers to explore and enhance as an open source project.” The code is available on Github at the moment, and if you need any testing material, well, there isn’t exactly a shortage of it on Tumblr. Just ask Indonesia.

Jahshaka VR alpha release

We have finally managed to release the alpha version of the Jahshaka VR authoring toolkit under the GPL and wanted to invite people to jump in, look at the code and help out. We have been working on it for 6 months now and its starting to stabilize.

Events

• The Linux Foundation Announces Session Lineup for ApacheCon(TM) Europe

• OpenShift Commons Gathering event preview

  We’re just two months out from the OpenShift Commons Gathering coming up on November 7, 2016 in Seattle, Washington, co-located with KubeCon and CloudNativeCon.

  OpenShift Origin is a distribution of Kubernetes optimized for continuous application development and multi-tenant deployment. Origin adds developer and operations-centric tools on top of Kubernetes to enable rapid application development, easy deployment and scaling, and long-term lifecycle maintenance for small and large teams. And we’re excited to say, the 1.3 GA release of OpenShift Origin, which includes Kubernetes 1.3, is out the door! Hear more about the release from Lead Architect for OpenShift Origin, Clayton Coleman.

Web Browsers

• Mozilla

  • Firefox ready to block certificate authority that threatened Web security

    The organization that develops Firefox has recommended the browser block digital credentials issued by a China-based certificate authority for 12 months after discovering it cut corners that undermine the entire transport layer security system that encrypts and authenticates websites.

    The browser-trusted WoSign authority intentionally back-dated certificates it has issued over the past nine months to avoid an industry-mandated ban on the use of the SHA-1 hashing algorithm, Mozilla officials charged in a report published Monday. SHA-1-based signatures were barred at the beginning of the year because of industry consensus they are unacceptably susceptible to cryptographic collision attacks that can create counterfeit credentials. To satisfy customers who experienced difficulty retiring the old hashing function, WoSign continued to use it anyway and concealed the use by dating certificates prior to the first of this year, Mozilla officials said. They also accused WoSign of improperly concealing its acquisition of Israeli certificate authority StartCom, which was used to issue at least one of the improperly issued certificates.

    “Taking into account all the issues listed above, Mozilla’s CA team has lost confidence in the ability of WoSign/StartCom to faithfully and competently discharge the functions of a CA,” Monday’s report stated. “Therefore we propose that, starting on a date to be determined in the near future, Mozilla products will no longer trust newly issued certificates issued by either of these two CA brands.”

  • Firefox gains serious speed and reliability and loses some bloat

    There’s no way around it. Firefox has struggled. As of this writing, Firefox 47 is the top of the Firefox market share heap at a scant 3.14 %. Given that Chrome 52 holds 23.96 % and IE 11 holds 17.74 %, the chances of Firefox displacing either, anytime soon, is slim. If you scroll way down on the browser market share listing, you’ll notice Firefox 49 (the latest release) is at .19 %. Considering 49 is the stable release candidate that was only recently unleashed, that is understandable (to a point).

    Thing is, Firefox 49 is a really, really good browser. But is it good enough to give the open source browser any significant gains in the realm of market share? Let’s take a look at what the Mozilla developers have brought to the fore with the latest release of their flagship browser and see how much hope it holds for the future of the software that was once leader among its peers.

  • Mozilla’s Project Mortar Wants Pepper API Flash & PDFium In Firefox

    This week word of Mozilla’s “Project Mortar” surfaced, which aims to explore the possibility of bringing the PDFium library and Pepper API based Flash plugin into Firefox. This project is being led by various Mozilla engineers.

    Mozilla is so far developing Project Mortar in private while they plan to open it up in the future.

SaaS/Back End

• What’s Happening in OpenStack-Ansible (WHOA) – September 2016

  Welcome to the fourth post in the series of What’s Happening in OpenStack-Ansible (WHOA) posts that I’m assembling each month. OpenStack-Ansible is a flexible framework for deploying enterprise-grade OpenStack clouds. In fact, I use OpenStack-Ansible to deploy the OpenStack cloud underneath the virtual machine that runs this blog!

Pseudo-Open Source (Openwashing)

• Top Microsoft Open Source Projects You Must Know [Ed: when this site isn’t just plagiarising legit news sites it actually engages in Microsoft openwashing and promotion]

• Circulate on Fridays: Open source self-driving cars, portable solar panels and more!

BSD

• Next Tech Book

  Instead, I’m starting a book on OpenBSD’s web stack.

FSF/FSFE/GNU/SFLC

• ​For lessons on digital swaraj, Gandhi is an open source

  Gandhi engaged with the copyright law to subvert the economics he disagreed with, and to infuse it with values close to his heart, wrote a US law professor in a 2013 paper titled ‘Gandhi and Copyright Pragmatism’. “Toward the later part of his life, he also came to deploy copyright law to curtail market-based exploitation when he could. In many ways then, Gandhi’s approach did with copyright law what open source licensing and the Creative Commons Project would begin doing with copyright in the 21st century,” wrote Shyamkrishna Balganesh of University of Pennsylvania Law School.

  Now, consider the life and work of Richard M Stallman (callsign RMS in the geek-verse). A champion of the movement for Free and Open Source Software (FOSS), he is more commonly known as the pioneer of ‘Copyleft’. “If you want to accomplish something in the world,” says his Wikiquote page, “idealism is not enough — you need to choose a method that works to achieve the goal. In other words, you need to be pragmatic.” RMS was among the first to call for a free online encyclopaedia. Wikipedia, no surprise, is governed by Creative Commons licensing.

• GNU project- the free software movement turns 33

  On September 27, 1983 he had announced the launch of GNU, which was a free software replacement for UNIX.

Openness/Sharing/Collaboration

• A $5 Linux server, open source software in China, and more news

The makers of the video game “No Man’s Sky” are under investigation for false advertising

No Man’s Sky was billed as a revolutionary video game—one that contained such multitudes of programmatically generated planets and animals that the developers said even they weren’t sure what players would find in its vast universe.

Science

• Sexual harassment in STEM: ‘It’s tragic for society’

  These are the experiences of three women who spoke to CNN about a culture of pervasive sexual harassment in academia, especially in the sciences. They were harassed by different men, throughout different parts of their education and careers.
  “We see it in anthropology, we see it in philosophy, we see it in physics, we see it in the humanities, we see it in the social sciences. We see it in engineering in particular. Astronomy just happened to be, sort of, first” to get attention, said Alessondra Springmann, a rocket scientist at the University of Arizona who studies asteroids and comets.
  Distinguished scientists in the field of astronomy have been making headlines for harassing students they are supposed to be advising.
  And it’s happening at the same time as a nationwide push to get more American women into science careers. Young girls are increasingly encouraged to embrace STEM — the acronym for science, technology, engineering and mathematics — in elementary and middle school.

• 9 Bizarre and Surprising Insights from Data Science

  Data is the world’s most potent, flourishing unnatural resource. Accumulated in large part as the byproduct of routine tasks, it is the unsalted, flavorless residue deposited en masse as organizations churn away. Surprise! This heap of refuse is inherently predictive. Thus begins a gold rush to dig up insightful gems.

  Does crime increase after a sporting event? Do online daters more consistently rated as attractive receive less interest? Do vegetarians miss fewer flights? Does your e-mail address reveal your intentions?

Health/Nutrition

• Clinical Trial Reporting Biased; Full Disclosure, Transparency Needed, Speakers Say

  A conference on clinical drug trials held today shed a harsh light on the availability and honesty of clinical trial reports. Many factors concur to possible distortion of results, speakers said, calling for more stringent obligations to provide all data for analysis. They also noted legislative efforts to tackle the issue. Speakers also pointed out a growing trend for pharmaceutical companies to conduct clinical trials in developing countries.

• Developing Countries Should Be Able To Shield Their Markets From Cheap Food Imports, Panel Says

  On the first day of the World Trade Organization Public Forum, which took place from 27-29 September, a panel organised by Our World Is Not for Sale (OWINFS), and The Right to Food campaign, looked at ways to reduce hunger and achieving the right to food in Africa, Asia, and the Middle East. In particular, the panel considered the possibility of developing countries investing in domestic production for food security.

• DEA has kratom users holding their breath, lawmakers write more letters

  Starting today, the US Drug Enforcement Administration is free to list a popular herbal supplement called kratom as a Schedule I controlled substance. This would put kratom in the same lineup as heroin and make its sale and use a felony. But, in statements to the press, the agency said it has no timetable for officially listing kratom—it could be next week or longer—leaving users on the edge of their seats.

  Since the DEA announced its plan to ban kratom at the end of last month, thousands of users have frantically sought to reverse the decision, as well as buy up as much of the drug as they can. Users claim kratom, or Mitragyna speciosa, a tree in the coffee family, is effective at treating chronic pain, as well as depression, anxiety, PTSD, and other ailments. The main active ingredients in kratom are mitragynine and 7-hydroxymitragynine, which can interact with opioid receptors in the brain. While the data to back up medical use of the plant is scant, users are adamant that it’s a lifesaver, allowing them to kick deadly and all-too-common opioid addictions.

Security

• Report: Linux security must be upgraded to protect future tech

  The summit was used to expose a number of flaws in Linux’s design that make it increasingly unsuitable to power modern devices. Linux is the operating system that runs most of the modern world. It is behind everything from web servers and supercomputers to mobile phones. Increasingly, it’s also being used to run connected Internet of Things (IoT) devices, including products like cars and intelligent robots.

• security things in Linux v4.6

  Hector Marco-Gisbert removed a long-standing limitation to mmap ASLR on 32-bit x86, where setting an unlimited stack (e.g. “ulimit -s unlimited“) would turn off mmap ASLR (which provided a way to bypass ASLR when executing setuid processes). Given that ASLR entropy can now be controlled directly (see the v4.5 post), and that the cases where this created an actual problem are very rare, means that if a system sees collisions between unlimited stack and mmap ASLR, they can just adjust the 32-bit ASLR entropy instead.

• Let’s Encrypt Wants to Help Improve the CA Model

  Let’s Encrypt, a non-profit effort that brings free SSL/TLS certificates to the web, was first announced in November 2014 and became a Linux Foundation Collaborative Project in April 2015. To date, it has provided more than 5 million free certificates.

  While having an SSL/TLS certificate to encrypt traffic is an important element of web security, it’s not the only one, said Josh Aas, executive director of the Internet Security Research Group and leader of Let’s Encrypt.

  “There is a lot in the total picture of what makes a website secure, and we can do a lot to help a certain part of it,” he said in a video interview.

• How to Throw a Tantrum in One Blog Post

  The systemd team has recently patched a local denial of service vulnerability affecting the notification socket, which is designed to be used for daemons to report their lifecycle and health information. Some people have used this as an opportunity to throw a fresh tantrum about systemd.

Defence/Aggression

• Rodrigo Duterte compares himself to Hitler and pledges to ‘slaughter three million drug addicts’

  The Philippine President has likened his national crackdown on drug crime to the Holocaust, saying he would be “happy” to kill as many addicts as Hitler slaughtered Jews.

  Rodrigo Duterte said he had been compared to a “cousin of Hitler” by critics during a press conference in southern Davao city on Friday. “Hitler massacred three million Jews… there’s three million drug addicts. I’d be happy to slaughter them,” he said.

  At least six million Jews and other minority groups are known to have been killed by the Nazis before and during the second world war.

  Since taking up office in June, Mr Duterte has overseen a vicious anti-drug campaign in which more than 3,000 suspected drug dealers and users are understood to have been killed by police operations or vigilantes. The bodies of those killed are often left in the streets with signs listing their crimes.

Finance

• Panic, Anxiety Spark Rush to Build Luxury Bunkers for L.A.’s Superrich

  Given the increased frequency of terrorist bombings and mass shootings and an under-lying sense of havoc fed by divisive election politics, it’s no surprise that home security is going over the top and hitting luxurious new heights. Or, rather, new lows, as the average depth of a new breed of safe haven that occupies thousands of square feet is 10 feet under or more. Those who can afford to pull out all the stops for so-called self-preservation are doing so — in a fashion that goes way beyond the submerged corrugated metal units adopted by reality show “preppers” — to prepare for anything from nuclear bombings to drastic climate-change events. Gary Lynch, GM at Rising S Bunkers, a Texas-based company that specializes in underground bunkers and services scores of Los Angeles residences, says that sales at the most upscale end of the market — mainly to actors, pro athletes and politicians (who require signed NDAs) — have increased 700 percent this year compared with 2015, and overall sales have risen 150 percent. “Any time there is a turbulent political landscape, we see a spike in our sales. Given this election is as turbulent as it is, we are gearing up for an even bigger spike,” says marketing director Brad Roberson of sales of bunkers that start at $39,000 and can run $8.35 million or more (FYI, a 12-stall horse shelter is $98,500).

AstroTurf/Lobbying/Politics

• USA TODAY’s Editorial Board: Trump is ‘unfit for the presidency’

  In the 34-year history of USA TODAY, the Editorial Board has never taken sides in the presidential race. Instead, we’ve expressed opinions about the major issues and haven’t presumed to tell our readers, who have a variety of priorities and values, which choice is best for them. Because every presidential race is different, we revisit our no-endorsement policy every four years. We’ve never seen reason to alter our approach. Until now.

  This year, the choice isn’t between two capable major party nominees who happen to have significant ideological differences. This year, one of the candidates — Republican nominee Donald Trump — is, by unanimous consensus of the Editorial Board, unfit for the presidency.

  From the day he declared his candidacy 15 months ago through this week’s first presidential debate, Trump has demonstrated repeatedly that he lacks the temperament, knowledge, steadiness and honesty that America needs from its presidents.

  Whether through indifference or ignorance, Trump has betrayed fundamental commitments made by all presidents since the end of World War II. These commitments include unwavering support for NATO allies, steadfast opposition to Russian aggression, and the absolute certainty that the United States will make good on its debts. He has expressed troubling admiration for authoritarian leaders and scant regard for constitutional protections.

• A principled option for U.S. president: Endorsing Gary Johnson, Libertarian

  As Nov. 8 looms, a dismayed, disconsolate America waits and wonders: What is it about 2016?

  How has our country fallen so inescapably into political and policy gridlock? How did pandering to aggrieved niche groups and seducing blocs of angry voters replace working toward solutions as the coin of our governing class? How could the Democratic and Republican parties stagger so far from this nation’s political mainstream?

  And the most pressing question: What should tens of millions of voters who yearn for answers do with two major-party candidates they disdain? Polls show an unprecedented number of people saying they wish they had another choice.

• Jill Stein Eagerly Pointed Out All The Holes In The First Debate

  After being escorted away from Hofstra University ahead of the first presidential debate on Monday, Green party candidate Jill Stein took to Twitter to share her views as the two major party candidates faced off. Stein fell far short of the Commission on Presidential Debate’s requirement that candidates must be polling at 15 percent or more to earn a spot on the stage — Stein was averaging 3.2 percent, according to the commission. But still, she jumped on the opportunity to have her policies lined up next to Hillary Clinton’s and Donald Trump’s. Ultimately, Stein’s tweets made me wish she had debated on the main stage to present her extremely progressive politics.

