Contents

• GNU/Linux
  • Distributions
  • Devices/Embedded
• Free Software/Open Source
• Leftovers

GNU/Linux

• Desktop

  • Refreshing old computers with Linux

    It’s nearly impossible to enter a school these days without seeing an abundance of technology. Despite this influx of computers into education, funding inequity forces school systems to make difficult choices. Some educators see things as they are and wonder, “Why?” while others see problems as opportunities and think, “Why not?”

    Andrew Dobbie is one of those visionaries who saw his love of Linux and computer reimaging as a unique learning opportunity for his students.

• Kernel Space

  • Btrfs Gets More RAID 5/6 Fixes In Linux 4.16

    The Btrfs file-system updates were mailed in and subsequently pulled today to the mainline tree for the Linux 4.16 kernel merge window.

    There are some minor improvements like a zero range mode for fallocate, code clean-ups, improved bio merging on multiple devices, compression heuristic changes, and other small work.

  • Jailhouse Guest Support To Be Included With Linux 4.16

    With Linux 4.16 is initial support for the Jailhouse hypervisor to support native Linux guests in non-root cells.

    The past half-decade Siemens has been developing the Jailhouse partitioning hypervisor that is lighter than KVM and designed for their demanding, real-time, safety and security critical workloads. With Linux 4.16 the first bits of it are being mainlined in the Linux kernel in the form of the new JAILHOUSE_GUEST option to allow non-root cells to let Linux run as a guest.

  • Block Updates Land In The Linux 4.16 Kernel

    The block subsystem updates have now landed in Linus Torvalds’ Git tree during the first full day of the Linux 4.16 kernel merge window.

    There isn’t any “breakthrough” new block features for Linux 4.16 but the block optimizations are notable and I look forward to benchmarking that shortly.

  • L2 CDP Added To Linux 4.16 For L2 Cache Partitioning On Intel CPUs

    L2 Code and Data Prioritization (L2 CDP) is a feature of Intel’s Resource Director Technology (RDT) that will now be supported with the Linux 4.16 kernel.

    Intel RDT’s L2 Code and Data Prioritization feature allows for programmatic control over code and data placement in the L2 cache. This feature will be supported by future Intel Atom CPUs and is intended for use-cases where precise L2 cache control is desired for a VM/container/application.

  • Linux_4.15

  • Linux 4.15 Kernel, GCC, LinuxBoot Project and More Cryptojacking

  • SD Times news digest: Linux 4.15 not final, TensorFlow 1.5, and Cettia 1.0.0

  • Linus Torvalds announces Linux kernel 4.15 with a focus on Spectre and Meltdown

    After a long wait, the much-anticipated Linux kernel 4.15 is finally here. While these kernel releases are always important, this one is particularly noteworthy. Why? Because it largely focuses on Spectre and Meltdown mitigation. With that said, it is not only about those vulnerabilities, of course.

  • Torvalds Releases Linux 4.15 With Improved Meltdown, Spectre Patches

    CPU security issues required the longest Linux kernel development cycle since 2011, as Linus Torvalds releases Linux 4.15

    Linus Torvalds released the first new Linux kernel of 2018 on Jan. 28, after the longest development cycle for a new Linux kernel in seven years.

    During the release Linux Kernel release cycle, Torvalds typically issues a release candidate once a week, with most cycles including six to eight release candidates.

  • Microsoft Hyper-V Guests Get PCID Support With Linux 4.16

    With the in-development Linux 4.16 kernel there is now support for PCID with Microsoft Hyper-V virtualization guests.

  • Linux Foundation

    • CNCF to Host the Rook Project to Further Cloud-Native Storage Capabilities

      Today, the Cloud Native Computing Foundation (CNCF) Technical Oversight Committee (TOC) voted to accept Rook as the 15th hosted project alongside Kubernetes, Prometheus, OpenTracing, Fluentd, Linkerd, gRPC, CoreDNS, containerd, rkt, CNI, Envoy, Jaeger, Notary and TUF.

      Rook has been accepted as an inception-level project, under the CNCF Graduation Criteria v1.0. The CNCF provides every project an associated maturity level of either inception, incubating or graduated. At a minimum, an inception-level project is required to add value to cloud native computing and be aligned with the CNCF charter.

    • CNCF’s First Cloud-Native Storage Project Is Rook

      Rook helped support HBO’s Game of Thrones season 7 premiere. Now, the open source software-defined storage project is the Cloud Native Computing Foundation’s 15th hosted project and first in the storage category.

      Kubernetes container deployments typically use external storage systems. Rook, on the other hand, brings file, block, and object storage systems into the Kubernetes cluster. This allows the systems to run alongside other applications that use their data, and it makes the cloud-native cluster portable across public and private clouds.

    • Jorge Castro: Updating your CNCF Developer Affiliation

      The Cloud Native Computing Foundation uses gitdm to figue out who is contributing and from where. This is used to generate reports and so forth.

    • AT&T plans to accelerate White Box adoption by releasing dNOS into open source

      AT&T has announced that it will open source its Disaggregated Network Operating System (dNOS) project and that it will soon be hosted by the Linux Foundation. The dNOS project provides a software framework to speed the adoption and use of white boxes in a service provider’s infrastructure. The idea is that telcos, software developers, cloud providers, hardware makers and networking application developers can quickly create new white box infrastructure to meet evolving carrier requirements – and, perhaps just as importantly, do it in a more cost-effective way.

• Applications

  • How BuildStream uses OSTree

    I’ve been asked a few times about the relationship between BuildStream and OSTree. The answer is a bit complicated so I decided to answer the question here.

    OSTree is a content-addressed content store, inspired in many ways by Git but optimized for storing trees of binary files rather than trees of text files.

    BuildStream is an integration tool which deals with trees of binary files, and at present it uses OSTree to help with storing, identifying and transferring these trees of binary files.

    I’m deliberately using the abstract term “trees of binary files” here because neither BuildStream or OSTree limit themselves to a particular use case. BuildStream itself uses the term “artifact” to describe the output of a build job and in practice this could be the set of development headers and documentation for library, a package file such as a .deb or .rpm, a filesystem for a whole operating system, a bootable VM disk image, or whatever else.

