• Distributions
• Devices/Embedded

In a two-OS mobile world, there is no room for Linux [Ed: As if Sam Varghese does not know Android uses Linux (surely he knows)? Maybe he means GNU here...]

After the demise of the Ubuntu Phone, Linux users appear to be placing their hopes for a mobile device on the Librem 5, a smartphone that managed to raise much more than it asked for in a crowd-funding drive. The company behind it, Purism, has said that it hopes to have phones ready next year.

But it seems unlikely that the phone will have any kind of mass appeal. What seems more likely is that it will cater to a fringe market, putting its log-term viability in doubt.

At least, those who are waiting for the Librem 5 are not deceiving themselves by pretending that Android phones are actually Linux phones, as the head of the Linux Foundation Jim Zemlin does.

​Purism adds open-source security firmware to its Linux laptop line

If you really believe in having the most possible control over your computer and operating system, then Purism, maker of free software and Linux-powered laptops, is the company for you.

In its latest news, Purism announced that it has successfully integrated Trammel Hudson’s Heads security firmware into its Trusted Platform Module (TPM)-equipped Librem laptops. Heads is an open-source computer firmware and configuration tool that aims to provide better physical security and data protection.

Purism Integrates Trammel Hudson’s Heads security firmware with Trusted Platform Module, giving full control and digital privacy to laptop users

Librem adds tamper-evident features, now most secure laptop under full customer control

Looking Back: What Was Happening Ten Years Ago?

A decade passes so quickly. And yet, ten years for open source is half its life. How have things changed in those ten years? So much has happened in this fast-moving and exciting world, it’s hard to remember. But we’re in luck. The continuing availability of Linux Journal’s past issues and website means we have a kind of time capsule that shows us how things were, and how we saw them.

Ten years ago, I was writing a regular column for Linux Journal, much like this one. Looking through the 80 or so posts from that time reveals a world very different from the one we inhabit today. The biggest change from then to now can be summed up in a word: Microsoft. A decade back, Microsoft towered over the world of computing like no other company. More important, it (rightly) saw open source as a threat and took continuing, wide-ranging action to weaken it in every way it could.

Its general strategy was to spread FUD (fear, uncertainty and doubt). At every turn, it sought to question the capability and viability of open source. It even tried to convince the world that we no longer needed to talk about free software and open source—anyone remember “mixed source”?

Alongside general mud-flinging, Microsoft’s weapon of choice to undermine and thwart open source was a claim of massive patent infringement across the entire ecosystem. The company asserted that the Linux kernel violated 42 of its patents; free software graphical interfaces another 65; the OpenOffice.org suite of programs, 45; and assorted other free software 83 more. The strategy was two-fold: first to squeeze licensing fees from companies that were using open source, and second, perhaps even more important, to paint open source as little more than a pale imitation of Microsoft’s original and brilliant ideas.

Chrome OS may allow for running Linux apps via Containers

While the average Chromebook user tends to stick with Chrome OS, Chromebooks are really just lightweight Linux machines capable of a lot more. For years, crafty Chromebook owners have been using Crouton (Chromium OS Universal Chroot Environment) to run Ubuntu, Debian, and Kali Linux systems within Chrome OS. When set up properly with an extension called Xiwi, you can use a keyboard shortcut to switch between Chrome OS and a standard Linux desktop environment. It’s a hack, but it looks a future version of Chrome OS will add native support for Linux applications via containers.

Desktop

• System76 Plans Major HiDPI Update for Their Ubuntu-Based Pop!_OS Linux Distro

  According to System76, the team is ready to deploy one of the biggest updates to Pop!_OS Linux’s HiDPI (High Dots Per Inch) daemon, which should be soon available for all of their customers running Pop!_OS Linux on any of the laptop or desktop computers bought from the computer reseller. The update will add a new and improved layout engine, as well as support for saving resolutions and layouts.

  “We are getting ready to release major updates to the HiDPI daemon for all System76 customers. The new release will include a new and improved layout engine, the ability to use saved layouts and resolutions, and several bug fixes,” said System76 in a blog post. “We are also working toward making the HiDPI daemon available in Pop!_OS and elsewhere. If you are interested in seeing HiDPI in action, please come see our booth at Scale!”

• Purism Now Sells the Most Secure Linux Laptops with Heads Integrated TPM Chips

  Purism sells security-oriented Librem 13 and Librem 15 laptops running PureOS, a Linux-based operating system designed with security in mind and based on Debian GNU/Linux. Earlier this month, the company announced that they’ve managed to boot PureOS with the coreboot (formerly known as LinuxBIOS) open-source extended firmware platform, and all new laptop shipments with come with coreboot.

  Coreboot enables Purism’s Librem laptops to boot fast and offer users a secure boot experience. Today, Purism raises the bar on security by integrating Trammel Hudson’s Heads security firmware with TPM (Trusted Platform Module) support into their coreboot-enabled laptops, giving users full control over the boot process. In addition, users will be able to freely inspect the code, and even build and install it themselves.

• When It’s Time for a Linux Distro Change

  It’s common for Linux users to hop between distributions and survey the field, and I recently reached a point where I had to seriously rethink the one I was using most of the time.

  Between hardware compatibility issues with my old standby and some discouraging missteps with other go-to choices, I felt the time had come to reassess my pool of preferred distributions and repopulate it from scratch.

  As my journey progressed, I realized that as often as I’ve discussed the field of Linux-based systems, I had not addressed how to pick one out. To give you an idea of how to approach distribution selection, I wanted to volunteer my recent search as one template. This is certainly not the only or best way to go about it — everyone has their own criteria and priorities — but my intention is to provide some reference points for mapping out your own way.