  Stein’s policies skew much farther left than those of Clinton or Trump on nearly every issue — and even farther left than many of Vermont Sen. Bernie Sanders’ proposals. Given the impact that Sanders arguably had on Clinton’s positions throughout the primaries, it would have been interesting to see if Stein’s presence on the debate stage exerted a leftward pull on not only Clinton, but Trump as well. But more importantly, it would have been a service to the viewing public to hear from someone other than the major-party candidates, with whom the electorate is not thrilled.

• Poll: Desire for major third party grows

  Most Americans say that the country needs a third major political party according to a Gallup poll released Thursday.

  Fifty-seven percent say that the two major parties aren’t enough to represent the country’s voters.

  The majority opinion represents an increase from recent elections. In 2012, some 46 percent said a third party was needed.

  Those who currently want to see another major party include 73 percent of independents, 51 percent of Republicans and 43 percent of Democrats.

• Ukip denies that Farage is coaching Donald Trump for next debate

  Ukip has denied reports that Nigel Farage has flown to the US to coach the Republican presidential nominee, Donald Trump, for his next debate with Hillary Clinton.

  Farage hinted in his farewell speech at Ukip’s conference last month that he might return to Trump’s side following an appearance with the Republican candidate in August, saying: “Who knows, I may even go back to the United States of America at some point.” Ukip sources at the conference also confirmed Farage would travel to the US to help support Trump before the election.

• Leaked Tape Exposes Hillary Mocking Bernie’s Supporters in Front of Big Donors

  The Democratic nominee said that Bernie’s supporters believed in a fictional world and are “living in their parents’ basement” hoping the United States becomes “Scandinavia, whatever that means.”

  A leaked audio recording of Hillary Clinton from a high-dollar fundraiser in February shows the Democratic nominee mocking not just progressive firebrand Bernie Sanders, but also the cadre of young supporters who favored the insurgent candidacy of the Vermont Senator, a revelation that is bound to have damning ramifications for Clinton’s campaign.

Censorship/Free Speech

• [Older] Facebook thanks Norway PM after censorship row [Ed: publicity stunt after an ugly act of revisionism by censorship]

  After a protracted debate on censorship and Facebook’s outsized role in today’s media world, the social media giant has thanked Prime Minister Erna Solberg for raising “important issues”.
  Facebook restored a post by Solberg which it had taken down over an iconic Vietnam War photo of a naked girl escaping a napalm bombing. The world’s leading social network later backtracked on the decision to remove the PM’s post, which is believed to be the first such online censorship involving a government leader.

• Evidence of Feared Israel-Led Censorship as Zuckerberg Facebook Bans Palestinian Editors

• To Stage Or Not To Stage: Theatre Censorship in India

  In December 1872, the Calcutta National Theatrical Society staged Nil Darpan, a play written by Dinabandhu Mitra, that exposed the atrocities committed by British indigo planters on Indian farmers. While the play received glowing reviews in most newspapers with nationalistic leanings, it was expectedly criticised by the British press. There was a demand that the play be banned. Other plays followed, criticising and making fun of the white rulers. Finally, in 1876, came the Dramatic Performances Act, putting restrictions on the public performance of plays.

  Cut to 2016. Nearly seven decades after the country’s independence from British rule, actor-director Amol Palekar moved the Mumbai high court in September, challenging rules framed under provisions of the Bombay Police Act, 1951, which make pre-censorship of drama scripts mandatory by the Maharashtra State Performance Scrutiny Board. In his petition, Palekar said the rules framed under the provisions of the Act were arbitrary and violated citizens’ fundamental right to freedom of expression, guaranteed under the Constitution. However, on September 26, the state government told the Bombay High Court that in March this year, the then commissioner of police had repealed the rule which required prior scrutiny of theatre scripts. Palekar has not replied to HT’s email requesting an interview. Repeated calls to advocate Sugandh Deshmukh, who is representing him in court, also went unanswered. But veteran theatre personality Alyque Padamsee who had filed an affidavit in support of Palekar’s petition said he is not surprised by the court proceedings. “It is the way bureaucracy works,” he says.

• Your right to read trumps censorship

  “I Know Why the Caged Bird Sings.” “To Kill a Mockingbird.” “Harry Potter and the Sorcerer’s Stone.”

  Three very different books that share a common thread.

  Each year, individuals across the country take it upon themselves to decide what books you should and should not read. These are three that apparently you should not.

  Yes, censorship and attempts at censorship are alive and well in 2016. In most instances, the censor is someone who is sincerely concerned about a societal issue and feels strongly that censoring a book, magazine, film or artwork will improve society, protect children, and restore their idea of moral values.

  However, the First Amendment to the United States Constitution gives each of us the right to read, view and listen to things that others might find offensive. No one, no matter how well-intentioned, can take away that right.

• Recreation of removed art echoes 40-year-old accusations of censorship

  A piece of public art is set to be erected in the Plateau next week, 40 years after its predecessor was torn down amid accusations of censorship towards city hall – accusations being echoed towards the current mayor.

  A reclining cross, designed by artists Pierre Ayot, once sat at the corner of Park and Pine, but it didn’t last long.

  Longtime resident Michael Hendricks remembered how in 1976, just before Montreal would host the Olympic Games, then-Mayor Jean Drapeau ordered 16 large works of art torn down.

  “For us, it was a shock,” he said. “It was so beautiful.”

  “It was done in the night, a sneaky dirty trick and that was the end of it,” he added. “The artists weren’t respected, nobody was respected.”

  At the time, Drapeau called the artworks “indecent” because some of them criticized overspending on the Olympics.

• Racist social media users have a new code to avoid censorship

  Racist online communities have developed a new code for racial, homophobic and bigoted slurs in an attempt avoid censorship, according to an online report from Buzzfeed News.

  The code, using terms like Google, Skittle, and Yahoo as substitutes for offensive words describing blacks, Muslims and Mexicans, appears to be in use by various accounts on Twitter and elsewhere. Many tweets using the code are doing so in support of Republican Presidential nominee Donald Trump.

Privacy/Surveillance

• The U.S. presidential candidates on technology, privacy issues

  Stein: “End-to-end encryption should be an internet standard, just like SSL for financial transactions.”

• ‘Shadow Brokers’ Whine That Nobody Is Buying Their Hacked NSA Files

  The hacking group responsible for stealing a large cache of National Security Agency hacking tools is very upset that no one seems to be bidding on their pilfered files.

  Early Saturday morning, the person or group which calls itself “TheShadowBrokers” authored another bizarre rant, expressing their annoyance at the seeming lack of interest in ponying up bitcoins to release the full set of stolen files.

• Hackers Angry That People Don’t Want To Pay For The NSA Tools They Stole

• Spotify’s 40 Million Tunes Won’t Go Far With CD-Happy Japanese [Ed: music that spies on the listeners]

  On a recent muggy afternoon in Tokyo, 21-year old Shintaro Naganuma joined several hundred customers browsing CDs at the eight-story downtown outpost of music retail chain Tsutaya.

  Having discovered a couple of new rock artists on YouTube, the third-year university student hit Tsutaya Co.’s flagship store in trendy Shibuya to look up their albums. That process encapsulates the dilemma now facing Spotify Ltd.’s head Daniel Ek, who on Thursday presided over the music streaming service’s long-awaited entry into the world’s second-largest music market.

  On the one hand, the nation’s consumers have grown accustomed to finding music or listening casually through smartphones, which should help the Swedish company attract users for its free ad-supported version. But when it comes time to hand over the cash, most people in Japan continue to buy CDs and even vinyl. That’s largely because record labels remain wary of signing away their music to streaming services.

• The US government can’t protect its dirtiest laundry, so what makes anyone think a government is capable and willing to protect data about you?

  Governments collect insane amounts of data about ordinary people, and officials get caught red-handed again and again using governmental surveillance networks to stalk private relations. It’s been the NSA, it’s been the FBI, and now it’s the police abusing collected data. The U.S. government has shown it can’t even protect its own dirtiest laundry, so what makes anyone think any government is willing and capable of protecting the data of a random citizen?

  Yesterday, there was yet another story breaking about abuse of surveillance, as police was discovered abusing law enforcement surveillance to spy on basically anybody they were personally interested in. It’s not the first story and it won’t be the last.

• Networks of Control by Wolfie Christl and Sarah Spiekermann

  The collection, analysis and utilization of digital information based on our clicks, swipes, likes, purchases, movements, behaviors and interests are now part of everyday life. But, while individuals become increasingly transparent, companies take control of the recorded data. Wolfie Christl and Sarah Spiekermann show in their book “NETWORKS OF CONTROL” how today’s networks of corporate surveillance are constantly tracking, profiling, categorizing and rating the lives of billions – across platforms, devices and life contexts.

• On Phone Numbers and Identity

  Coinbase sees a lot of motivated attackers, it’s one of the things that makes working in security at Coinbase so interesting. I want to deep dive into one recent attack for a few reasons: 1) when we share we all get stronger; 2) It was a really interesting way to end-run around a lot of traditional security protections and highlights, the extent of which personal and corporate systems are linked; 3) we found very little in the way of public discussion around this set of attack vectors and want to help move it from ‘theoretical’ to ‘this really happens’. To be crystal clear, I’m happy to say, no customer data or funds were lost or at risk of loss.

  Rewind back to 25 Aug. It’s around 9 AM when one of our high profile employees wrote in to our on call security engineer. The user said that something weird was happening with his phone.

• GCHQ gave private Dutch data to Australian firm: report

  The private conversations of thousands of Dutch citizens have ended up in the hands of the Australian technology company Appen which develops software for converting speech into text.

  A report in the Dutch online site Volkskrant said telecommunications experts had opined that the only way this could have happened was by the British spy agency GCHQ tapping the information and then handing it over to Appen.

  Both Appen and GCHQ have been contacted for comment.

  According to Volkskrant, the matter came to light through a Dutch woman who had been employed by Appen in the UK. The company has four main offices: in Sydney, Seattle, San Rafael (California) and Davao City (the Philippines).

Civil Rights/Policing

• Women competitors must wear hijabs at chess world championship, oddly awarded to Iran

  If you thought soccer’s world cup being awarded to baking-hot Qatar marked the zenith of sporting corruption, give FIDE a chance: the international chess federation’s forthcoming world championship is headed to Iran, and women players must wear the hijab to compete. UK tabloids quote leading women chess players as threatening to quit the tournament rather than obey.

• Female chess players from around world outraged after being told to wear hijabs at tournament in Tehran

  The world’s top female chess players have reportedly been told they must wear hijabs if they wish to compete in next year’s world championships.

  The next Women’s World Championships are due to be held in Tehran, Iran in March 2017 but several Grandmasters have threatened to boycott the tournament if female players are forced to conform to the country’s strict clothing laws.

  Iran, which has been welcomed back into the diplomatic fold after signing a nuclear deal with the US and several other countries last year, is a theocratic country which strictly polices how women dress, behave and where they go.

• Justice Watchdog Rips D.E.A.’s Use of Confidential Sources

  The Drug Enforcement Administration is running a freewheeling confidential sources program that leaves the agency vulnerable to fraud and constitutional abuses, according to an audit by the Department of Justice’s Inspector General (OIG).

  While DEA officials boast that the use of informants is the “bread and butter” of their enforcement, the agency does not adequately oversee their activities. Nor does it sufficiently track the payments made to them, the investigation found.

  The lack of oversight, according to the report: “exposes the agency to an unacceptably increased potential for fraud, waste, and abuse, particularly given the frequency with which DEA offices utilize and pay confidential sources.”

  Over the last five years, the DEA has employed more than 18,000 sources, paying them roughly $237 million. The inspector general stated, however, that the agency is unable to analyze the quality of information they provide.

• Ex-drug squad chief gets three-year prison sentence

  Former head of the Helsinki Police anti-drug unit, Jari Aarnio, was handed a three-year unconditional prison sentence in Helsinki Appeal Court on Friday after being convicted of charges including malfeasance, fraud and accepting bribes.

• Saudi Arabian teen arrested for online videos with American blogger

  A male Saudi Arabian teenager has been arrested in Riyadh over a series of online videos of conversations between him and a female Californian streaming-video star that went viral.

  A Riyadh police spokesperson, Colonel Fawaz Al-Mayman, said the teenager, known online as Abu Sin, was arrested on Sunday for engaging in “unethical behaviour” in videos with Christina Crockett, a popular broadcaster on the conversational live-streaming site YouNow. Abu Sin’s real name is not known.

  “His videos received many comments and many of the commenters of the general public demanded for him to be punished for his actions,” Al-Maymann added, according to the Saudi Gazette.

  The two amassed thousands of fans on the YouNow network, and later on YouTube after videos of the two speaking were uploaded there. The videos featured Abu Sin – a nickname given to him for his broken teeth – and Crockett communicating despite their significant language barriers.

  The popularity of the videos of the two of them surprised Crockett, she told the Guardian in an interview. As a broadcaster on YouNow, she can invite her fans to join her broadcasts on split-screen, which is known as “guesting”.

• Kodi boxes are now a key target in the UK government’s piracy crackdown

  Kodi boxes and other devices which can be configured to enable the streaming of pirated content are to become key targets in a UK government intellectual property crime crackdown.

  Revealing the extent to which so-called “fully-loaded” Kodi boxes are being used to circumvent copy protection laws, the Federation Against Copyright Theft (FACT) has stated that half of its investigations currently centre around streaming devices using third party piracy software or add-ons.

  Set top boxes are of course legal, and the open-source Kodi software in its vanilla configuration is a harmless media centre. But, Kodi can be tweaked to facilitate the illegal streaming of premium content, ranging from current cinema releases to streams of cable TV channels.

Internet Policy/Net Neutrality

• Last Formal Tie To Historic US Internet Control Is Cut

  “The federal court in Galveston, Texas denied the plaintiffs’ application for declaratory and injunctive relief. As of 1 October 2016, the IANA functions contract has expired.” This two-sentence statement from Assistant US Commerce Secretary for Communications and Information and National Telecommunication and Information Administration Administrator Lawrence Strickling ended an era of direct United States oversight over changes to the authoritative root zone of the internet domain name system, and as a contractor for a set of core internet databases.

Intellectual Monopolies

• Copyrights

  • J.J. Abrams Can’t Stop Copyright Lawsuit Against Star Trek Fan-Film

    Paramount Pictures and CBS Studios have no plans to end their lawsuit against the crowdfunded Star Trek spin-off ‘Prelude to Axanar’. Director J. J. Abrams previously announced that the case would be dropped soon. However, paperwork filed in court this week reveals that the movie studios dismiss this claim as an irrelevant third party statement.