  • tmux – A Powerful Terminal Multiplexer For Heavy Command-Line Linux User

    tmux stands for terminal multiplexer, it allows users to create/enable multiple terminals (vertical & horizontal) in single window, this can be accessed and controlled easily from single window when you are working with different issues.

    It uses a client-server model, which allows you to share sessions between users, also you can attach terminals to a tmux session back. We can easily move or rearrange the virtual console as per the need. Terminal sessions can freely rebound from one virtual console to another.

  • Instructionals/Technical

    • Quick Guide for Linux user access control list (ACL) Vlog

    • RAID 5 vs RAID 10: Recommended RAID For Safety and Performance

    • How to redirect standard error in bash

    • How to Use Continuous Release (CR) Repository in CentOS

    • isalnum() is not my friend

    • Jekyll and Mastodon

    • 8 Free Linux eBooks for Beginners

    • An introduction to the DomTerm terminal emulator for Linux

      DomTerm is a modern terminal emulator that uses a browser engine as a “GUI toolkit.” This enables some neat features, such as embeddable graphics and links, HTML rich text, and foldable (show/hide) commands. Otherwise it looks and feels like a feature-full, standalone terminal emulator, with excellent xterm compatibility (including mouse handling and 24-bit color), and appropriate “chrome” (menus). In addition, there is built-in support for session management and sub-windows (as in tmux and GNU screen), basic input editing (as in readline), and paging (as in less).

    • How to Use DockerHub

    • Quick branding for Red Hat OpenShift Container Platform with your company logo

    • L3 routing to the hypervisor with BGP

    • 7 Ways to Automate Kubernetes at Scale in Production

    • What Happens When You Want to Create a Special File with All Special Characters in Linux?

  • Games

    • Graphics and music tools for game development

      In early October, our club, Geeks and Gadgets from Marshall University, participated in the inaugural Open Jam, a game jam that celebrated the best of open source tools. Game jams are events where participants work as teams to develop computer games for fun. Jams tend to be very short—only three days long—and very exhausting. Opensource.com announced Open Jam in late August, and more than three dozen games were entered into the competition.

      Our club likes to create and use open source software in our projects, so Open Jam was naturally the jam we wanted to participate in. Our submission was an experimental game called Mark My Words. We used a variety of free and open source (FOSS) tools to develop it; in this article we’ll discuss some of the tools we used and potential stumbling blocks to be aware of.

    • Godot 3.0 is out and ready for the big leagues

      After more than 18 months of development, all Godot Engine contributors are proud to present our biggest release so far, Godot 3.0! It brings a brand new rendering engine with state-of-the-art PBR workflow for 3D, an improved assets pipeline, GDNative to load native code as plugins, C# 7.0 support, Bullet as the 3D physics engine, and many other features which are described in depth below.

    • Godot 3.0 Open-Source Game Engine Released

      The open-source game engine developers behind the huge Godot 3.0 update out before the end of January as planned.

• Desktop Environments/WMs

  • K Desktop Environment/KDE SC/Qt

    • You Can Now Use VirtualBox to Test KDE Plasma Mobile

      If you’re keen to try KDE Plasma mobile first hand I’ve some good news for you: it just got super easy to download and test it.

      Yup, KDE has announced that a new ISO image is now available to download. Using this image you can boot an alpha-quality version of Plasma Mobile in a virtual machine app like VirtualBox or KVM.

    • Events: Akademy 2018

      Not nearly as close as FOSDEM, but still coming up on the KDE Community calendar: Akademy 2018. It’s in Vienna. I vaguely remember visiting Vienna once, long ago — possibly an FSFE function. So it’s high time to head out that way again to visit the local KDE team and to see what 2017-2018 has brought (and will bring) the KDE community.

    • KEXI 3.1.0 Beta & Frameworks

      Today is the release day for KEXI 3.1.0 Beta & its frameworks: https://community.kde.org/Kexi/Releases#3.1.0_Beta_1

      Since version 3 it becomes KEXI not Kexi to suggest becoming a standalone app. It’s standalone status includes being first-class app also outside of KDE Plasma. To make this real things such as useful yet simple file widget are developed or single click mode is really single click mode “even” on XFCE. Actually implementing optimal experience for Windows is quite similar to supporting XFCE.

      KEXI Frameworks are now prepared for backward compatibility rules within the series >=3.1. So I would encourage to try KProperty if you need powerful property editing features in your app in place of tedious Qt list or tree views. There’s KPropertyExample in the same repository. Then there’s KDb if you actually expect more (something low or high-level) than QtSql, that is also need to create database or SQLite-based documents, what seems to be very popular container in our times. Then try KReport if you want escape from generating (ODF/HTML/whatever) documents “by hand”, or QPainting them by hand, just to be able to print your application’s data in a structured way with nice title, header, footer. Try KReportExample to see KReport in action with “a few lines of code” app.

    • New artwork for Falkon, do you have any ideas?

      The lead developer has called for submissions on a new logo for Falkon. One of the current submissions, which I must say I love, is shown below by Andres Betts who is on the KDE VDG team.

    • Polishing Plasma 5.12

  • GNOME Desktop/GTK

    • GNOME Tweaks 3.28 Progress Report 1

      A few days ago, I released GNOME Tweaks 3.27.4, a development snapshot on the way to the next stable version 3.28 which will be released alongside GNOME 3.28 in March. Here are some highlights of what’s changed since 3.26.

• Distributions

  • Quick Look at the Arch Based Indie Linux Distribution: MagpieOS

    Most of the Linux distros that are in use today are either created and developed in the US or Europe. A young developer from Bangladesh wants to change all that.

  • Gentoo Family

    • FOSDEM is near

      Excitement is building with FOSDEM 2018 only a few days away. There are now 14 current and one former developer in planned attendance, along with many from the Gentoo community.

  • OpenSUSE/SUSE

    • openSUSE Tumbleweed Users Can Now Try Out the KDE Plasma 5.12 LTS Desktop

      Users of the openSUSE Tumbleweed rolling operating system series received a lot of goodies last week, and openSUSE Project’s Douglas DeMaio is informing us on the latest snapshots and updates.