  • RIAA Label Artists & A-List Stars Endorse Megaupload In New Song

    MegaUpload is currently being portrayed by the MPAA and RIAA as one of the world’s leading rogue sites. But top music stars including P Diddy, Will.i.am, Alicia Keys, Snoop Dogg and Kanye West disagree and are giving the site their full support in a brand new song. TorrentFreak caught up with the elusive founder of MegaUpload, Kim Dotcom, who shrugged off “this rogue nonsense” and told us he wants content owners to get paid.

  • ‘When Is A Chair Just A Chair?’ And Other Annoying Copyright Questions

    Last year, the UK decided to repeal a part of its copyright law that enforced a drastically reduced copyright term for “industrially exploited artistic works” including “works of artistic craftsmanship” — in other words, the industrial design of manufactured objects that are primarily functional, like appliances and furniture. Rather than the full life-plus-seventy term, the copyright on such works was limited to 25 years from the date of manufacturing, making it somewhat closer to the US approach where functional designs can’t be copyrighted but can qualify for 15-year design patents. It was a sensible rule (at least far more sensible than giving them full copyright, even if giving them any at all is still questionable) that allowed industrial designs to rapidly enter the public domain and be used by multiple manufacturers for everything from inexpensive reproductions to retro-chic luxuries — or, in the eyes of IP maximalists and the furniture industry, it was a travesty of a rule that cruelly robbed aging designers and flooded the market with cheap knockoffs and brazen cash-grabs.

    In any case, the rule was repealed and it was repealed retroactively: furniture designs that had already entered the public domain were shoved back under life-plus-seventy copyrights, and the industry was given a grace period to purge their stocks. The repeal officially came into effect in July, and the transitional window will end in January. Then we can watch the lawsuits begin to flow — and they are going to involve a whole lot of wrangling over stupid, highly subjective questions, with lots of flowery protestations about artistry and judges thrust unwittingly into the role of critic, because the question of what exactly this law applies to is one big gray area.

• Distributions
• Devices/Embedded

Desktop

• Linux Unable To Boot Lenovo Yoga 900 & 900; Is Microsoft At Fault?

  The popular device developer Lenovo has verified the claims that Lenovo Yoga 900 and 900s unable to boot Linux OS but only Microsoft Windows 10. The new Lenovo convertible laptop, Lenovo Yoga 900 and 900s, would reject and decline any attempt to install Linux operating system, making users turn their heads to Microsoft as the suspect for this issue.

  [...]

  This issue about the OS started when an identity of BaronHK posted on Reddit about installing Linux on the latest Lenovo Yoga book in which BaronHK encountered being blocked by a locked solid state drive (SSD) which Linux cannot define itself, and come up to link the issue to Microsoft.

Server

• Why Good Linux Sysadmins Use Markdown

  The Markdown markup language is perfect for writing system administrator documentation: it is lightweight, versatile, and easy to learn, so you spend your time writing instead of fighting with formatting.

  The life of a Linux system administrator is complex and varied, and you know that documenting your work is a big time-saver. A documentation web server shared by you and your colleagues is a wonderful productivity tool. Most of us know simple HTML, and can whack up a web page as easily as writing plain text. But using Markdown is better.

• How to Effectively and Efficiently Edit Configuration Files in Linux

  Every Linux administrator has to eventually (and manually) edit a configuration file. Whether you are setting up a web server, configuring a service to connect to a database, tweaking a bash script, or troubleshooting a network connection, you cannot avoid a dive deep into the heart of one or more configuration files. To some, the prospect of manually editing configuration files is akin to a nightmare. Wading through what seems like countless lines of options and comments can put you on the fast track for hair and sanity loss.

  Which, of course, isn’t true. In fact, most Linux administrators enjoy a good debugging or configuration challenge. Sifting through the minutiae of how a server or software functions is a great way to pass time. But this process doesn’t have to be an exercise in ineffective inefficiency. In fact, tools are available to you that go a very long way to make the editing of config files much, much easier. I’m going to introduce you to a few such tools, to ease some of the burden of your Linux admin duties. I’ll first discuss the command-line tools that are invaluable to the task of making configuration more efficient.

Kernel Space

• Linux 4.7.6

  I’m announcing the release of the 4.7.6 kernel.

  All users of the 4.7 kernel series must upgrade.

• Linux 4.4.23

• Linux Kernel 4.7.6 Is Out with MIPS and OCFS2 Improvements, Updated Drivers

  Today, September 30, 2016, renowned Linux kernel developer Greg Kroah-Hartman announced the release of the sixth maintenance update to the latest stable Linux 4.7 kernel series.

  Linux kernel 4.7.6 comes only five days after the release of the previous maintenance version, Linux kernel 4.7.5, and, according to the appended shortlog and the diff from the last update, it changes a total of 76 files, with 539 insertions and 455 deletions. In summary, it updates multiple drivers, adds improvements to various filesystems and hardware architectures, and improves the networking stack.

• Linux Kernel 4.4.23 LTS Has ARM and MIPS Improvements, Updated Filesystems, More

  Immediately after announcing the release of Linux kernel 4.7.6, Greg Kroah-Hartman proudly informed the community about the general availability of the Linux 4.4.23 LTS kernel.

  The Linux 4.4 kernel is a long-term supported branch, the latest and most advanced one, used in many stable and reliable GNU/Linux operating systems, including Ubuntu 16.04 LTS (Xenial Xerus) and Alpine Linux 3.4. Therefore, it is imperative for it to receive regular updates that bring fixes to the most important issues, as well as other general improvements.

• From NFS to LizardFS

  If you’ve been following me for a while, you’ll know that we started our data servers out using NFS on ext4 mirrored over DRBD, hit some load problems, switched to btrfs, hit load problems again, tried a hacky workaround, ran into problems, dropped DRBD for glusterfs, had a major disaster, switched back to NFS on ext4 mirrored over DRBD, hit more load problems, and finally dropped DRBD for ZFS.

• IBM’s Ginni Rometty Tells Bankers Not To Rest On Their Digital Laurels

• BUS1, The Successor To KDBUS, Formally Unveiled — Aiming For Mainline Linux Kernel

  BUS1 has been in development as an in-kernel IPC mechanism building off the failed KDBUS project. An “RFC” will soon be sent out to Linux kernel developers about BUS1 and the subject will be discussed at next month’s Kernel Summit.

  David Herrmann, one of the BUS1 developers, presented at this week’s systemd.conf conference about the new capability-based IPC for Linux. He talked about how BUS1 is superior to KDBUS, how BUS1 is similar to Android’s Binder, Chrome’s Mojo, Solaris’ Doors, and other common IPC implementations.

• A New Wireless Daemon Is In Development To Potentially Replace wpa_supplicant

  In addition to the BUS1 presentation, also exciting from the systemd.conf 2016 conference is a thorough walkthrough of a new wireless daemon for Linux being developed by Intel’s Open-Source Technology Center.

  Intel has been developing a new wireless daemon for Linux to potentially replace wpa_supplicant. This new daemon isn’t yet public but the code repositories for it will be opened up in the next few weeks. This new daemon has improvements around persistency, WiFi management, reduced abstractions for different operating systems and legacy interfaces, and changes to operation. This daemon is designed to be very lightweight and work well for embedded Linux use-cases especially, including IoT applications.

• Graphics Stack

  • Libinput X.Org Driver Updated For X.Org Server 1.19

    Peter Hutterer has announced the release of a new version of xf86-input-libinput, the X.Org DDX driver that makes use of libinput for input handling on the X.Org Server.

  • xf86-input-libinput 0.20.0

    Most important fix is the use of input_lock() instead of the old SIGIO stuff to handle the input thread in server 1.19.

  • Mesa 13.0 Planning For Release At End Of October, Might Include RADV Vulkan

    Following the mailing list talk over the past two days about doing the next Mesa release, plans are being discussed for releasing at the end of October and it might have just got a whole lot more exciting.

    Emil Velikov, Collabora developer and Mesa release manager for the past several release series, has commented on that previously discussed mailing list thread. He mentioned he was secretly waiting in hopes of seeing the RADV Radeon Vulkan driver merged for this next release! He said he’d even be willing to see it merged even if it’s “not perfect/feature complete.”

• Benchmarks

  • FreeBSD 11.0 Comes Up Short In Ubuntu 16.04 vs. macOS Sierra Benchmarks

    Yesterday I published some macOS 10.2 vs. Ubuntu 16.04 LTS benchmarks from a Mac Mini and MacBook Air systems. For those curious if BSDs can outperform macOS Sierra on Apple hardware, I tested the MacBook Air with FreeBSD 11.0 compared to the Linux and macOS results on that Core i5 system. Here are those results.

  • Early Benchmarks Of The Linux 4.9 DRM-Next Radeon/AMDGPU Drivers

    While Linux 4.9 will not officially open for development until next week, the DRM-Next code is ready to roll with all major feature work having been committed by the different open-source Direct Rendering Manager drivers. In this article is some preliminary testing of this DRM-Next code as of 29 September when testing various AMD GPUs with the Radeon and AMDGPU DRM drivers.

    Linux 4.9 does bring compile-time-offered experimental support for the AMD Southern Islands GCN 1.0 hardware on AMDGPU, but that isn’t the focus of this article. A follow-up comparison is being done with GCN 1.0/1.1 experimental support enabled to see the Radeon vs. AMDGPU performance difference on that hardware. For today’s testing was a Radeon R7 370 to look at the Radeon DRM performance and for AMDGPU testing was the Radeon R9 285, R9 Fury, and RX 480. Benchmarks were done from the Linux 4.8 Git and Linux DRM-Next kernels as of 29 September.

  • How Ubuntu 16.10 Beta 2 Performance Compares To Some Other Linux Distros

    The final Ubuntu 16.10 Beta for “Yakkety Yak” was released this week and we found its performance doesn’t differ much from Ubuntu 16.04 LTS (with the exception of the newer graphics stack) while here are some results comparing it to other modern Linux distributions.

    Tested for this quick, one-page-article comparison were Ubuntu 16.04.1 LTS, Ubuntu 16.10 Beta 2, Clear Linux 10660, Fedora 24, openSUSE Tumbleweed 20160927, and the Arch-based Antergos 16.9-Rolling release.

Applications

• Tools for writing the next best seller

  I am using bibisco in conjunction with LibreOffice on my Ubuntu 16.04 Asus laptop that I converted over from Windows 7 to develop my characters, scenes, and plot. I tried Manuskript, but find that I like bibisco better, although the results are similar. For one, it gives helpful prompts.

• ownCloud Desktop Client 2.2.4 Released with Updated Dolphin Plugin, Bug Fixes

  ownCloud is still alive and kicking, and they’ve recently released a new maintenance update of the ownCloud Desktop Client, version 2.2.4, bringing some much-needed improvements and patching various annoying issues.

• Blender 2.78 Open-Source 3D Graphics Software Released with Spherical Stereo VR

  Today, September 30, 2016, the Blender Foundation is proud to release Blender 2.78, the latest stable and most advanced version of the popular, open-source, free, and cross-platform Blender 3D modelling software.

  Blender 2.78 comes six months after the release of Blender 2.77, and it’s a major update that adds numerous new features and improvements, among which we can mention rendering of spherical stereo images for VR (Virtual Reality), viewport rendering improvements, as well as brand new freehand curves drawing over surfaces.

  Moreover, the Grease Pencil received awesome improvements and it now doubles as both an animation and drawing tool, powerful new options have been added for B-Bones, it’s now possible to import and export basic operators in the Alembic support, and the Cloth Physics feature received new Simulation Speed option and Dynamic Base Mesh support.

• Blender 2.7.8 Released With Plenty of Improvements.

• Blender 2.78 Released: Works On VR Support, Adds Grease Pencil

  Blender 2.78 is now officially released to end out September for this open-source, cross-platform 3D/animation program.

  New to Blender 2.78 is spherical stereo rendering support for VR, a grease pencil for full 2D drawing and animations, viewport rendering improvements, freehand curves drawing over surfaces, bendy bones support, alembic support, new physics capabilities, and various new add-ons.

• Cacti vs Nagios vs Pandora FMS, in depth

• A Neat YouTube Subscriber Count Tracker for the Linux Terminal

• A Primer on OVN

  OVN is a virtual networking platform developed by the fine folks over at openvswitch.org. The project has been in the works for nearly two years now and is starting to mature to the point of being production ready. In this posting I’ll walk through the basics of configuring a simple layer-2 overlay network between 3 hosts. But first, a brief overview of how the system functions.

• Calibre 2.69 eBook Manager and Reader Supports Kobo Driver 4.1, Overdrive Books

  Today, September 30, 2016, Calibre developer Kovid Goyal announced the release and immediate availability for download of yet another maintenance update to the popular, free, and open source ebook library management software.

  Calibre 2.69 is now the latest and most advanced version of the application, and it comes two weeks after the release of Calibre 2.68, bringing support for firmware version 4.1 to the driver for Kobo e-book readers, along with support for Overdrive books on the device.

• Instructionals/Technical

  • [How To] See Which Terminal Commands You Use The Most

  • How to install MediaWiki on an Ubuntu 16.04 VPS

  • Perform Hot Backups of MySQL Databases with Percona XtraBackup on Ubuntu 16.04

  • Dig into DNS: Part 4

  • How to Install Nagios Server Monitoring on Ubuntu 16.04

  • What is if __name__ == ‘__main__’ ?

  • ScreenFetch – Fetch Linux System Information on Terminal with Distribution ASCII art logo

  • Blessed are the diffs: for they shall inherit the earth

  • Weechat-Tmux

• Games

  • I think ‘Particle Fleet: Emergence’ just became my new Linux gaming addiction

    I’m a big strategy game fan, I like building stuff and especially destroying stuff. I did a quick check on new Steam releases today and came across ‘Particle Fleet: Emergence’ [Official Site, Steam] and I don’t want to put it down.

  • It’s Been Three Years Since Valve Announced SteamOS, Steam Machines

    This week marks three years since Valve publicly announced Steam Machines, SteamOS, and the Steam Controller.

    The Steam Controller seems to be gaining the most traction of these three efforts. This week the Steam Controller is on sale if you are looking at picking it up for just $35 rather than $50. The Steam Controller appears to still be going strong and there have been some indications Valve may be launching a new Steam Controller in the not too distant future.

  • Just a heads up, Saints Row: The Third on Linux has broken co-op play

    The Saints Row: The Third [Steam] port from Virtual Programming looks like it could use some love, it seems the co-op play on Linux has been broken since release.

    It’s fantastic to see such games being ported, but it’s a massive shame when such big features just don’t work.

    I decided to check up on it myself and sure enough, it’s completely broken. No matter what you try, it seems it will not work.

  • ‘Sundered’, a beautiful hand­-drawn action game coming to Linux next year

    Sundered [Official Site], is a really beautiful looking hand-drawn action game from the developers of Jotun. It’s confirmed for Linux and due next year, come take a look.

  • Rotate different shapes made out of blocks into holes in ‘Security Hole’, now on Linux

    ‘Security Hole’ [Official Site, Steam] recently released for Linux and the developer sent in a key, so I took a look. It’s a bit of an odd game, you’re trying to help a virus made out of blocks fit into different shaped holes.