  • Slackware Family

    • Chromium 64 – and 32bit pain

      The new release of the Chromium sources gives us version 64 of Google’s browser. I have created Slackware packages for you, but that was not entirely trivial.

      The Chromium compilation on my 32bit Slackware OS kept failing on the embedded ffmpeg. I am afraid the fact that some of the bigger distros are dropping 32bit variants starts showing and things are coming apart at the seams.

      When you are a developer and there’s no 32bit release of your favorite OS, this makes it quite difficult to test the validity of code paths when you only compile and test your code on a 64bit platform. This is what’s happening with Google’s Chromium code and it will probably only get worse.

  • Red Hat Family

    • PodCTL #23 – Microservices with Istio

    • Finance

      • Red Hat, Inc. (RHT)- Stocks Hammered on Sluggish Data

  • Debian Family

    • Webmail and whole class of problems.

      I am sure some people would suggest either Emacs or alpine or some other tool which works and I’m sure it worked right out of bat for them, for me I wanted to have something which had a GUI and I didn’t have to think too much about it. It also points out the reason why Thunderbird was eventually moved out of mozilla in a sense so that community could do feature and bug-fixing more faster than either mozilla did or had the resources or the will to do so.

    • Derivatives

      • Canonical/Ubuntu

        • LXD Weekly Status #32

        • Ubuntu reverting to Xorg in Bionic Beaver

          Ten years’ worth of effort to replace the Xorg graphics framework has been given a “must try harder” mark by Ubuntu, which says its next release will not use Wayland by default.

          Ubuntu’s desktop engineering manager Will Cooke made the announcement last Friday, saying the decision applies to the Bionic Beaver release due in April.

          He listed three shortcomings in Wayland: screen sharing works (for example in Skype, Hangouts and WebRTC) better in Xorg, remote desktop control ditto, and “recoverability from Shell crashes is less dramatic”.

        • Flavours and Variants

          • System76 Wants to Offer Full Disk Encryption for Its Ubuntu-Based Pop!_OS Linux

            System76, the computer reseller specialized in the sale of Linux-based notebook, desktop, and server computers, shared details on new installer work for the next release of Pop!_OS Linux.

            It would appear that System76 is collaborating with elementary’s Daniel Foré on a new installer, which will offer full disk encryption support, for the next major release of their Ubuntu-Based Pop!_OS Linux distribution, which is coming this spring based on Canonical’s Ubuntu 18.04 LTS (Bionic Beaver) operating system.

• Devices/Embedded

  • Pico-ITX SBC extends hexa-core Rockchip RK3399

    Aaeon’s “RICO-3399” SBC runs Android 7.0 on the Rockchip RK3399, with 2x Cortex-A72 and 4x -A53 cores, plus 2GB RAM, 16GB eMMC, and GbE, HDMI 2.0, USB 3.0, serial, and mini-PCIe connections.

  • Android

    • Transform Your Old Android Phone Into a Pixel 2 With This App

    • Nokia 3 to Get Android Oreo Beta Soon, while Nokia 2 will Jump to Android 8.1 Oreo

    • The default gallery app on some Alcatel phones has been replaced with spamware, and users are angry

    • 4 Android Apps That’ll Help Start Your Morning Off Right

    • ASUS ZenFone 3 is getting the Android 8.0 Oreo update

    • Jio working on entry-level Android Oreo Go Edition 4G smartphone in partnership with MediaTek

Free Software/Open Source

• Open source needs contributions: automation, scale & security are key

  Automated software container security company Twistlock claims to be passionate about open source contributions.

  Company CTO John Morello points out that all too few firms actually contribute with ‘code commits’ despite many claiming to be open source advocates, or openly stating their use of open technologies.

• Blockchain is this year’s buzzword – but can it outlive the hype?

  “Blockchain has the potential to replace mediators who are present today in multiple industries to provide transparency and accountability, such as banks for financial transactions, universities for verifying academic certificates or music companies to reward music creators,” says Dr David Galindo, a senior lecturer at the University of Birmingham and a cryptography expert.

• A Project Overview of Cardstack Cryptocurrency and Open-source Blockchain

  Since its invention in 2009, blockchain has evolved to become a major revolutionary technology of the digital world. Decentralized tech like Bitcoin, Ethereum and several other cryptocurrencies and ventures have established and utilized the proficiency of blockchain in making money. There is a new player in the market and it is called Cardstack, a likely solution for decentralized internet founded by Chris Tse.

• Can Mycroft’s Privacy-Centric Voice Assistant Take On Alexa And Google?

  Ask Joshua Montgomery what’s wrong with smart speakers like the Amazon Echo and Google Home, and you’ll likely get a cynical answer.

  Montgomery is the CEO of Mycroft, which for the past few years has been building an open-source alternative to big tech’s voice assistants. He doesn’t trust any of those companies–not Google, nor Apple, nor Amazon–to protect people’s privacy or act in users’ best interests.

• Events

  • Fleet Commander!

    I’ve presented a talk about Fleet Commander at DevConf CZ’2018, which basically show-cases the current status of the project after having the whole integration with FreeIPA and SSSD done!

  • We are back! #LinuXatUNI on the stage

  • Meet us at FOSDEM 2018!

    Members of the Purism design team, Librem 5 development team, and PureOS developers will be meeting up and walking around the event, namely: François, Predrag (Peter), Jeff, Nicole, Dorota, Guido, Matthias and Zlatan will all be on-site. You can check out what they look like on our team page. Come and say hi!