Desktop Environments/WMs

• K Desktop Environment/KDE SC/Qt

  • Qt 3D WIP branches

  • New Qt 3D Functionality Is Being Worked On

    Sean Harmer of KDAB is organizing work around some upcoming “major Qt 3D features” for the open-source toolkit.

    It’s not known if the next round of Qt 3D features will be ready for the Qt 5.9 tool-kit release, but KDAB is looking to have these new branches for feature work with continuous integration coverage.

• GNOME Desktop/GTK

  • GNOME Calendar App to Feature a New Sidebar, Week View & Attendees in GNOME 3.24

    GNOME developer Georges Stavracas wrote an in-depth blog post the other day to inform the GNOME, Linux, and Open Source communities about the upcoming improvements and new features coming to the GNOME Calendar apps.

    Now that some of us are already enjoying the recently released GNOME 3.22 desktop environment, the GNOME developers are hard at work to improve the GNOME apps and core components by either adding new exciting features and technologies or improving existing ones.

  • Cinnamon 3.2 in Linux Mint 18.1 Supports Vertical Panels, Better Accelerometers

    After informing the community a few days ago about the Mintbox Mini Pro PC and the upcoming improvements and new features shipping with the XApps software projects in Linux Mint 18.1, Clement Lefebvre just published the monthly Linux Mint newsletter.

  • Cross-compiling WebKit2GTK+ for ARM

    Of course, I know for a fact that many people use local recipes to cross-compile WebKit2GTK+ for ARM (or simply build in the target machine, which usually takes a looong time), but those are usually ad-hoc things and hard to reproduce environments locally (or at least hard for me) and, even worse, often bound to downstream projects, so I thought it would be nice to try to have something tested with upstream WebKit2GTK+ and publish it on trac.webkit.org,

  • Should we drop Vala?

    Is it Vala development a waste of time? Is Vala suitable for long term support libraries?

Distributions

• LXLE: A Linux distro to give new life to old hardware

  I’ll bet that somewhere, perhaps at home and most likely at work, you’ve got some old hardware lying around. What to do with it? It still works but what’s it running? Windows XP? Vista? Windows 7 Starter or Home Basic?

  Yep, you’re stuck on some old version of Windows but moving that machine up to a newer version of Windows could be tricky ‘cause one or more of those old graphics cards and printer drivers have probably have fallen out of the update cycle.

  Even if those subsystems are still available, you’ll still have a problem as the newer OSs’ are pretty much guaranteed to suck the life out of old processors with the result that performance and therefore usability will be marginal at best.

  So, what to do? Before you start looking for a deal on a new machine and an e-waste disposal site, consider moving to Linux and, most specifically, consider migrating to LXLE, the LXDE eXtra Luxury Edition (though some people also claim it stands for Lubuntu Extra Life Extension).

• OpenSUSE/SUSE

  • SUSECON 2016: Where Technology Reigns Supreme [Ed: “Article Sponsor: SUSE”]

  • openSUSE Tumbleweed – Review of the Weeks 2016/39

• Red Hat Family

  • Red Hat, Logicalis in digital transformation partnership in Latin America

    PromonLogicalis, a provider of information technology and communication solutions and services in Latin America, and Red Hat, Inc. (NYSE: RHT), the world’s leading provider of open source solutions, announced a collaboration that aim to help organizations navigate the digital transformation of their infrastructures to pave the way for cloud and the software-defined technologies, and to advance open source technology awareness in the region.

    Open source is delivering significant advancements in many areas of technology through community-powered innovation, including cloud computing, mobile, big data, and more. And, as companies embrace modern technology as a competitive advantage via digital transformation efforts, many are turning to open source because of the flexibility and agility it can enable.

  • Finance

    • Red Hat Inc. (RHT) Downgraded by Zacks Investment Research to “Hold”

  • Fedora

    • PHP version 5.6.27RC1 and 7.0.12RC1

    • An Easy Way To Try Intel & RADV Vulkan Drivers On Fedora 24

      Fedora 25 should have good support for the open-source Vulkan Linux drivers (particularly if it lands the next Mesa release) while Fedora 24 users can now more easily play with the latest Mesa Git RADV and Intel ANV Vulkan drivers via a new repository.

      A Phoronix reader has setup a Fedora Copr repository that is building Intel’s Vulkan driver from Mesa Git plus the RADV Radeon Vulkan driver re-based from its source (David Airlie’s semi-interesting GitHub branch). Fedora COPR, for the uninformed, is the distribution’s equivalent to Ubuntu PPA repositories.

    • Meeting users, lots of users

      Every year, I introduce Fedora to new students at Brno Technical University. There are approx. 500 of them and a sizable amount of them then installs Fedora. We also organize a sort of installfest one week after the presentation where anyone who has had any difficulties with Fedora can come and ask for help. It’s a great opportunity to observe what things new users struggle with the most. Especially when you have such a high number of new users. What are my observations this year?

• Debian Family

  • Free software activities in September 2016

Devices/Embedded

• 96Boards SBCs host Intel Joule and Curie IoT modules

  Gumstix announced two SBCs this week, based on Intel Joule and Curie IoT modules and built to 96Boards CE and IE form-factor specifications, respectively.

  At Linaro Connect Las Vegas 2016, where earlier this week Linaro’s 96Boards.org announced a new 96Boards IoT Edition (IE) spec, Gumstix announced support for 96Boards.org’s open SBC standards with two new single-board computers. Both SBCs will be available for purchase in October.

• ORWL — First Open Source And Physically Secure PC, Runs Linux And Windows

  ORWL is the first open source, physically secure computer. Using a secure microcontroller (MCU) and an ‘active clamshell mesh’, the device makes sure that nobody breaks the security of the system. Its maker, Design Shift, has also launched a crowdfunding campaign on Crowd Supply.

• Phones

  • Purism’s next product could be a smartphone that runs Linux/free software

    Purism is a company that’s been developing laptops and tablets that run Linux-based, free and open source software for a few years.

    Now Purism is considering building a smartphone and the company is soliciting feedback from potential customers.

    The idea would be to release a Librem Phone that runs GNU/Linux rather than Android, and which offers security and privacy features to help set it apart from most other phones on the market.

  • Purism Is Still Hoping To Build A GNU/Linux Free Software Librem Smartphone

    Purism, the startup behind the Librem laptops with a focus on free software and user privacy/freedom, still has their minds set on coming up with a GNU/Linux smartphone.

    Purism continues selling their high-priced laptops and their Librem 11 is forthcoming as an Intel-based tablet/convertible device with stocking station. Next on their horizon they want to produce “the ideal no-carrier, Free Software phone running a bona fide GNU+Linux stack.”

  • Tizen

    • Samsung Gear Watch Designer Beta v 1.2.1 Released

      Samsung Gear Watch Designer is a software application used to create watch faces for supported Gear Smartwatch devices such as the Gear S, S2, S3, and Fit2. The app has been updated to version 1.2.1, which is available for both Windows and Mac Operating Systems (OS), but still there is no Linux option for those that prefer our little Tux friend.

    • Smart View SDK update – Offers New version of DMP and Wireless speaker support

      The new version of Smart view SDK has just rollout. This update has an updated version of the Default Media Player (DMP), which allows new support for music, photo contents and playlists. Now, Samsung wireless speakers will also be a part of Samsung’s smart view enabled devices.

      With this update developers can easily implement casting features and get much easier control over playlist control. Users will now be able to enjoy casting a variety types of content with simple controls. The casting features are basically two different types, App casting and Media casting. App casting will allow you to discover and launch TV applications on a compatible Samsung Smart TV by the use of a smartphone using the relevant APIs, and Media casting will allow you to Send photos to the TV, Play and control videos as well as music.

    • Spreadtrum Acknowledges SC9830i LTE SOC adopted in Samsung Z2

      The System On a Chip (SOC) that Samsung had used in the Z2 Tizen smartphone was a tight secret despite most of the details of the phone was leaked prior to its launch. Rumors were also spread that the device could possibly employ one of its own Exynos SOC. However, post the launch of the device it was found that Samsung had continued with a Spreadtrum SOC. The Z2 has the Spreadtrum SC9830i SOC and although the world already knows this fact, Spreadtrum Communications recently took some time to talk about it at an event in Shanghai, China.

  • Android

    • Best Android Phone Under $700

      The Galaxy S7 is the best version of Samsung’s flagship yet. It’s equipped with a powerful Qualcomm Snapdragon 820 processor, 4GB of RAM, and a 3,000mAh battery pack. Its 12-megapixel rear-facing Dual Pixel camera is particularly impressive, and you’ll appreciate its performance in low light.

      Of course, as is the case with most versions of Android that aren’t directly developed by Google, Samsung’s version of Android is polarizing. The newly dubbed Grace UI offers some helpful features, but the extra software that comes bundled is redundant. At the very least, you can disable and hide any apps you don’t care for.

    • Best Android Phones with Expandable Memory

      The Galaxy S7 edge is the total package. The phone features a stunning metal-and-glass exterior backed by an excellent 5.5-inch display. The dual curved display is easily one of the best you’ll find on a phone, and differentiates the S7 edge from the pack. The handset is powered by Qualcomm’s beastly Snapdragon 820 SoC, and offers 4GB of RAM along with 32GB storage. The 12MP camera is outstanding, and the 3600mAh battery ensures you get at least a day’s worth of usage from a full charge.

      Best of all, Samsung re-introduced the microSD slot after leaving it out on the Galaxy S6 series. The phone accommodates microSD cards up to 256GB, which should be more than sufficient for all your movie or music needs. If all that isn’t enough, the S7 edge is water resistant with an IP68 rating.

    • Nexus 5X, Nexus 6P Troubled By Android 7.0 Nougat Problems

    • The reason this lifelong Android user jumped ship to the iPhone 7 Plus is surprising

    • Android Wear 2.0 dev preview 3 images are ready to download

    • Video: Six years of Nexus – A Google phone history

    • Android malware that can infiltrate corporate networks is spreading

    • Google officially rebrands ‘Google for Work’ as ‘Google Cloud’ and ‘Google Apps for Work’ as ‘G Suite’

    • Action Launcher 3 update adds Android 7.1′s launcher shortcut feature

    • Google Maps for Android Gets Voice Search and Commands

    • Thank you: Android manufacturers finally listened to users in 2016

      We tech writers spend most of our time ranting about something or the other, so let me acknowledge something positive instead: 2016 has been by far the best year for Android phones.

      I don’t just say that as the usual yearly platitude, the way one might say ‘the iPhone 7 is the best iPhone ever” (2016 tech is better than 2015 tech, duh). I mean that after trying out nearly every flagship available in the US this year, it feels like 2016 is the year Android manufacturers actually listened.

    • Yup, now the iPhone 7 is exploding

    • This Guy Basically Turned His Mirror Into a Giant iPhone

    • Android 7.0 Nougat: List of Mobile Devices Getting the New Mobile OS

    • Unity game engine now supports Vulkan rendering on Android [Ed: Mono]

    • Blackberry Bites the Dust – Yeah, we saw that one coming a LONG time ago

10 reasons why CIOs should consider open source software

A recent survey shows 78 percent of companies run part or all of their operations on open source software. Indeed, open source continues to gain market traction as more companies adopt open technology to speed innovation, disrupt industries and improve overall productivity.

Those who remain hesitant about adopting open source are in danger of being left behind. Because open source architecture lends itself to more frequent updates, and because of the openness, open source provides the freedom to innovate and mature in the way that enterprises need.

Kubernetes Arrives in New Flavors

Kubernetes has taken center stage in recent days, and, as we’ve been noting in recent posts, the open source container cluster manager is heading in new directions. Google has just announced the release of Kubernetes 1.4, which makes the tool much easier to install.

Meanwhile, Canonical has now launched its own distribution of Kubernetes, with enterprise support, across a range of public clouds and private infrastructure. It’s Kubernetes at the core, but features a number of extra bells and whistles.

2016 Women in Open Source Award Winners

We hope you enjoy and are inspired by this short video celebrating Preeti Murthy and Jessica McKellar, the winners of this year’s Red Hat Women in Open Source Awards.

Tech, talent and tools: The secret to monetizing open-source

“In California during the gold rush, you didn’t make money digging for gold; you made money selling shovels,” said Mehta. A fitting metaphor for the idea that investing in talent and tools, especially tools, is how to turn a profit. The actual data, databases, algorithms and so on would be open source. Money would come from the tools to use that technology to benefit specific areas, such as automation of healthcare.

And healthcare is a good place to start. “Big Data is all about making life cheaper, better. … If we forget about how to solve problems for humans, we’ve lost. We want to be known for enriching life,” said Mehta.

Changing the way we design for the web

On the one hand, open source should mean lower cost of entry for people from poorer communities (like me, growing up). But on the other, I feel it is hard to contribute when under- or unemployed. I had a grant to work on the Web Animations API documentation, but I can’t do as much as I’d like with other animation features (motion paths, advanced timing functions) because I need to spend a lot of time working on my own business, getting paid.

Essentially this leads to an awkward model where the only contributors are employed programmers—and when it comes to open source animation or design APIs, platforms, etc, this lack of user input really starts to show. Or, the only products with thriving open source development teams are those that have financially lucrative futures, turning the open source software (OSS) model into a capitalist one.

Asterisk 14 Improves Open-Source VoIP

Digium, the lead commercial sponsor behind the Asterisk open source PBX project announced the release Asterisk 14 this week, continuing to evolve the decade old effort, making it easier to use and deploy.

Yahoo open-sources a deep learning model for classifying pornographic images

Yahoo today announced its latest open-source release: a model that can figure out if images are specifically pornographic in nature.

The system uses a type of artificial intelligence called deep learning, which involves training artificial neural networks on lots of data (like dirty images) and getting them to make inferences about new data. The model that’s now available on GitHub under a BSD 2-Clause license comes pre-trained, so users only have to fine-tune it if they so choose. The model works with the widely used Caffe open source deep learning framework. The team trained the model using its now open source CaffeOnSpark system.

The new model could be interesting to look at for developers maintaining applications like Instagram and Pinterest that are keen to minimize smut. Search engine operators like Google and Microsoft might also want to check out what’s under the hood here.

“To the best of our knowledge, there is no open source model or algorithm for identifying NSFW images,” Yahoo research engineer Jay Mahadeokar and senior director of product management Gerry Pesavento wrote in a blog post.

Events

• Leaders in Data Management and Open Source Innovation to Gather for Postgres Vision 2016

• Cloudera, Hortonworks, and Uber to Keynote at Apache Big Data and ApacheCon Europe

Web Browsers

• Chrome

  • CloudReady by neverware

    I thought I would put together a quick “installation” review of a product called CloudReady by neverware. What is CloudReady? CloudReady is basically a project to bring Chromium OS to those who would like to convert traditional laptops into Chromebook-like devices. I stumbled on them several months ago and finally decided to see how hard it was to install Chromium OS and how functional it actually was as a Chromebook-like device. I have a few low end (netbook-like) devices and I have been trying to figure out how I could make them functional for my boys, I thought this might be the solution.