  • Day one of the pre-FOSDEM Debconf Videoteam sprint

    I’m at the Linux Belgium training center, where this last week before FOSDEM the DebConf video team is holding a sprint. The nice folks of Linux Belgium made us feel pretty welcome…

• Web Browsers

  • Mozilla

    • Mozilla’s Public Policy Impact on Internet Health

      Rest assured, in 2018, we will invest heavily in shaping public policy issues that contribute to and advance a healthy internet. We’ll continue our leadership on multi-year issues like privacy and security. We’ll keep fighting the critical ongoing battles like copyright reform and net neutrality. And we’re looking at emerging topics related to openness and decentralization, understanding and fighting back against the future of gatekeeper control of our internet. We also have incredible depth left to be explored on how we perceive and experience trust online, and who around the world really gets included and can take full advantages of the opportunities of the internet. Some of the policy issues we tackle will be major headlines, even more so in 2018 than they were in 2017 – issues like competition, artificial intelligence, and intermediary liability. And we will be there. Across the board, in 2018, we will engage in public policy wherever we can to promote a healthy, open, trusted internet.

    • Progressive Web Apps are here. What’s the big deal?

      The web is the largest software platform ever, a great equalizer that works on any device, anywhere. The more it can do, the better off we’ll be. That’s the thinking behind Progressive Web Apps (PWA), mobile-friendly websites that can almost everything native apps can do, and they’re coming to Firefox for Android.

    • January 2018 CA Communication

      Mozilla has sent a CA Communication to inform Certificate Authorities (CAs) who have root certificates included in Mozilla’s program about current events related to domain validation for SSL certificates and to remind them of a number of upcoming deadlines.

    • Everything you need to know about privacy may just be on Reality TV

      One of the most prevalent and frightening things that women have to deal with online is the threat of stalking and severe harassment. Having been frequent targets of abuse, online harassment and stalking for the better part of a decade, it is clear that over the past few years, the Kardashian-Jenner clan have become experts in privacy because they’ve been forced to— these women have learned the hard way that they need to be in control of information about their private lives.

    • FOSDEM, Rust, and Debugging

      I’ve recently switched groups at Mozilla to start working full-time on improving Rust debugging.

    • Firefox to emit ‘occasional sponsored story’ in ads test

      Some users who bravely test betas of Mozilla’s Firefox browser will soon also test an “occasional sponsored story” as the browser-maker tries to re-invent web ads.

      This story starts with Mozilla’s February 2017 acquisition of web-clipping app Pocket.

      Pocket let users bookmark content they like, then sync that list of sites across multiple devices. The occasional sponsored post popped up among those lists.

• FSF/FSFE/GNU/SFLC

  • Announcing ncurses 6.1

    The ncurses (new curses) library is a free software emulation of curses in System V Release 4.0 (SVr4), and more. It uses terminfo format, supports pads and color and multiple highlights and forms characters and function-key mapping, and has all the other SVr4-curses enhancements over BSD curses. SVr4 curses became the basis of X/Open Curses.

  • Ncurses 6.1 Released With A Variety Of Improvements & Other Changes

    Ncurses 6.1 retains compatibility support for Ncurses 5.0/6.0, but adds in a variety of new features and improvements. There is now extended numeric capabilities, various internal code changes to enhance Ncurses’ performance, some new functions introduced, and a variety of corrections to existing features.

• Openness/Sharing/Collaboration

  • Truly open education will require sweeping changes

    It is no secret that American schools have struggled to prepare students for the jobs of today and tomorrow. Critics have blamed schools’ shortcomings on a variety of factors: change-resistant bureaucracy, low standards, straying too far from the Three R’s, inadequate teacher training, and more. One potential root cause of this fundamental issue is that the education system isn’t built to be responsive to a rapidly changing environment.

    Public education’s aims—providing every student with a free and appropriate education regardless of race, sex, class, disability, etc.—are undeniably admirable. An unfortunate outgrowth of these aims is an emphasis on standardization that can be sluggish and stagnant. This wouldn’t be such a problem if the world wasn’t evolving so rapidly economically, technologically, politically, and socially. Parents, students, and employers are sounding the alarm about this issue. It’s becoming clear that a structural shift will have to happen for the education system to become more responsive to the needs of its key stakeholders.

• Programming/Development

  • Introducing RLlib: A composable and scalable reinforcement learning library

    In a previous post, I outlined emerging applications of reinforcement learning (RL) in industry. I began by listing a few challenges facing anyone wanting to apply RL, including the need for large amounts of data, and the difficulty of reproducing research results and deriving the error estimates needed for mission-critical applications. Nevertheless, the success of RL in certain domains has been the subject of much media coverage. This has sparked interest, and companies are beginning to explore some of the use cases and applications I described in my earlier post. Many tasks and professions, including software development, are poised to incorporate some forms of AI-powered automation. In this post, I’ll describe how RISE Lab’s Ray platform continues to mature and evolve just as companies are examining use cases for RL.

  • Employers want JavaScript, but developers want Python

    When it comes to which programming languages are in demand by employers, JavaScript, Java, Python, C++, and C—in that order—came out on top in a recent developer survey. Developers, however, want to learn languages like Python, Go, and Kotlin.

    A survey of developers by technical recruiter HackerRank, conducted in October, found no gap between languages employers want and what developers actually know, with JavaScript barely edging out Java. But as far as which languages developers prefer, Python is the language developers most want to learn—and many already know it, HackerRank found.

Leftovers

• Ten Days in Shenzhen

  Despite the several issues I ran into, including the tech issues I encountered because of my pig-headed insistence on preserving a high level of security and some poor choices I made, I consider my ten day stay in Shenzhen a resounding success. I feel much more confident moving my project along and more solid in my understanding of hardware after the experience. It highlighted several issues and opened the door to several new possibilities. I don’t know of any other place in the world that I’ve traveled to that could offer this much for a hardware project. There are certainly much wider ramifications to such a realization than my personal interests and the hardware segment of the tech world, but that’s a separate topic.

• Apple iPhone X demand: More data, more questions

  Initially, the big question was whether Apple Inc. AAPL, -2.07% would be able to produce iPhone X devices quickly enough to meet demand for the phone, which was expected to drive a “supercycle” of upgrades. Now, however, analysts are wondering whether Apple might be easing up on build orders for the phone given that interest hasn’t quite manifested as anticipated, and whether this even matters for the stock.

• Science

  • Human genome decoded with pocket-sized device

    Scientists used a portable device no bigger than a cellphone to sequence the most complete human genome ever assembled with a single technology, according to a study published Monday.

    The breakthrough, detailed in the journal Nature Biotechnology, brings us closer to the day when family doctors will order up genome scans during a regular check-up along with blood work, the authors suggested.

    “We are definitely approaching the point where sequencing genomes will become a routine part of advanced clinical exams,” lead author Matthew Loose, a professor at the University of Nottingham, told AFP.

• Health/Nutrition

  • Faced with failing antibiotics, scientists are using killer viruses to fight superbugs

    Resistance is much less likely to develop with phages, because each type of phage infects a specific type of bacteria. Using them to fight infections is an old idea. But until recently, finding the right type of phage was little more than guesswork. Sometimes a doctor would inject a patient with a phage and it would work, and sometimes it wouldn’t.

    As a result, phage therapy is now used only for the sickest patients, as a treatment of last resort. But DNA sequencing and artificial intelligence could make finding the right phage much easier, turning the strategy into a more practical treatment option.

  • Washington State Wants to Make It Easier to Sterilize People With Disabilities

    n 1936, Ann Cooper Hewitt filed a lawsuit against her mother — and with good reason. At the age of 20, her mother Ann had sterilized her against her will. Having succeeded in classifying her as having an intellectual disability, Ann’s mother was legally allowed to authorize the operation over Ann’s objections. Her mother’s lawyer responded by claiming that Ann’s sterilization had been “for society’s sake” due to the girl’s “erotic tendencies.”

    Even in the age of the eugenics movement, where tens of thousands were involuntarily sterilized by state governments who sought to breed “better” human beings by removing disability from the gene pool, the Hewitt case attracted nationwide attention. Could a diagnosis of disability allow parents to control their child’s reproductive future against his or her will?

• Security

  • The Effects of the Spectre and Meltdown Vulnerabilities

    Increasingly, everything is a computer: not just your laptop and phone, but your car, your appliances, your medical devices, and global infrastructure. These computers are and always will be vulnerable, but Spectre and Meltdown represent a new class of vulnerability. Unpatchable vulnerabilities in the deepest recesses of the world’s computer hardware is the new normal. It’s going to leave us all much more vulnerable in the future.

  • You can’t ignore Spectre. Look, it’s pressing its nose against your screen

    Existing patches can fix Meltdown, but only seem to be able to mitigate Spectre, not fix it. By many accounts, we’ll be playing whack-the-vulnerability with Spectre until at least the next generation of silicon.

  • Lenovo Says It Shipped A Hackable Fingerprint Manager With Its Laptops [Ed: Affects Microsoft Windows]

    In case you’re running a Lenovo business machine with a built-in fingerprint sensor, you might want to install the latest security patch issued by the company.

    According to a security advisory published last week, the Lenovo Fingerprint Manager Pro software on many ThinkPad, ThinkCentre, and ThinStation systems contains a critical local privilege escalation vulnerability (CVE-2017-3762).

  • Microsoft Disables Spectre Mitigations Due to Instability

  • Slow Computer? Feel Free To Blame Your Antivirus Software [Ed: Feel free to say goodbye to Microsoft Windows]

  • Keylogger found on thousands of WordPress-based sites, stealing every keypress as you type [Ed: A reminder that running bad code can lead to bad things. This is typically the fault of extensions.]

• Defence/Aggression

  • Trump’s secret assassinations programme

    It was approved by President Trump casually over dinner – a midnight raid and drone strike on the village of Yakla in Yemen. Concerns about the quality of the intelligence and legality of the operation would later prove to be warnings he should have heeded, but he gave the order anyway. What happened next left 10 children dead and was described by President Trump as a “win”. Reprieve’s investigations have revealed that it was anything but. Instead, we have uncovered violations of international law that led to an appalling loss of life.

    [...]

    The first year of the Trump administration has resulted in more loss of life from drone strikes than all eight years of Obama’s presidency. Trump ripped up the limited safeguards President Obama put in place.This is now industrial-scale executions, hugely expanded in both scale and callousness, conducted with no regard for human life or human rights.

  • Miscalculations in Israel Could Pave Way to Wider War

    Last week, Israeli political leaders were rolling with guffaws and ribbing each other in delight as Vice-President Mike Pence proved that, as a Christian Zionist, he was more Zionist than the Zionists in the Knesset (minus, of course, its evicted Arab members – see here). But one might wonder what the more sober Israeli security echelon figures were thinking as they listened to Pence’s Knesset speech, which was rife with Biblical references and declarations of his “admiration for the People of the Book.”

    Perhaps they were speculating how far they might be able to go in influencing Pence and his boss, Donald Trump, to wield U.S. military power to advance Israeli interests.

    Prime Minister Benjamin Netanyahu, via the Trump family go-betweens – Jared Kushner, and the Trump family lawyers – has certainly had an impact in Washington. The Middle East landscape has changed considerably over the last year as a consequence, but the nature of that change is what is at issue. How many of these changes have actually benefited Israel’s – or the U.S.’s – security interests?

  • The War That Never Ends (for the U.S. Military High Command)

    Of course, the U.S. military and Washington policymakers lost the war in Vietnam in the previous century and perhaps it’s well that they did. The United States really had no business intervening in that anti-colonial civil war in the first place, supporting a South Vietnamese government of questionable legitimacy, and stifling promised nationwide elections on both sides of that country’s artificial border. In doing so, Washington presented an easy villain for a North Vietnamese-backed National Liberation Front (NLF) insurgency, a group known to Americans in those years as the Vietcong.

    More than two decades of involvement and, at the war’s peak, half a million American troops never altered the basic weakness of the U.S.-backed regime in Saigon. Despite millions of Asian deaths and 58,000 American ones, South Vietnam’s military could not, in the end, hold the line without American support and finally collapsed under the weight of a conventional North Vietnamese invasion in April 1975.

    There’s just one thing. Though a majority of historians (known in academia as the “orthodox” school) subscribe to the basic contours of the above narrative, the vast majority of senior American military officers do not. Instead, they’re still refighting the Vietnam War to a far cheerier outcome through the books they read, the scholarship they publish, and (most disturbingly) the policies they continue to pursue in the Greater Middle East.