• Mozilla

  • Mozilla tells Firefox OS devs to fork off if they want to chase open web apps vision

    The Mozilla Foundation’s Firefox development team has decided enough is enough and will stop supporting Windows XP and Vista in March 2017 and also bin Firefox OS.

    The OS first. In this post Mozillans Ari Jaaksi and David Bryant, respectively the head of connected devices and veep for platform engineering, write that “By the end of 2015 Mozilla leadership had come to the conclusion that our then Firefox OS initiative of shipping phones with commercial partners would not bring Mozilla the returns we sought.”

    That decision means that “as of the end of July 2016 have stopped all commercial development on Firefox OS.”

SaaS/Back End

• Cloudera Delivers Release Built on Apache Spark 2.0, and Advances Kudu

  Cloudera, focused on Apache Hadoop and other open source technologies,has announced its release built on the Apache Spark 2.0 (Beta), with enhancements to the API experience, performance improvements, and enhanced machine learning capabilities.

  The company is also working with the community to continue developing Apache Kudu 1.0, recently released by the Apache Software Foundation, which we covered here. Kudu is an open source columnar storage engine built for the Apache Hadoop ecosystem designed to enable flexible, high-performance analytic pipelines. Taken together, Cloudera’s new tools are giving it more diverse kinds of presence on the Big Data scene.

  Cloudera claims it was the first Hadoop big data analytics vendor to deliver a commercially supported version of Spark, and has participated actively in the open source community to enhance Spark for the enterprise through its One Platform Initiative. “With Spark 2.0, organizations are better able to take advantage of streaming data, develop richer machine learning models, and deploy them in real time, enabling more workloads to go into production,” the company reports.

• Cloudera Delivers Enterprise-Grade Real-Time Streaming and Machine Learning with Apache Spark 2.0 and Drives Community Innovation with Apache Kudu 1.0

• Vendors Pile on Big Data News at Strata

  Cloudera, Pentaho and Alation are among vendors making Big Data announcements at this week’s Strata event.

  Vendors big and small are making news at this week’s Strata + Hadoop event as they try to expand their portion of the Big Data market.

  Cloudera highlighted a trio of Apache Software Foundation (ASF) projects to which it contributes. Among them is Spark 2.0, which benefits from a new Dataset API that offers the promise of better usability and performance as well as new machine learning libraries.

• New alliances focus on open-source, data science empowerment

  How can data science make a true market impact? Partnerships, particularly amongst open source communities. As IBM solidifies its enterprise strategies around data demands, two new partnerships emerge: one with Continuum Analytics, Inc., advancing open-source analytics for the enterprise; and another with Galvanize, initiating a Data Science for Executives program.

  Continuum Analytics, the creator and driving force behind Anaconda — a leading open data science platform powered by Python — has allied with IBM to advance open-source analytics for the enterprise. Data scientists and data engineers in open-source communities can now embrace Python and R to develop analytic and machine learning models in the Spark environment through its integration with IBM’s DataWorks Project.

  The new agreement between IBM and Galvanize, which provides a dynamic learning community for technology, will offer an assessment, analysis and training element for Galvanize’s Data Science for Executives program. This program empowers corporations to better understand, use and maximize the value of their data. The program will support IBM’s DataFirst Method, a methodology that IBM says provides the strategy, expertise and game plan to help ensure enterprise customers’ succeed on their journey to become a data-driven business.

• Apache Spot: open source big data analytics for cyber

Oracle/Java/LibreOffice

• TDF Releases Fresh Update to LibreOffice 5.2

  The Document Foundation today announced the availability of LibreOffice 5.2.2, the second update to the “fresh” 5.2 family. “LibreOffice 5.2.2, targeted at technology enthusiasts, early adopters and power users, provides a number of fixes over the major release announced in August.” These fixes include the usual number of import/export/filter fixes as well as a lot of interface adjustments and a few crashes.

  One of the more interesting import bugs fixed had first been reported 4 1/2 years ago. In version 3.5.0 when importing RTF files with several tables the formatting isn’t retained in all cases. The original reporter said this included column widths and placement. Comments updated the report throughout several versions on various systems. The bug sat for another year before being bumped and eight months later a patch was committed. After further input and more adjustments, Miklos Vajna committed patches for several versions including today’s 5.2.2.

Pseudo-Open Source (Openwashing)

• INSIDE Secure and Marvell Deliver Open Source Open Data Plane Security VPN Solution [Ed: “open source Open Data Plane (ODP) security API” sounds like nonsensical openwashing]

  INSIDE Secure (Paris:INSD), at the heart of security solutions for mobile and connected devices and network equipment, today announced the Marvell-INSIDE Secure solution, a collaboration that provides open source Open Data Plane (ODP) security API support on Marvell’s ARMADA® 8K and ARMADA 7K System-on-Chip (SoC) families with embedded INSIDE Secure Security Protocol Accelerator IP technology. The Marvell-INSIDE Secure solution provides customers with an easy and efficient way to secure their high-speed networking applications with access to all of the ARM ecosystem’s software support.

• GE, Bosch Combine Resources to Bolster IoT

• Chinese open source blockchain startup Antshares raises $4.5M through crowdsourcing [Ed: Microsoft-connected]

BSD

• OpenBSD 6.0 Limited Edition CD set (signed by developers)

  Five OpenBSD 6.0 CD-ROM copies were signed by 40 developers during the g2k16 Hackathon in Cambridge, UK.

  Those copies are being auctioned sequentially on ebay.

  All proceeds will be donated to the OpenBSD Foundation to support and further the development of free software based on the OpenBSD operating system.

FSF/FSFE/GNU/SFLC

• Licensing resource series: Free GNU/Linux distributions & GNU Bucks

  When Richard Stallman set out to create the GNU Project, the goal was to create a fully free operating system. Over 33 years later, it is now possible for users to have a computer that runs only free software. But even if all the software is available, putting it all together yourself, or finding a distribution that comes with only free software, would be quite the task. That is why we provide a list of Free GNU/Linux distributions.

  Each distro on the list is commited to only distributing free software. With many to choose from, you can find a distro that meets your needs while respecting your freedom.

  But with so much software making up an entire operating system, how is it possible to make sure that nothing nasty sneaks into the distro? That’s where you, and GNU Bucks come in.

• Friday Working together for Free Software Directory IRC meetup: September 30th

• August and September 2016: photos from Pittsburgh and Fresno

• Libre Learn Lab: a summit on freely licensed resources for education

  Libre Learn Lab is a two-day summit for people who create, use and implement freely licensed resources for K-12 education, bringing together educators, policy experts, software developers, hardware hackers, and activists to share best practices and address the challenges of widespread adoption of these resources in education. The 2nd biennial conference is Saturday, October 8th, and Sunday, October 9th, at the MIT Tang Center.

  The keynote addresses will be delivered by the FSF’s own Richard M. Stallman, former Chief Open Education Advisor Andrew Marcinek and founder of HacKIDemia Stefania Druga. At the event, there will be a special tribute to Dr. Seymour Papert (the father of educational computing) by Dr. Cynthia Solomon.

Programming/Development

• Machine Learning with Python

  I first heard the term “machine learning” a few years ago, and to be honest, I basically ignored it that time. I knew that it was a powerful technique, and I knew that it was in vogue, but I didn’t know what it really was— what problems it was designed to solve, how it solved them and how it related to the other sorts of issues I was working on in my professional (consulting) life and in my graduate-school research.

  But in the past few years, machine learning has become a topic that most will avoid at their professional peril. Despite the scary-sounding name, the ideas behind machine learning aren’t that difficult to understand. Moreover, a great deal of open-source software makes it possible for anyone to use machine learning in their own work or research. I don’t think it’s an overstatement to say that machine learning already is having a huge impact on the computer industry and on our day-to-day lives.

Salesforce tries to block Microsoft’s LinkedIn acquisition

Microsoft made a splash earlier this year when it announced the largest acquisition in its history, signing an agreement to buy LinkedIn for $26.2 billion. But now, Salesforce is trying to convince the European Union to block the deal.

Salesforce Chief Legal Officer Burke Norton will argue to the EU’s competition authority that Microsoft’s control of LinkedIn’s dataset following an acquisition would be anticompetitive. EU competition chief Margarethe Vestager said in January that her agency would be looking directly at whether a company’s use of data is bad for competition, and these complaints seem aimed squarely at those comments.

“Microsoft’s proposed acquisition of LinkedIn threatens the future of innovation and competition,” Norton said in a statement on Thursday. “By gaining ownership of LinkedIn’s unique dataset of over 450 million professionals in more than 200 countries, Microsoft will be able to deny competitors access to that data, and in doing so obtain an unfair competitive advantage.”

The Rise of the Helpful Operational Bots: ChatOps

While some of the concepts surrounding ChatOps has been around for a long time, it is fair to say that the idea only really began to get traction within technical communities when Jesse Newland gave a talk on ChatOps at Github during PuppetConf 2012. Since 2012 we have seen a growth in interest in the new use of bots within operations.

Facebook Video Metrics Crossed The Line From Merely Dubious To Just Plain Wrong

What happened here is actually pretty subtle, so bear with me. Facebook distinguishes “plays” from “views” — with the former being every single play of the video, including those auto-plays that you scroll straight past and never even look at, and the latter being only people who actually watched the video for three seconds or longer. Of course, there are still a million ways in which this metric is itself broken (I’ve certainly let plenty of videos play for more than three seconds or even all the way through while reading a post above or below them) but the distinction is a good one. All of the more detailed stats are based on either plays or views (mostly views) and are clearly labeled, but the one metric at issue was the “Average Duration of Video Viewed.” This metric could be fairly calculated as either the total amount of time from all plays divided by the total number of plays, or the same thing based only on time and number of views — but instead, it was erroneously being calculated as total play time divided by total number of views. In other words, all the second-or-two autoplays from idle newsfeed scrollers were being totalled up, and that time was being distributed among the smaller number of people who stayed on the video for more than three seconds as part of their average duration, leading to across-the-board inflation of that figure.

Journalist Tom Henderson on Cloud Vendor Lock-In

This video is not technically about free or open source software, but it’s 100 percent about the danger of falling victim to proprietary vendors and their habit of making it hard to leave their sweet embrace once they get their paws on you. The Network World column by Tom Henderson that generated this interview is titled, The Many Dimensions of Cloud Value, and is subtitled, “Put your snorkels on: The marketing for cloud services is getting deep.” So is the marketing for many other proprietary something-as-a-something offerings ranging from operating systems to (obviously) cloud platforms.

Science

• Why Deep Learning Is Suddenly Changing Your Life

  Over the past four years, readers have doubtlessly noticed quantum leaps in the quality of a wide range of everyday technologies.

  Most obviously, the speech-recognition functions on our smartphones work much better than they used to. When we use a voice command to call our spouses, we reach them now. We aren’t connected to Amtrak or an angry ex.

Health/Nutrition

• Bayer Makes Deal With GMO Giant Monsanto

  That preemption bill was similar to other anti-local democracy measures peddled by the American Legislative Exchange Council (ALEC).

  From fracking bans to minimum wage and GMO labeling, ALEC and its politicians have successfully driven preemption efforts with its “model” legislation throughout different parts of the country at the behest of giant corporations.

  An Oregonian who leads a group with ties to Monsanto claimed he authored the bill, but as Lisa Arkin of the Pesticide Action Network North America noted both the Oregon bill and the ALEC bill share the same name and have the same core operative language and effect: “A local government may not enact or enforce a . . . measure, including but not limited to an ordinance, regulation, control area, or quarantine, to inhibit or prevent the production or use of agricultural seed, flower seed . . . or vegetable seed or products of agricultural seed, flower seed . . . or vegetable seed.”

  After the Oregon bill was introduced in 2013, it was taken to ALEC’s 40th anniversary meeting in Chicago, as the “Preemption of Local Agricultural Laws Act,” which is known as the “Monsanto Protection Act,” by its foes.

• More Than 9 in 10 People Breathe Bad Air, W.H.O. Study Says

  The World Health Organization said Tuesday that 92 percent of people breathe what it classifies as unhealthy air, in another sign that atmospheric pollution is a significant threat to global public health.

  A new report, the W.H.O.’s most comprehensive analysis so far of outdoor air quality worldwide, also said about three million deaths a year — mostly from cardiovascular, pulmonary and other noncommunicable diseases — were linked to outdoor air pollution. Nearly two-thirds of those deaths are in Southeast Asia and the Western Pacific region, compared with 333,000 in Europe and the Americas, the report said.

  “When you look out through the windows in your house or apartment, you don’t see the tiny little particles that are suspended in the air, so the usual perception is that the air is clean,” Rajasekhar Balasubramanian, an air quality expert at the National University of Singapore who was not involved in the study, said in a telephone interview on Tuesday.

  “But the W.H.O. report is a clear indication that even in the absence of air pollution episodes, the concentrations of particles suspended in the air do exceed what’s considered to be acceptable from a health viewpoint,” he said.

  In previous studies, the W.H.O. estimated that more than eight in 10 people in urban areas that monitored air pollution were breathing unhealthy air and that about seven million deaths a year were linked to indoor and outdoor pollution.

Security

• Linaro organisation, with ARM, aims for end-end open source IoT code

  With the objective of producing reference software for more secure connected products, ranging from sensors and connected controllers to smart devices and gateways, for the industrial and consumer markets, Linaro has announced LITE: Collaborative Software Engineering for the Internet of Things (IoT).

  Linaro and the LITE members will work to reduce fragmentation in operating systems, middleware and cloud connectivity solutions, and will deliver open source device reference platforms to enable faster time to market, improved security and lower maintenance costs for connected products. Industry interoperability of diverse, connected and secure IoT devices is a critical need to deliver on the promise of the IoT market, the organisation says. “Today, product vendors are faced with a proliferation of choices for IoT device operating systems, security infrastructure, identification, communication, device management and cloud interfaces.”

• An open source approach to securing The Internet of Things

• Addressing the IoT Security Problem

  Last week’s DDOS takedown of security guru Brian Krebs’ website made history on several levels. For one, it was the largest such reported attack ever, with unwanted traffic to the site hitting levels of 620 Gbps, more than double the previous record set back in 2013, and signalling that the terabyte threshold will certainly be crossed soon. It also relied primarily on compromised Internet of Things devices.

• Linaro beams LITE at Internet of Things devices

  Linaro launched a “Linaro IoT and Embedded” (LITE) group, to develop end-to-end open source reference software for IoT devices and applications.

  Linaro, which is owned by ARM and major ARM licensees, and which develops open source software for ARM devices, launched a Linaro IoT and Embedded (LITE) Segment Group at this week’s Linaro Connect event in Las Vegas. The objective of the LITE initiative is to produce “end to end open source reference software for more secure connected products, ranging from sensors and connected controllers to smart devices and gateways, for the industrial and consumer markets,” says Linaro.

• Don’t Trust Consumer Routers

  Another example of why you shouldn’t trust consumer routers. d-link

  It isn’t just this specific d-link router. We’ve seen the same issues over and over and over with pretty much every non-enterprise vendor.

  Plus we don’t want our devices used by crackers to DDoS Brian Krebs anymore, right?

  We are Linux people. We CAN do this ourselves.

• D-Link DWR-932 router is chock-full of security holes

  Security researcher Pierre Kim has unearthed a bucketload of vulnerabilities affecting the LTE router/portable wireless hotspot D-Link DWR-932. Among these are backdoor accounts, weak default PINs, and hardcoded passwords.

• The Cost of Cyberattacks Is Less than You Might Think

  What’s being left out of these costs are the externalities. Yes, the costs to a company of a cyberattack are low to them, but there are often substantial additional costs borne by other people. The way to look at this is not to conclude that cybersecurity isn’t really a problem, but instead that there is a significant market failure that governments need to address.

• NHS trusts are still using unsupported Windows XP PCs

  AT LEAST 42 National Health Service (NHS) trusts in the UK still run Microsoft’s now-defunct Windows XP operating system.

  Motherboard filed Freedom of Information requests with more than 70 NHS hospital trusts asking how many Windows XP machines they use. 48 replied within the allotted time, and a whopping 42 of them admitted that they still use the operating system that reached end-of-life status in April 2014.

  Some of the culprits include East Sussex Healthcare, which has 413 Windows XP machines, Sheffield’s Children’s hospital with 1,290, and Guy’s and St Thomas’ NHS Trust in London with an insane 10,800 Windows XP-powered PCs.

  23 replied to Motherboard’s quizzing about whether they have an extended support agreement in place and, unsurprisingly, the majority said that they do not.

• Friday’s security advisories

• ICANN grinds forward on crucial DNS root zone signing key update

  The Internet Corporation for Assigned Names and Numbers is moving — carefully — to upgrade the DNS root zone key by which all domains can be authenticated under the DNS Security Extensions protocol.

  ICANN is the organization responsible for managing the Domain Name System, and DNS Security Extensions (DNSSEC) authenticates DNS responses, preventing man-in-the-middle attacks in which the attacker hijacks legitimate domain resolution requests and replaces them with fraudulent domain addresses.

  DNSSEC still relies on the original DNS root zone key generated in 2010. That 1024-bit RSA key is scheduled to be replaced with a 2048-bit RSA key next October. Although experts are split over the effectiveness of DNSSEC, the update of the current root zone key signing key (KSK) is long overdue.

• Cybersecurity isn’t an IT problem, it’s a business problem

  The emergence of the CISO is a relatively recent phenomenon at many companies. Their success often relies upon educating the business from the ground up. In the process, companies become a lot better about how to handle security and certainly learn how not to handle it.

  As a CIO, knowing the pulse of security is critical. I oversee a monthly technology steering committee that all the executives attend. The CISO reports during this meeting on the state of the security program. He also does an excellent job of putting risk metrics out there, color coded by red, yellow, and green. This kind of color grading allows us to focus attention on where we are and what we’re doing about it.

Defence/Aggression

• Congress May Rewrite Saudi 9/11 Law After Veto Override

  The two top Republicans in Congress said they’re prepared to rewrite legislation allowing victims of the Sept. 11 attacks to sue Saudi Arabia — less than 24 hours after Congress took the extraordinary step of overriding President Barack Obama’s veto of the measure to make it law.

  Both House Speaker Paul Ryan and Senate Majority Leader Mitch McConnell said that the measure could have unintended consequences — including the fact that it could leave U.S. soldiers open to retaliation by foreign governments.

  “I would like to think there’s a way we can fix so that our service members do not have legal problems overseas while still protecting the rights of the 9/11 victims,” Ryan told reporters Thursday, one day after his chamber voted 348-77 to override the veto.

  McConnell also said he was worried about unintended consequences of the measure, saying changes to the law might be needed.

  “It’s worth further discussing,” he told reporters Thursday. “It was certainly not something that was going to be fixed this week.”

• Arab responses to 9/11 bill point to US interventions abroad

  Others support the bill, but point out that the U.S. is meanwhile backing a Saudi-led intervention in Yemen that has led to the deaths of thousands of civilians there.

  Two Arabic hashtags were trending on Twitter when the bill was passed, one referring directly to the Justice Against Sponsors of Terrorism Act, or JASTA, and the other simply titled: #TheAmericanTerrorism.

  Some Arabic Twitter users shared a photo montage that depicted U.S. military actions in Japan and Vietnam, as well as naked Iraqi prisoners in Abu Ghraib prison being humiliated by smiling U.S. troops. It read: “Japan, Vietnam, Iraq, Afghanistan can’t wait for JASTA to be implemented so they can, in turn, prosecute the U.S.”

  Another shared a 2005 Pittsburgh Post-Gazette editorial cartoon of a young boy on his father’s lap watching an image of the Hiroshima mushroom cloud and asking: “Which terrorist group did that?”

  One post shared more than 750 times included a clip with Arabic subtitles of stand-up American comedian Eddie Griffin talking about U.S. interventions in Iraq and Afghanistan, saying these wars are about “money, money, money.”

  The criticism, of course, is nothing new, says Eurasia Group’s Director for the Middle East and North Africa Ayham Kamel.

  “The Middle East, as a region where the U.S. has been dominant, has always been critical of U.S. policy,” he said.

• Pakistan threatens to DESTROY India with nuclear bomb as atomic enemies edge to the brink of war

  PAKISTAN’S Defence Minister has threatened to “destroy” India – after India said on Thursday it had carried out “surgical strikes” on suspected militants preparing to infiltrate from Pakistan-ruled Kashmir.

  The strikes, which were a response to shots fired across the de facto border through the disputed Himalayan territory, could lead to a military escalation between the two nuclear-armed neighbours – risking a ceasefire agreed in 2003.

Transparency/Investigative Reporting

• ‘We Believe in What We’re Doing’

  WikiLeaks is now 10 years old. SPIEGEL met with founder Julian Assange, 45, to discuss the whistleblower platform’s achievements and whether recent criticism leveled at the site is justified.

  SPIEGEL: Mr. Assange, 10 years after the founding of WikiLeaks, the whistleblower platform is again being criticized. WikiLeaks is said to have put millions of Turkish voters in danger. What is your response?

  Assange: A few days after the publication of internal emails from the Democratic National Committee, an entirely false story was put out that we had published the names, addresses and phone numbers of all female voters in Turkey. It is completely false. And it was and is simple to check. Power factions fight back with lies. That’s not surprising.

  SPIEGEL: Quite a few German journalists have long sympathized with WikiLeaks and also with Edward Snowden. But they aren’t impressed with the publishing of the DNC emails. Are you campaigning on behalf of Donald Trump?

  Assange: Our publication of the DNC leaks has showed that the Democratic National Committee had effectively rigged the primaries in the United States on behalf of Hillary Clinton against Bernie Sanders. That led to the resignation of leading members of the DNC, including its president Debbie Wasserman Schultz.

  SPIEGEL: People within the Clinton campaign have suggested that the DNC emails were given to you by the Russian secret service.

  Assange: There have been many attempts to distract from the power of our publications. Hillary Clinton is the favorite to win. As always, most media aligns with the presumptive winner even though their claimed societal virtue is to investigate those in power.

  SPIEGEL: The fact is, WikiLeaks is damaging Clinton and bolstering Trump.

  Assange: We’re not going to start censoring our publications because there is a US election. Our role is to publish. Clinton has been in government so we have much more to publish on Clinton. There is a lot of naivety. The US presidency will continue to represent the major power groups of the United States — big business and the military — regardless of who the talking head is.

  SPIEGEL: If someone submitted internal documents from the Trump campaign or the Republican Party, you would publish that as well?

  Assange: Yes, of course. That’s what we do.

• CIA Took Three Years To Reject FOIA Request For Criteria For Rejecting FOIA Requests

  Curious about what criteria the CIA have for determining if they “can neither confirm nor deny” something? So did Jason Smathers, who back in 2010 filed one of MuckRock’s earliest requests for exactly that. Six years later, he still doesn’t know.

  Smathers first filed in October 2010 – to the agency’s credit, they only took a mere two months to get back to him.

• Government Agencies Apparently Not Interested In Following Congressional Directives On Overclassification

  I’m not sure what this says about government transparency. Maybe it doesn’t say anything useful. Maybe it’s just the mixed signals we can expect from agencies only willing to make the most minimal transparency efforts. Or maybe it says something about the momentum of even slowly-moving large objects. A bureaucracy has a large turning radius and asking it to suddenly change its ways means you have to lower your expectations as to how “suddenly” should be defined. Whatever it says, it’s nothing good.

  Overclassification is a government-wide problem. Legislation has been passed to fix it. While the government expects the private sector to get right on it when laws are passed, it obviously cuts itself a lot more slack when faced with internal legislative redirection.

Environment/Energy/Wildlife/Nature

• Climate justice meets racism: Standing Rock was decades in the making

  Attack dogs and waves of arrests by police in riot gear could look like isolated incidents of overreaction to the activism stemming from the Standing Rock reservation. But for the Lakota Sioux who live in these marginalized hillsides, the escalated militarization behind their battle against the Dakota Access pipeline is a situation decades in the making.

  North Dakota is not the whitest state in America, but it’s arguably the most segregated. More than 60 percent of its largest minority population, Native Americans, lives on or near reservations. Native men are incarcerated or unemployed at some of the highest rates in the country. Poverty levels for families of the Standing Rock tribe are five times that of residents living in the capital city, Bismarck. In Cannon Ball, the heart of the tribal community, there are rows of weathered government homes, but no grocery store. Tucked behind a lonely highway, this is where mostly white farmers and ranchers shuttle to and from homesteads once belonging to the Sioux.

• Most people alive today set to witness dangerous global warming in their lifetime, scientists warn

  The world could hit two degrees Celsius of warming – the point at which many scientists believe climate change will become dangerous – as early as 2050, a group of leading experts has warned.

  In a report called The Truth About Climate Change, they said many people seemed to think of global warming as “abstract, distant and even controversial”.

  But the planet is now heating up “much faster” than anticipated, said Professor Sir Robert Watson, a former chair of the Intergovernmental Panel on Climate Change and one of the authors of the report.

  If their analysis is correct, it means the majority of people alive today will experience what it is like to live on a dangerously overheated planet.

• 9 wonders of the world set to vanish forever: How many have you ticked off?

  This month, we learned that Spain was facing the prospect of becoming the first European Union member state to have a natural World Heritage Site make Unesco’s “danger list”. The Doñana coastal wetlands in Andalucía – home to the endangered Iberian lynx – is said to be under threat from a mining and dredging plan, as well as 1,000 illegal wells in the area.

  But it’s just one among a number of incredible sites the world over that, according to Unesco, could be lost forever. Here are just a few World Heritage Sites in Unesco’s danger zone that you might need to scrub off the bucket list.

• To Reduce Haze and Save Indonesia’s Forests, Address the Root Cause of Fires

  Over the past few months we have seen heated debates over the problem of Indonesian forest fires and the associated haze in neighboring countries like Singapore. A new law in Singapore permits the prosecution of companies deemed to be responsible for causing such fires, and speculation about how the El Nino phenomenon might lead to particularly intense fires in the next month have drawn global attention to the issue.

  Three years ago, President Susilo Bambang Yudhoyono made a pledge to dedicate the remainder of his term in office to protect Indonesia’s environment and forests. Over the last three years he has done just that — with the historic moratorium on new logging concessions implemented in 2011, which has since been extended to May 2015. This policy has helped to protect more than 63 million hectares of primary forest and peat land, equivalent to an area larger than the landmass of Malaysia and the Philippines combined, and helped to lower Indonesia’s deforestation rate from 1.2 million hectares per year between 2003 and 2006, to between 450 and 600 thousand hectares per year since 2011. We also see the private sectors in the region stepping up their zero-deforestation commitments, including from the pulp and paper and palm oil industries.

• Fires driving deforestation in Indonesia’s Leuser Ecosystem

  Indonesia’s Leuser Ecosystem lost 4,097 hectares of forest cover in the first six months of 2016, according to Forest, Nature and Environment of Aceh (HAkA), an NGO. At the same time, 187 fire hotspots were recorded in the nationally protected area during the period.

  “The hotspots overlay the forest cover loss in Aceh,” HAkA’s Agung Dwinurcahya said at a press conference in Jakarta. “For example, the high number of hotspots in Aceh Timur is the main contributor to deforestation in Aceh Timur.”

  Leuser, home to one of the Southeast Asian country’s last great swaths of intact rainforest, lies in Indonesia’s westernmost Aceh and North Sumatra provinces. It’s the only place in the world where orangutans, rhinos, elephants and tigers coexist in the wild.

• Seven Popular Foods That Might Disappear Because of Climate Change

  Throughout history, different types of food have surged and dropped in popularity, and some foods that existed at one point just aren’t around anymore. But we’re not talking about foods that aren’t popular, quite the opposite in fact. Some of our favorite foods and drinks could be considered “endangered” because the places where they are grown are being severely impacted by climate change. If this isn’t proof that we need to do something about climate change, I don’t know what is. To start off, here are a few foods that are part of our everyday lives that might not be around for long.

Finance

• In Wells Fargo Case, News Really Did Happen To An Editor

  Several years after I returned to New York from Oregon, I made a strange discovery. Bank accounts I was certain I had closed were inexplicably racking up service charges. It seemed bizarre, particularly because I had gone in person to a newly opened local branch of my West Coast bank to make sure the accounts were shut down.

  The failure to pay these charges (bills were sent to my old address and never caught up with me) resulted in penalties and a report to a credit agency. After an increasingly frustrating series of exchanges at the local branch, the bank agreed to wipe out the charges but said I would have to deal with the credit agencies on my own.

  It seemed outrageous, and as the editor in chief of an investigative news operation, I thought about asking Paul Kiel, ProPublica’s crack reporter on bank shenanigans, to take a look.

  But then I stopped myself.

  There’s an old saying in the journalism business for this sort of thinking: News is what happens to an editor.

  As with so many newsroom aphorisms, it’s meant to be proclaimed with an eye roll and a tone of deep sarcasm. Reporters view editor-generated stories as the bane of their existence, and not without reason. Random events and pet peeves are not often a great starting point for serious stories.

• People born in the 1980s are HALF as wealthy in their thirties as people a decade older

  People born in early Eighties were around half as wealthy at age 30 as their counterparts who were born in the Seventies, analysis shows.

  The children of the “Baby Boomer” generation, currently in their early 30s, have an average net household wealth of £27,000 each a report by the Institute for Fiscal Studies, a think tank showed.

  By comparison the median wealth of those born in the 1970s had £53,000 on average by the same age. The figure takes into account housing, financial and private pension wealth.