  • Tillerson’s Promise of More War in Syria Gets Warm Reception From Corporate Media

    In a speech at Stanford this month, US Secretary of State Rex Tillerson declared that America intends to keep military troops in Syria indefinitely, in pursuit of the US’s “key end states for Syria,” including “post-Assad leadership,” the marginalization of Iran and the elimination of “weapons of mass destruction” that the US claims Syria has.

    Occupying a country without the permission of the host government, as America is doing in Syria, contravenes international law. Nor does the US have a legal right to pursue regime change in Syria. Yet multiple media outlets have praised Tillerson’s remarks.

• Transparency/Investigative Reporting

  • Julian Assange sent the wrong Sean Hannity a message offering damaging information on a top intel Dem

  • Oops! Julian Assange Mistakenly Corresponded With Twitter Troll Impersonating Sean Hannity

  • Julian Assange offered ‘news’ on Mark Warner to fake Sean Hannity Twitter account: Report

  • Julian Assange Thought He Was Messaging Sean Hannity When He Offered ‘News’ on Democrat Investigating Trump-Russia

  • Did Don Jr. (and not Twitter) Disclose DMs Referring to Wikileaks Lawyer?

    Upon further review of the Twitter Direct Messages that Donald Trump Jr. disclosed between himself and Wikileaks on Nov. 13, it is evident that Wikileaks requested that Donald Trump Jr. contact Wikileaks lawyer Margaret Kuntsler and disclose to her the emails that were mentioned in a New York Times article. Wikileaks sent that message to Don Jr. on July 11th, 2017.

  • A Tribute to Robert Parry: Independent Journalism at Its Best

    Journalism lost one of its most valuable investigators when Robert Parry died from pancreatic cancer on January 27, at the age of 68. He was the first reporter to reveal Oliver North’s operation in the White House basement (AP, 6/10/1985), and the co-author of the first report on Contra drug-smuggling (AP, 12/21/1985). He did some of the most important work investigating the 1980 Reagan campaign’s efforts to delay the return of US hostages held in Iran, a scandal known as the October Surprise.

    After breaking his first big stories with the Associated Press, Bob moved on to Newsweek and then later PBS‘s Frontline. Frustrated with the limits and compromises of corporate media—he was once told that a story on Contra financial skullduggery had to be watered down because Newsweek owner Katharine Graham was having Henry Kissinger as a weekend guest (Media Beat, 4/23/98)—Bob launched his own online outlet, Consortium News.

  • What Julian Assange and The Post’s Katherine Graham have in common

    Right. I’m in a mood. This is for several reasons, enumeration of which will not serve you, the reader, but will certainly make me feel better. So, bugger your needs, and away-we go with mine: It’s Monday; I am uncomfortably warm and fear the imminent nuisance of menopause; my other flower garden is certainly dead to a heat now hovering at 39C, or 102F if you’d rather the American money. Oh, and I write from the territory usually known as Australia, which will almost certainly burst into flames long before it is ever ceded by just treaty. My coerced association with this Hot’n’Racist franchisee has become fatally embarrassing.

    As if this were not enough, Meryl Streep has another Oscar nomination for Best Actress, or Best Performance By An Empowering Lady In A Business, or whatever it is they call it these days. I don’t know, and, honestly, I wouldn’t care if (a) I were not now so sweaty and embarrassed (b) twits didn’t keep banging on about Meryl and the Freedom of the Press, as if such a thing could be meaningfully said to exist.

• Environment/Energy/Wildlife/Nature

  • Did Trump Screw Over Booming U.S. Solar Industry?

    Trump’s 30% tariffs on solar panels will cost 23,000 jobs and curtail growth in industry, says Dan Whitten of the Solar Energy Industries Association

• Finance

  • Chinese state-owned enterprises now own 10% of Europe’s container terminal capacity

  • Leaked government Brexit analysis says Britain will be worse off – whatever the deal

    The “early draft”, which the Tory government tried to keep secret, has prompted a fresh row between Remainers who say they were vindicated and Leavers who brand it Project Fear.

    There was already a huge spat hours before its release after Brussels demanded new EU laws apply to Britain for 21 months after Brexit day. Theresa May is facing threats to her leadership as she tries to hold together warring factions at a Cabinet meeting this morning.

    Titled “EU Exit Analysis – Cross Whitehall Briefing” and obtained by BuzzFeed News, the document looked at the three most likely outcomes of Brexit.

• Censorship/Free Speech

  • “Polish death camps” censorship bill angers Israeli government

    Israeli Prime Minister Benjamin Netanyahu has criticized a bill passed last week by the Polish Sejm which would make phrases like “Polish death camps” illegal.

    “I strongly oppose it,” Netanyahu said in an official statement on Saturday. “…We will under no circumstances accept any attempt to rewrite history.”

    The bill would amend an existing law to make use of the term by Poles or foreigners punishable by a fine or up to three years’ imprisonment. It still requires approval by the Senate and a signature from Polish President Andrzej Duda, which is likely.

  • Give young journalists protections from school censorship

    While no law prevents school administrators from censoring student reporters, some schools in Washington are protecting the voices of students through local practices that entrust student editors with responsibility for content…

  • It’s Time to Talk About Internet Companies’ Content Moderation Operations

    Many user-generated content (UGC) services aspire to build scalable businesses where usage and revenues grow without increasing headcount. Even with advances in automated filtering and artificial intelligence, this goal is not realistic. Large UGC databases require substantial human intervention to moderate anti-social and otherwise unwanted content and activities. Despite the often-misguided assumptions by policymakers, problematic content usually does not have flashing neon signs saying “FILTER ME!” Instead, humans must find and remove that content—especially with borderline cases, where machines can’t make sufficiently nuanced judgments.

    At the largest UGC services, the number of people working on content moderation is eye-popping. By 2018, YouTube will have 10,000 people on its “trust & safety teams.” Facebook’s “safety and security team” will grow to 20,000 people in 2018.