• Wealth of people in their 30s has ‘halved in a decade’

  People in their early 30s are half as wealthy as those now in their 40s were at the same age, a report finds.

  Today’s 30-something generation has missed out on house price increases and better pensions, according to research by the Institute for Fiscal Studies.

  Those born in the early 1980s have an average wealth of £27,000 each, against the £53,000 those born in the 1970s had by the same age, said the IFS.

  They will also find it harder to amass wealth in the future, it added.

  The think tank found that people born in the early 1980s were the first post-war group not to have higher incomes in early adulthood than those born in the preceding decade.

• Children of Thatcher era have half the wealth of the previous generation

  The children of the Thatcher era have reached adulthood with half as much wealth as the previous generation, finds a major study published today.

  The report from the Institute of Fiscal Studies concludes people born in the early 1980s are the first post-war generation to suffer smaller incomes in early adulthood than those born 10 years before.

  A toxic mix of low interest rates and the calamitous crash of 2008 mean it is much harder to accumulate wealth, leaving them with meagre pensions and a lower rate of home ownership.

• Basic Income — A concrete and financed proposal for Sweden

  I have now translated my proposal for basic income for Sweden, which I presented in Swedish some time ago.

  Although the proposal as such is strictly about Sweden and Swedish conditions, I am hoping that the reasoning and design principles I have applied may be of interest to basic income activists in other Nordic and European countries as well. In many ways, the welfare systems we have today are basically quite similar, and many of the problems we face are the same as well.

• Portugal threatened with first treaty claim

  A Mexican company has threatened to bring a €42 million investment treaty claim against Portugal over a cancelled deal to privatise part of Lisbon’s public transport system.

  Grupo Autobuses de Oriente (ADO) announced last week that it had served a notice of dispute to the Portuguese government under the Mexico-Portugal bilateral investment treaty after negotiations proved “fruitless”.

  If the dispute reaches arbitration, it would be the first known investment treaty case that Portugal has faced – as well as a rare example of a Latin American multinational invoking a BIT to protect investments in a European state.

  The dispute relates to two “sub-concession agreements” that ADO, through its Spanish subsidiary Avanza, signed with Portugal’s then centre-right government under Prime Minister Pedro Passos Coelho in June 2015.

AstroTurf/Lobbying/Politics

• Gary Johnson Is Not the Third-Party Candidate You’re Looking For

  With Hillary Clinton failing to provide a genuine voice for the 99% against Donald Trump’s bigoted fake-populism, a left-wing third-party candidate like Jill Stein can act as an important pole of attraction for a section of workers and youth sick and tired of the status quo. But Stein isn’t the only third-party challenger to Trump and Clinton. Gary Johnson, the former Republican governor of New Mexico, is running for president under the Libertarian Party. Johnson has been consistently outpolling Stein, and some polls even show Johnson beating Stein among former Bernie Sanders supporters.

  Given his polling results, Johnson may appear to be the best bet for building a viable challenge to the two-party system. And Johnson has a number of progressive positions on certain isolated issues, such as support for the legalization of marijuana and opposition to government surveillance. But, as socialists, we have to be clear that Gary Johnson, and libertarian politics in general, are a dead end for anyone trying to build a voice for the 99%.

• Hacked Audio Reveals Hillary Clinton Sees Herself Occupying “Center-Left to Center-Right”

  In the hacked recording of a private conversation with campaign donors in February, Hillary Clinton distanced herself from progressive goals like “free college, free healthcare” and described her place on the political spectrum as spanning from the center-left to the center-right.

  Clinton has been inconsistent in the past about espousing political labels. She has at times touted herself as stalwart liberal. For instance, she said last July: “I take a backseat to no one when you look at my record in standing up and fighting for progressive values.” But a few months later, she told a group in Ohio: “You know, I get accused of being kind of moderate and center. I plead guilty.”

  The newly disclosed comments came in audio, apparently from hacked emails, that was revealed this week by the Washington Free Beacon, a conservative blog run by a Republican communications strategist. Clinton was speaking at a Virginia fundraiser hosted by Beatrice Welters, the former U.S. ambassador to Trinidad and Tobago, and her husband Anthony Welters, the executive chairman of an investment consulting firm founded by former Clinton aid Cheryl Mills.

  Clinton’s opponent at the time, Sen. Bernie Sanders, was pointing to successful programs in Norway and Sweden, which provide universal daycare, family leave, and government sponsored healthcare and college education, as policies that he would seek to adopt.

Censorship/Free Speech

• Palestinians boycott Facebook over ‘censorship’

  Palestinian activists have recently launched a campaign to boycott Facebook after the popular social-media platform blocked several Palestinian accounts and deleted numerous posts – at Israel’s request – for alleged “incitement”.

  Earlier this week, campaigners – using the hashtag #FBCensorsPalestine – called on supporters to refrain from posting on Facebook between 8 p.m. and 10 p.m. (Jerusalem time) on Sept. 25.

  Hussam al-Zayegh, the campaign’s Gaza-based spokesman, told Anadolu Agency that the initiative had been launched in response to what he described as Facebook’s “pro-Israel bias”.

  According to al-Zayegh, the world’s most popular social-networking site is actively working to undermine Palestinian activists and journalists who rely on Facebook to help spread their message.

• Palestinian Activists Are Angry About Alleged Facebook Censorship

  Palestinian activists are running an online campaign to hold Facebook accountable after the social media giant deleted a number of pro-Palestine posts and suspended several Palestinian journalists’ accounts.

  Quds News Network and other publications launched the hashtag #FBCensorsPalestine on Friday, when news emerged that seven Palestinian journalists associated with popular outlets in Israeli-occupied Palestinian territories had their accounts shut down for “violating community guidelines.”

  According to the seven journalists, four of whom work for Shehab News Agency and three of whom work for Quds, Facebook provided no further explanation of what standards were violated.

• Donald Trump and the Return of Seditious Libel

  In 1733, New York printer John Peter Zenger began publishing the eighth newspaper in the American colonies, and the first willing to venture criticism of the government. The New-York Weekly Journal was the second paper in a city of 10,000 or so people, 1700 of them slaves.

  As we are reminded in Richard Kluger’s comprehensive new book, “Indelible Ink,” the first full-length account of Zenger’s travails, by 1735, Zenger (and the likely editor of his paper, James Alexander) had so offended Britain’s royal governor of New York and New Jersey, William Cosby, that Cosby brought suit against Zenger for seditious libel—the crime of criticizing the government. Under the law then in effect in Britain and its colonies, truth was not a defense to this charge. The leading legal treatise of the day explained that “since the greater appearance there is of truth in any malicious invective, so much the more provoking it is.” And: “The malicious prosecution of even truth itself cannot… be suffered to interrupt the tranquility of a well-ordered society.” This was deemed especially the case with true attacks on those in power, as they would have “a direct tendency to breed in the people a dislike of their governors and incline them to faction and sedition.”

• Thoughtless and dangerous EU approach to free speech online

  There is a lot of ambiguity when it comes to the EU cooperation with Facebook, Twitter, Youtube/Google and Microsoft to censor the Internet – the Joint Referral Platform.

  On the one hand, it has been marketed as a tool to stop »radicalization« that could lead young people to religiously motivated violence, e.g. terrorism or joining the Islamic State in the Middle East.

  On the other hand, in documents and speeches the EU is totally focused on this project to stem »illegal online hate speech«, e.g. when it comes to racism and Islamophobia.

  On that account, what is deemed to be »illegal« adds to the confusion. Incitement to violence is clearly and reasonably within this definition. But when it comes to the broader definition of hate speech, laws vary between EU member states.

• Chinese Communism’s Anniversary Shines Light On Censorship — In America

  Due to SAPPRFT restrictions, all American movie scripts are vulnerable to “requested” changes or self-censorship based on the Communist Party’s wishes.

• Popular YouTuber Experiments With WebTorrent to Beat Censorship

  A popular YouTuber is experimenting with torrent-based technology in order to take control of his content and avoid third-party censorship. Bluedrake says that the potential for freedom when using WebTorrent “blows his mind” and has already carried out tests to get the project underway.

• Banned Book Week brings awareness to censorship, individual choices

  Banned Books Week is from Sept. 25 to Oct. 1.

  This year will be the 34th anniversary of Banned Books week. The last week of September) will be when words will attempt to overthrow unnecessary censorship.

  After all, in the words of Laurie Anderson “censorship is the child of fear and the father of ignorance.”

  The heat-wave surrounding censorship of books sent the media in a frenzy in the 1980s, urging society to fight against authority, ensuring that there would be a change in social behavior and moral values.

• Orwell 2016: Censorship in the age of social media

  If George Orwell is watching from above, he must be impressed. In his novel 1984, what was meant as a cautionary tale against government control and intellectual obscurantism, seems to have come to pass without our full knowledge.

  Where have our media taken us?

  To be brutally honest, I would say down the yellow brick road and around the tree a few times over already. As our world has become more and more dependent on media, we have opened ourselves up to the bite of censorship, control and the ever-evolving deity which is ‘social trend’.

  In other words, our need to be “connected” has pretty much left us dependent on information technology.

• Singapore court sends teen blogger back to jail for criticising religion

• Singapore rebel teen jailed for anti-religion posts

• Singapore Teen Gets 6 Weeks in Jail for ‘Intending to Wound’ God’s Feelings

• Teen blogger jailed in Singapore for insulting Muslims, Christians

Privacy/Surveillance

• The “Pardon Snowden” Case Just Got Stronger

  Yesterday, the Department of Justice Inspector General (DoJ IG) issued a long overdue Congressionally-mandated report on FBI compliance with the PATRIOT Act’s Section 215 “business records” provision between 2012 and 2014. It is the first such report issued that covers the initial period of Edward Snowden’s revelations about widespread domestic mass surveillance by the federal government. Since his indictment for leaking the information to the press, Snowden’s lawyers have argued that he should not be prosecuted under the WW I-era Espionage Act because his revelations served the public interest.

• Intel Community To Institute Actual Whistleblower Award For ‘Speaking Truth To Power’

  The Intelligence Community is looking to reward whistleblowers for “speaking truth to power.” No, seriously. Steven Aftergood of Secrecy News has posted a recent Intel Community announcement [PDF] that looks to fold a whistleblower honor into the community’s existing awards program.

  This is part of the intel community’s cautious foray into the harsh sunlight of transparency — itself a response to a presidential directive that our nation’s spies head outside for a bit and expose themselves a bit.

  The award may as well be called the “Snowden.” But the wording makes it explicit Snowden himself will never be eligible to receive the honorific fruits of his whistleblowing.

• How Bulk Interception Works

  Mobile digital devices are ever more ubiquitous, generating new forms of data in quantities that continue to grow exponentially. Moreover, the costs of storing data have decreased drastically, and continue to do so every year. Most importantly, the technical means of combining datasets and analyzing this vast trove of data have advanced so rapidly that what were previously considered meaningless or incoherent types and amounts of data can now produce incredibly revelatory analyses. Metadata is structured in such a way that computers can search through it for patterns faster and more effectively and learn more about us than similar searches through the actual content of our communications.

• The secret smartphone war over the struggle for control of the user

  There’s a war going on behind closed doors for control of your smartphone. It’s between the phone makers and the operators, but it’s not over privacy or data or cost – it’s over you.

  The battles are raging over who owns the consumer and your phone: is it the buyer or the manufacturer? And is the smartphone a device you purchase, or a service you pay for monthly?

  The boom years for the industry, when a smartphone was a user’s first, are long gone in developed nations with most smartphones now sold to people who already have one. In the US and UK market penetration has hit roughly 85%. This means the growth a phone maker needs each year can only come at the expense of a competitor. And that has changed how the manufacturers see the market.

  Marina Koytcheva, director of forecasting at CCS Insight says: “After years of analysts and commentators talking about mobile phone market peaking within the visible horizon, it has now reached that point.”

  The research firm expects total mobile phone sales to decline by 1.3% this year over last, with smartphones accounting for almost three-quarters of the market and up only 4.1% globally.

Civil Rights/Policing

• Cops Dodge 4th Amendment By Phoning In ‘Anonymous’ Tips; Watch Their Drug Bust Vanish After They’re Exposed

  The two horses called in tips twice, resulting in searches of two residences. Despite costing them a nice drug bust and successful prosecution, both the DA (Shane Scanlon) and the Chief of Police (Carl Graziano) are defending not only the faux tipsters’ actions, but their work as law enforcement officers as well.

• NYPD sent undercover officers to Black Lives Matter protest, records reveal

  Legal papers filed by the New York police department reveal that the department sent its own undercover officers to protests led by Black Lives Matter after the death of Eric Garner. The NYPD documents also show that it collected multimedia records about the protests.

  The NYPD disclosed its undercover operations in response to a group of New York attorneys requesting records under the state freedom of information law. The department has thus far declined to provide the records requested. But its descriptions in August court filings of the records it is refusing to release provide new details about its monitoring of protests at Grand Central Station:

  The first set contains “multimedia records” relating to the petitioners’ request for “pictures, videos, audio recordings, data, and metadata” collected or received by the NYPD at the Grand Central Station protests, which Black Lives Matter groups are still leading, according to the NYPD response.

  The second “consists entirely of communications between and among NYPD undercover officers and their handlers”, pertaining to the protests. According to a 22 August NYPD Memorandum of Law, these undercover communications “consist primarily of immediate impressions concerning ongoing events”.

• FBI, DOJ And Their Forensic Scientists State They’ll Continue Using Discredited Junk Science To Put People Behind Bars

  For dozens of years, criminal prosecutions have relied on junk science. Forensic science, properly applied, can actually provide matches that identify suspects. But it’s not properly applied. In the hands of the DOJ, forensic evidence examination is a closed loop. Outside scientists have been granted access to the DOJ’s DNA work, but everything else — from fingerprints to hair samples — has been locked away in the government’s database.

  Still, the DOJ insists its science is solid, something it bases on confirmation bias. The matches determined in its forensic labs are “scientifically certain” because the DOJ’s expert witnesses have said so in court. Not only are outside scientists locked out of examining evidence and forensic processes, but defense lawyers are as well.

  The DOJ has finally decided to dial back its “scientific certainty” a bit by issuing guidance instructing its experts to not make this claim in court. This follows years of bogus matches being presented as sure things by forensic experts in court, leading to an unknown number of false convictions. This step back is a step forward for an agency that is mostly unwilling to admit to any mistakes or wrongdoing.

• Video released shows officers shooting 6-year-old

  A Louisiana judge released body cam video Wednesday showing officers firing multiple rounds into a car, unknowingly striking and killing a 6-year-old boy.
  The incident, which happened in September 2015, resulted in the indictments of two marshals on second degree murder and second degree attempted murder charges.

  The marshals began pursuing the car after they witnessed an argument between a man and his girlfriend in front of a local bar, a source told CNN. Officers moved to detain the man, identified as Christopher Few, who took off in his car.
  The pursuit ended in gunfire on a dead-end street in Marksville, Louisiana.