  • Austria refers Facebook ‘Hate-Speech’ case to the CJEU

    The plaintiff in this case is Dr Eva Glawischnig-Piesczek, a green politician from Austria. In April 2016, a Facebook user with the fake alias ‘Michaela Jaskova’ posted an image of Glawischnig-Piesczek, and made some rude comments in German (“wretched traitor”, “corrupt clumsy oaf”, “member of a fascist party”) regarding the politician. Facebook was requested to delete the image and the comments in July 2016, but failed to do so.

  • Sina Weibo in trouble with Chinese censors

    China’s efforts to undermine freedom of speech and freedom of the press continue unabated within the country’s borders.

    After the 19th National People’s congress last year, it was widely recognized that China’s efforts towards “national rejuvenation” under President Xi Jinping would accompany increased online censorship and state supervision of domestic media platforms.

    Over the past two months there have been orders to ban the use of all personal VPNs online, as well as efforts to further regulate what kinds of imagery is permitted on Chinese television, with the party declaring hip-hop and other urban subcultures unfit for public viewing.

  • SC to hear Palekar’s plea on pre-censorship of films

• Privacy/Surveillance

  • Patching isn’t working and end-users ignore breaches, says ex-NSA security VP David Venable [Ed: Your employees are using Microsoft Windows (which you put back doors in) to store cracking tools. And Kaspesky too. You yourselves are the problem.]

    David Venable, VP of cyber security at network provider and security firm Masergy, thinks that the world’s approach to patching is broken, and the evidence – data leaks and exploits like WannaCry…

  • A Response to “Americans, the NSA is Still Listening: Section 702 is Alive and Well”

    I begin with acknowledging that, on at least one point, Mr. Husick accurately judges my disposition. I have no use for the treachery and deceit by which Edward Snowden breached his confidentiality commitments, manipulated and abused his access, and then betrayed his country. Notably, five years after the first of his well-reported disclosures, Snowden has yet to reveal any program or action undertaken by the National Security Agency (NSA) or any other element of the Intelligence Community that broke the law. As the Privacy and Civil Liberties Oversight Board (PCLOB) concluded after its exhaustive post-Snowden review (and as remains true today), there has never been an intentional violation of the standards that govern the operation of the Section 702 Program—one of the most heavily regulated and tightly monitored undertakings conducted by the U.S. government.[3]

  • Congressional Votes on Controversial Surveillance Law Close Door on Privacy Debate—Or Do They?

    Everywhere Americans look today, threats to their privacy are prevalent. Whether hackers are gaining access to our financial data or social media accounts, our location is being compromised by the GPS technology in our phones, or Internet of Things devices such as digital assistants and connected Barbie dolls passively listening to conversations in our homes, privacy is proving to be increasingly elusive.

  • It’s Time to Make Student Privacy a Priority

    Last month, the Federal Trade Commission and the U.S. Department of Education held a workshop in Washington, DC. The topic was “Student Privacy and Ed Tech.” We at EFF have been trying to get the FTC to focus on the privacy risks of educational technology (or “ed tech”) for over two years, so we eagerly filed formal comments.

    We’ve long been concerned about how technology impacts student privacy. As schools and classrooms become increasingly wired, and as schools put more digital devices and services in the hands of students, we’ve been contacted by a large number of concerned students, parents, teachers, and even administrators.

    They want to know: What data are ed tech providers collecting about our kids? How are they using it? How well do they disclose (if at all) the scope of their data collection? How much control (if any) do they give to schools and parents over the retention and use of the data they collect? Do they even attempt to obtain parental consent before collecting and using incredibly sensitive student data?

  • When Trading Track Records Means Less Privacy

    Sharing your personal fitness goals—lowered heart rates, accurate calorie counts, jogging times, and GPS paths—sounds like a fun, competitive feature offered by today’s digital fitness trackers, but a recent report from The Washington Post highlights how this same feature might end up revealing not just where you are, where you’ve been, and how often you’ve traveled there, but sensitive national security information.

    According to The Washington Post report, the fitness tracking software company Strava—whose software is implemented into devices made by Fitbit and Jawbone—posted a “heat map” in November 2017 showing activity of some of its 27 million users around the world. Unintentionally included in that map were the locations, daily routines, and possible supply routes of disclosed and undisclosed U.S. military bases and outposts, including what appear to be classified CIA sites.

  • Senators Demand Investigation Of Intelligence Community’s Refusal To Implement Whistleblower Protections

    When the Snowden leaks dropped, plenty of people rushed to criticize his actions, saying he should have brought his concerns to officials via the proper channels. Always assumed to be mostly worthless, the intervening four years have proven nothing shoots messengers faster than the “proper channels.” Despite periodic legislative attempts to institute better whistleblower protections, working within the system rarely produces positive changes. It does, however, subject the whistleblower to plenty of retaliation.

    This sad fact is personified by Dan Meyer — the former official whistleblower channel for the Intelligence Community. Meyer blew the whistle himself, pointing out wrongdoing by top IC officials. Now, he’s being forced out of office, clearing the path for the IC’s attempt to rebrand whistleblowers as “insider threats.” Meyer is facing an ad hoc Star Chamber of IC Inspector Generals, all of them apparently gunning for his swift removal.

  • ICE Accesses a Massive Amount of License Plate Data. Will California Take Action?

    The news that Immigrations & Customs Enforcement is using a massive database of license plate scans from a private company sent shockwaves through the civil liberties and immigrants’ rights community, who are already sounding the alarm about how mass surveillance will be used to fuel deportation efforts.

    The concerns are certainly justified: the vendor, Vigilant Solutions, offers access to 6.5 billion data points, plus millions more collected by law enforcement agencies around the country. Using advanced algorithms, this information—often collected by roving vehicles equipped with automated license plate readers (ALPRs) that scan every license plate they pass—can be used to reveal a driver’s travel patterns and to track a vehicle in real time.

  • Fitness Tracker Data Exposes Military Operations, Shows What Damage That Can Be Done With ‘Just Metadata’

    Andy Robertson covered this for Forbes in May of 2015. The Flyby feature connects users by providing them links to public profile pages of other users they’d “passed” during a run. The feature may not give users each other’s addresses, but users can assume their “competitors” work or live close by.