• Massachusetts Detective who Threatened to Murder Teens and Plant Drugs Won’t Be Fired or Charged

  A Springfield, Massachusetts narcotics detective has been placed on leave for 60 days, but not fired, after videos surfaced showing him threatening to murder two teenagers and plant drugs on them — videos which have cast doubt on the detective’s numerous drug cases.

  Detective Gregg A. Bigda was caught on video on February 26 at the Palmer Police Department, where he interrogated two teenagers, who along with a third teen were suspected of stealing an undercover police car outside a pizza shop, when he made the threats, according to a report on MassLive.com.

• New Jersey Woman Forced into Mental Facility for Video Recording Courthouse

  It was a beautiful day in Freehold, New Jersey, so Jen Coombs decided to do First Amendment audits at the Monmouth County jail and courthouse to see how well officials there would respect her right to record in public.

  The New Jersey woman who runs a Facebook page called Time to Stand – New Jersey ended up forced into a mental facility against her will for four days. Not that it kept her from doing another First Amendment audit on the same courthouse upon her release.

  It all started on September 15, 2016 when Coombs made her way around the public areas of the facility and was approached within minutes by two jail employees who seemed determined to snatch the camera out of her hand before even asking her what she was doing.

  It wasn’t just her camera they were after. Coombs was immediately placed in handcuffs and her car keys were taken. Police then used her keys to find her parked car.

  Officials did not stop at just running her tags to get her information though. They used the keys to open her car and rummage around inside in an apparent search for something, anything, to charge her with.

• Christian boy, 16, facing DEATH PENALTY for offending Muslims in Facebook post

  The boy has been arrested and charged with blasphemy after a photo of the Kaaba in Mecca, one of the holiest sites in Islam, appeared on his profile.

  A Muslim man told police the image, which was part of an alleged derogatory post against Islam on the boy’s profile, was insulting and sacrilegious.

  The black cube-shape is built around an ancient stone at the centre of Islam’s most sacred mosque Al-Masjid al-Haram in Mecca, Saudi Arabia.

  Locals reportedly claimed the image showed the Kaaba with a pig’s head on top.

• Is It Still An Anonymous Tip If It’s Me?

  In Lackawanna County, Pennsylvania, two police officers found a way to get around one of those annoying loopholes that prevent them from locking up people who are guilty, guilty, GUILTY!!! The loophole is known to the rest of us as “The Fourth Amendment,” which states (among other things) “that no warrant shall issue except upon probable cause.”

  Detective Harold Zech and Lawrence Spathelf didn’t have probable cause to search the homes of Albert McCullough and Dakeem Booker, so they made their own. They phoned in “anonymous” tips to McCullough’s and Booker’s parole officers, who searched their and found some heroin.

• New Guantánamo intelligence upends old ‘worst of the worst’ assumptions

  The “Dirty 30” probably weren’t all Osama bin Laden bodyguards after all. The “Karachi 6” weren’t a cell of bombers plotting attacks in Pakistan for al-Qaida. An Afghan man captured 14 years ago as a suspected chemical weapons maker was confused for somebody else.

  An ongoing review shows the U.S. intelligence community has been debunking long-held myths about some of the “worst of the worst” at Guantánamo, some of them still held today. The retreat emerges in a series of unclassified prisoner profiles released by the Pentagon in recent years, snapshots of much larger dossiers the public cannot see, prepared for the Periodic Review Board examining the Pentagon’s “forever prisoner” population.

• DEA’s Army of 18,000 Informants Pocketed $237 Million Over Five Years

  It’s no secret that the Drug Enforcement Administration relies heavily on an army of confidential sources — men and women compelled, coerced, or enticed to share information with law enforcement, sometimes to alleviate their own legal troubles, sometimes for cash.

  Precisely how those relationships play out, however, is often shrouded in secrecy.

  A recently published audit by the Department of Justice has now offered a startling glimpse behind the scenes of those operations, revealing a world in which hundreds of millions of dollars have been doled out to thousands of informants over the last five years. Those informants include package delivery personnel, bus company employees, and Transportation Security Administration agents moonlighting as drug war spies — all operating with abysmal oversight and scant evidence of return on investment.

• Military-Style Raid Ends Native Prayer Against Dakota Pipeline

  Up to 21 people were arrested during a peaceful prayer service.

  North Dakota police with military-style equipment surrounded Native Americans gathered in prayer against the construction of the Dakota Access pipeline on Wednesday, disrupting their plan to cross sacred and treaty-protected land in protest of a project they fear will destroy their livelihood.

• U.S. Court Of Appeals Upholds Ruling That New Hampshire’s Silly Ballot Selfie Ban Violated The First Amendment

  You may recall that roughly a year ago, a federal judge struck down a New Hampshire law that made “ballot selfies” illegal. The state had essentially updated its laws revolving around limiting the ability to sell votes or influence the public through depicting who a person voted for to include criminalizing anyone that took a picture of their completed ballot and shared it on social media. The state had said that allowing that sort of thing encouraged voter corruption, with the idea that ballot selfies would be used as a form of proof that a bought vote had been completed, or might otherwise be used to influence other members of the public as to how to vote. It was a strange theory, given how unlikely it would be for a corrupted voter to post evidence of his or her corruption on Facebook, not to mention that stating that a person essentially couldn’t engage in a form of political speech via a picture was flatly unconstitutional. The federal judge agreed.

• Border Patrol Agent Caught Watching Porn On The Job Blames The Internet Filter For Not Stopping Him

  We talk about porn filters occasionally here at Techdirt. Usually those discussions revolve around how useless and easily circumvented those filters are, even as the more clueless in government insist that we need more of this non-filtering filtering. This is not one of those stories. Instead, it is the story of one of the most tone-deaf individuals with a penchant for excuse-making I’ve ever come across.

  We start with Gizmodo, a website that used to be owned by Gawker Media until a rich guy decided to show America exactly what a rich guy with a lot of money could do and had Gawker shut down, presumably then diving into a pile of gold coins and rubbing hundred dollar bills on his nipples. Gizmodo recently filed an FOIA request to get at documents involving the misuse of computer equipment with the Department of Homeland Security. The site was hoping to see if there were any cases of overreach and abuse of technology by the department. Instead, it uncovered four cases of people watching porn, including one really special case involving a border patrol agent that simply would not stop looking at porn while on the job.

Internet Policy/Net Neutrality

• Ridiculously Stupid: 4 State Attorneys General File Totally Bogus Lawsuit Against Internet Transition

  Okay, this is really dumb. What is it about state attorneys general making totally bullshit claims? It seems to happen with fairly consistent frequency. The latest is that four state AGs (from Arizona, Texas, Oklahoma and Nevada) have filed a lawsuit to stop the IANA transition. If you don’t recall, we’ve written about this a bunch. A bunch of people are up in arms over something they don’t seem to understand. The IANA transition is a good thing. It’s not the US government handing over the internet to Russia and China as you may have heard. It’s the Commerce Department severing an almost entirely symbolic link between it and a very specific internet governance capability concerning top level domains. And it’s important to complete the transition because other countries (including Russia and China) keep pointing to this symbolic link as a reason for why they should have more say in internet governance. Getting rid of the link keeps the internet functioning as it has for decades — and takes away a weapon from Russia and China. More importantly, going back on the transition now actually gives even more ammo to Russia and China, allowing them to point to unilateral actions by the US gov’t to block a process that everyone had agreed upon earlier.

  Anyway, to the actual lawsuit. It’s dumb. It’s really dumb. If you live in Arizona, Texas, Oklahoma or Nevada, you should be embarrassed for your Attorneys General. Elect better ones next time, please. First of all, they have no standing whatsoever to file this lawsuit. The IANA/top level domain system is not those states. They have no claim here other than “HEY LOOK! POLITICAL FOOTBALL THAT WE CAN GRANDSTAND OVER!” That does not give them standing. The best they can come up with for claiming standing is… uh… “hey, we have some websites.” No, really.

• Judge Says No Way To Attorneys General Looking To Block IANA Transition

  Well, this isn’t much of a surprise, but following the ridiculous last minute attempt to block the IANA transition by four state attorneys general (who have absolutely no standing or argument), a judge has flatly denied their request for an injunction meaning that the transition is a go for midnight tonight, barring any really last minute unforeseen methods to block it (or a desperate leapfrog to an appeals court).

  Having spent part of the morning responding to clueless conspiracy theorists on my earlier post, I’m sure you’re going to hear the standard ridiculous lizard people warnings about how this is enabling “the UN” or “leftists” and “globalists” to “takeover” the internet and how it will allow China to build the “Great Firewall” into the core functioning of the internet. None of that is even remotely true. What happens tonight at midnight is… nothing, basically. ICANN, which has managed the IANA function through its multistakeholder process for almost two decades… will continue to do so. Nothing changes. The only “change” is that the US Commerce Dept. no longer has to issue a contract to ICANN for the IANA functions. And that’s it.

• Net Neutrality: BEREC on the Right Path, Let’s Keep the Pressure on

  Net Neutrality is one of central challenge in the application of fundamental rights in the digital space. Too often it has been only considered as a technical or commercial issue, but it has serious impact on the real exercise of right to freedom of speech, right to information and on how the society build and think of itself; but also has important impacts on industrial and commercial issues. La Quadrature du Net has followed this issue since its start in the European debate circa 2009 by trying to defend a definition and wording in EU law of a strict Net Neutrality, protecting users and guaranteeing opportunities of development in a sane digital environment. As the BEREC guidelines for the Telecom Regulation adopted in October 2015 have been published, it is time to come back on the few years of campaign and to present the next fights and challenges for fundamental rights.

  La Quadrature du Net has defended, since 2009 and the first announces of EU works on Net Neutrality, an approach based on the defence of fundamental rights: to secure Net Neutrality, it is to defend the access of all to the Internet network, it is to allow to receive and send information with the same condition for all, it is to guarantee technical condition to a free and fair exercise of freedom of speech and information.

  It was not self-evident: as soon as the subject was within the speeches of Telecom operators and big digital companies, everything was made to consider Net Neutrality only from the perspective of financing Internet traffic and not as a major issue for the balance of the network that determines the quality of access and circulation of the information and services for the users as a whole.

• A Massive Cable Industry Disinformation Effort Just Crushed The FCC’s Plan For Cable Box Competition

  Back in February the FCC proposed a new plan to bring competition to the cable box. Under the plan, cable providers would need to provide their programming to third party hardware vendors without the need for a CableCARD. The goal? Bring some competition to bear on a stagnant, captive market, resulting in cheaper, more open, and higher quality cable boxes. But because the plan would demolish $21 billion in rental fees while eroding sector control, the cable industry launched one of the most unprecedented lobbying and disinformation efforts I’ve ever seen in 16 years of covering the sector.

  Politicians loyal to the cable industry wrote letters lambasting the FCC for “jeopardizing the incredible evolution of video distribution services,” falsely comparing the idea to Popcorn Time. A flood of editorials magically began appearing in newspapers country wide claiming the FCC’s plan would boost piracy, hurt consumer privacy, and even “steal the future.” The cable sector even trotted out Jesse Jackson, who claimed in a horribly misleading op-ed that increased cable box competition was akin to the “snarling dogs, water hoses and church bombings” of America’s racist history. Seriously.

DRM

• Racing Game Developers Sacrifice Playability On The Altar Of Anti-Piracy, Deliver Laggy Mess To Paying Customers

  So much for the advantages of PC gaming. Build a rig to your specifications and company reps tell you to use bog-standard settings to keep from being tripped up by anti-piracy and anti-hacking asset checks. If gamers wanted a one-size-fits-all gaming experience, they’d have settled for the console version. And there’s no guarantee that will work. The problem has been linked to on-the-fly decryption of game assets, which isn’t going to be solved in all cases by using default video settings.

  There’s a fix on the way but it’s tough to see how the developers are going to get around built-in asset checks that run through Windows EFS. There’s no easy “switch” to turn that off. While I understand developers are concerned about software piracy and cheaters/hackers ruining the online experience of honest players, there’s simply nothing to be gained by irritating those who’ve spent perfectly functional money on deliberately-broken software.

Intellectual Monopolies

• Time To Talk Digital Issues At WTO With Focus On Developing Countries, Forum Hears

  Now is the time for those who want to bring new voices to the digital trade and general trade debate involving the World Trade Organization, says an adviser to a leading security think tank in Switzerland.

  “If the objective is for trade policy to effectively bring in non-traditional voices this is a perfect time for that to take place,” Nick Ashton-Hart, a consultant and associate fellow for the Geneva Centre for Security Policy said at the WTO’s 27-29 September Public Forum yesterday.

• Uber hires former Google licensing executive in what could be a familiar pre-IPO play

  In a major move in the licensing community, former Google patent executive Kurt Brasch has moved to Uber as senior manager, patents. He joins an IP team led by fellow former Google employee Michael Meehan who jumped ship in February of this year.

  Brasch left Google earlier in the summer as the search giant let go of most of the legacy licensing team that it had picked up through its 2012 acquisition of Motorola Mobility.

  At Google he played a role in the Patent Purchase Promotion and its recent industry-wide successor IP3; helped launch the Patent Starter Program designed to encourage start-ups to join the License on Transfer Network; and led the team behind the 2014 cross licence with Cisco. That series of successes last year led this blog to name him as one of the IP personalities of 2015.

• Gurry Speaks On Allegations For First Time As WIPO Members Discuss Actions

  Heading into next week’s annual UN World Intellectual Property Organization General Assemblies, WIPO member states are considering a report from the United Nations investigations office regarding allegations of wrongdoing made involving WIPO Director General Francis Gurry. And for first time since the allegations arose, Gurry has offered his defence. Spoiler alert: he neither confirmed nor denied it but raised questions about the legality of sharing the report with member states.

• Trademarks

  • Supremes to rule on feds’ trademark censorship

    The U.S. Supreme Court has agreed to review the case alleging improper government censorship of a trademark for a band named The Slants, a precedent that also likely will impact significantly the current fight over the Washington NFL team’s name, the Redskins.

    According to the Rutherford Institute, which filed a friend-of-the-court brief in support of the band’s name, the censorship “openly discriminates against speech on the basis of content and viewpoint, violating the most fundamental constitutional guarantees to freedom of expression under the First Amendment.”

    The Asian-American dance rock band sued after the federal government, through its U.S. Patent and Trademark Office, censored them.

  • Can you trademark an offensive name or not? US Supreme Court to decide

    The Supreme Court on Thursday said it would decide, once and for all, whether federal intellectual property regulators can refuse to issue trademarks with disparaging or inappropriate names.

    At the center of the issue is a section of trademark law that actually forbids the US Patent and Trademark Office (USPTO) from approving a trademark if it “consists of or comprises immoral, deceptive, or scandalous matter; or matter which may disparage or falsely suggest a connection with persons, living or dead, institutions, beliefs, or national symbols, or bring them into contempt, or disrepute.”