    Strava does allow users to geofence “private” areas to prevent tracking in those areas. But it’s not a default option. If you don’t want to share every movement with Strava, you have to opt out. Most users don’t. And most users are seemingly unaware of how much data they’re leaving behind.

    This “metadata” — something our government refers to as harmless when gathered in bulk — can result in real-world security issues. Conflict analyst Nathan Ruser was the first to point out how Strava’s data was making it easy for people to pinpoint military bases and operations.

  • Strava’s privacy PR nightmare shows why you can’t trust social fitness apps to protect your data

    For years, I used the popular activity-tracking app Strava to log my bike rides, almost all of which started and ended at my San Francisco apartment. At some point I thought, hey, maybe it’s not a great idea to share such precise data about my location, so I set up an online perimeter several blocks in diameter around my home to make the beginning and end of my journey a little less obvious. That way, the app wouldn’t show my movements once I’d entered that zone.

  • NSA cryptologist gets 10 years in prison for attempted sexual encounter with a minor

    Mark Anthony Pazmino, then a 28-year-old linguist assigned to the National Security Agency, showed up at the swimming pool of a local Air Force base with condoms and booze for a sexual encounter with someone he thought would be an underage teenage girl.

    But Pazmino was not met by the 14-year-old who he believed was receiving his explicit messages via a cell phone app. Rather, federal agents were waiting for him. In short order, the Army corporal’s brief career and his stint at the NSA ended. He was later dismissed with an “other than honorable discharge” upon pleading guilty to attempted coercion and enticement of a minor.

  • The NSA Literally Removed “Honesty” From Its Core Values

    On January 12, the National Security Agency (NSA) removed “honesty” from the core values listed on its website. To replace the word, “commitment to service” “respect for people,” and “accountability,” have been added.

    While this may seem like linguistic nitpicking, it’s a bit strange for such a heavily-scrutinized government agency to drop their commitment to honesty. Ever since Edward Snowden leaked documents detailing the scope of the NSA’s surveillance and data collections, it’s been clear that the agency obfuscated the scale of their spying operations.

  • Judge orders U.S. government to seek consent to give data to AT&T, Time Warner

    The judge hearing the Justice Department’s lawsuit to stop AT&T from buying Time Warner ordered the department on Monday to seek permission to give the two companies access to rivals’ pricing data.

    Judge Richard Leon, living up to a pledge made during a hearing last week, ordered the Justice Department, which has the data, to ask the companies that gave it to the government for consent to pass it on to AT&T and Time Warner’s legal team.

    The Justice Department sued in November to stop AT&T, the No. 2 U.S. wireless company, from buying Time Warner for $85 billion because of concerns that it could raise prices for rivals and pay-TV subscribers as well as hamper the development of online video. Trial is set for March 19.

  • Aussie military says tracking app doesn’t breach security

  • What He Did on His Summer Break: Exposed a Global Security Flaw

• Civil Rights/Policing

  • My First Night on Death Row as an Innocent Man

    I arrived at death row on November 1, 1994, the same year director Frank Darabont turned Stephen King’s novella “Rita Hayworth and Shawshank Redemption” into the now classic movie about a wrongfully convicted banker and his wise black friend. A green stone tower at the entrance to the Ellis Unit prison looked a little like the structures that rose from the Maine dirt in that film. A white female guard stood atop the tower. A pistol holstered to her hip, she also held a rifle in her right hand. She looked to be in her 50s, and her Southern drawl told me she’d been plucked from a roster of job applicants who lived somewhere nearby.

• Internet Policy/Net Neutrality

  • Leaked Trump Plan To ‘Nationalize’ Nation’s 5G Networks A Bizarre, Unrealistic Pipe Dream

    There’s been a lot of hand wringing and hyperventilation over a new report claiming that the Trump administration wants to nationalize the nation’s looming fifth-generation (5G) wireless networks, despite the fact the proposal has a snowball’s chance in hell of ever actually materializing. According to a leaked PowerPoint deck and memo drafted by a “Senior National Security Council official,” the Trump administration wants the U.S. government to build and own a centralized, government-controlled 5G network in order to, purportedly, fight Chinese hackers.

• Intellectual Monopolies

  • Trademarks

    • Salt Lake Comic Con files for new trial in trademark case

      Salt Lake Comic Con lawyers have filed a motion for a new trial following a federal jury’s decision that the convention infringes on San Diego Comic-Con’s trademark.

      The Salt Lake lawyers filed the paperwork on Tuesday in response to last month’s eight-day trial in U.S. District Court, during which jurors decided that the California convention’s trademarks are valid. The jury found that the infringement was not willful and awarded $20,000 in damages to the San Diego Comic-Con, which had sought $12 million.

    • Salt Lake Comic Con Files For A New Trial And Seeks Round 2

      In the wake of San Diego Comic-Con winning its years-long lawsuit against Salt Lake Comicon over its trademark on the term “comic-con”, much of the media coverage was somewhat apocalyptic as to what the consequences would be for cons across the country. Despite the payout for winning the suit being a paltry $20k, more focus was put on just how other cons would react. The early returns are mixed, with some proactively undergoing name-changes to avoid litigation and others staying stalwart. The point we have made all along is that this win for SDCC was not some ultimate final act on the matter.

    • Nestle, Atari settle lawsuit over Kit Kat campaign

      Nestle SA has settled a lawsuit in which Atari SA accused the Swiss food company of using the hit 1970s video game “Breakout” without permission to sell Kit Kat bars.

      U.S. District Judge Yvonne Gonzalez Rogers in Oakland, California, dismissed Atari’s copyright infringement case on Wednesday after the companies settled, court records show.

  • Copyrights

    • Ninth Circuit Issues Important Decision on Software Licensing Practices and Web Scraping

      Earlier this month, the Ninth Circuit issued a noteworthy ruling in a dispute between an enterprise software licensor and a third-party support provider. The case is particularly important as it addresses the common practice of using automated means to download information (in this case, software) from websites in contravention of website terms and conditions. Also, the case examines and interprets fairly “standard” software licensing language in light of evolving business practices in the software industry. (Oracle USA, Inc. v. Rimini Street, Inc., No. 16-16832 (9th Cir. Jan. 8, 2018)).