Kernel Space

• Linux Foundation

  • The Linux Foundation Announces 36 New Silver and 6 New Associate Members

    The Linux Foundation, the nonprofit organization enabling mass innovation through open source, announced the addition of 36 Silver members and six Associate members. Linux Foundation members help support development of the greatest shared technology resources in history, while accelerating their own innovation through open source leadership and participation.

  • Embedded Apprentice Linux Engineer Courses Coming to a Conference Near You

  • Adrian Cockcroft on the Convergence of Cloud Native Computing and AWS

    Cloud native computing is transforming cloud architectures and application delivery at organizations of all sizes. Via containers, microservices, and more, it introduces many new efficiencies. One of the world’s leading experts on it, Adrian Cockcroft, Vice President of Cloud Architecture at Amazon Web Services (AWS), focused on cloud native computing within the context of AWS in his keynote address at KubeCon + CloudNativeCon.

  • How to Manage Kubernetes Apps with Helm Charts

    Helm can make deploying and maintaining Kubernetes-based applications easier, said Amy Chen in her talk at KubeCon + CloudNativeCon. Chen, a Systems Software Engineer at Heptio, began by dissecting the structure of a typical Kubernetes setup, explaining how she often described the basic Docker containers as “baby computers,” in that containers are easy to move around, but they still need the “mommy” computer. However, containers do carry with them all the environmental dependencies for a given application.

• Graphics Stack

  • GLAMOR & xf86-video-modesetting Get Deep Color Support In X.Org Server 1.20

    Independent developer Mario Kleiner has spent the past several months working on plumbing the Linux graphics stack for better “deep color” or 30-bit color depth support. His latest work on the X.Org Server has now been merged to mainline.

  • RandR CRTC/Output Leases Lands In X.Org Server

    One big piece of Keith Packard’s work on improving Steam VR for Linux or particularly VR HMD handling is now merged to Git master.

    Keith’s work on RandR leases is now rounded out with the work hitting the X.Org Server Git tree today. RandR leases allows for CRTCs/outputs to be made available to a client for direct access via Linux’s KMS/DRM kernel APIs. When leased to a client, the output(s) are not in the way of the X.Org Server. The focus here is on allowing a VR compositor to have direct access to the VR head-mounted display without any X.Org Server interference.

  • xserver 1.20 RC1 tomorrow

    I’d like to call the (xfree86) ABI frozen in RC1, and I think for the remaining changes I’d like to see landed for 1.20 we can mostly land them without ABI breaks.

  • X.Org Server 1.20 Release Candidate Due For Release Tomorrow

    Indeed it turns out that the landing today of RandR leases and deep color / color depth 30 support for GLAMOR/modesetting is because Red Hat’s Adam Jackson is finally wrangling the xorg-server 1.20 release together.

    No major X.Org Server release materialized in 2017 and the plans for releasing xorg-server 1.20 around January didn’t pan out. But out of the blue, Adam Jackson announced today that he is planning on the 1.20 RC1 release tomorrow, 28 February.

  • AMDVLK Vulkan Driver Updated With Better Vega Support, VR Fixes

    The AMD developers working on their official, cross-platform “AMDVLK” Vulkan driver code have just pushed out another batch of changes to their open-source code repository.

  • RADV Now Exposes Async Compute Support For Southern Islands

    For those of you with a Radeon GCN 1.0 “Southern Islands” GPU, the RADV Vulkan driver support for these first Graphics Core Next graphics processors continues to be improved.

Applications

• Top 12 Open Source Backup Tools for Linux Systems

  When it comes to data safety and security, not only large companies, but also personal computer owners also need to have good backup and recovery software that protects their data from losing their precious data. To overcome these issue, there are a lot of open source backup software tools that are available that can help protect your data. And nowadays, computer desktops come with huge storage capacity and in turn it means lots of data being stored. This also leads to a huge risk of losing all the data if the system gets crashed and it may take several days and weeks to recover and repair the damage cause. Hence it is increasingly important to have a proper recovery solution with you all the time.

• 5 Linux Tools to Help Recover Data from Corrupted Drives

  Did your screen just turn black or your laptop freeze without warning? Maybe your hard drive has started chirping. Worse yet, maybe you suddenly can’t save to your home partition.

  All these signs of a corrupted or failing drive can cause you to sweat, but there’s no reason to immediately throw away your computer. Keep reading to learn about five Linux tools that can help you retrieve your data and get your digital life back on track.

• 5 Tools to Enable Remote Desktop Access on RHEL/CentOS 7

  This article I will show you, tools which enabled you to access remote Desktop on machines running Centos/RHEL. All these apps works in client-server mode. So you need to run server side app on your remote machine and after that, you will be able to connect to it from all over the world. Of Course in this reference manual I will tell you how to configure this securely, so only you can access to your server. Before beginning, you only need SSH access to your server and rights to install software. You need to know root password or permissions to use sudo.

• CafeOBJ 1.5.7 released

  Yesterday we have released CafeOBJ 1.5.7 with lots of changes concerning the inductive theorem prover CITP, as well as fixes to make CafeOBJ work with current SBCL. The documentation has gained a few more documents (albeit in Japanese), please see Documentation pages for the full list. The reference manual has been updated and is available as PDF, Html, or Wiki.

• Proprietary

  • Cloud Sticky Notes – A Free Customizable Sticky Note-Taking App

    Cloud Sticky Notes is a free, simple, and customizable Java-based sticky note-taking application. It is recognized by many people using Mac, Windows, and Linux OS since it runs on all three platforms, among others. It has a User Interface reminiscent of the famous Windows Sticky Notes app so it should be easy for anyone to get up and running with.

    You can add, edit, and delete notes while offline without any setbacks. Cloud Sticky Notes will automatically synchronize your data whenever you’re online so you will have no need to manually sync your data to the cloud.

• Instructionals/Technical

  • Charming Discourse with the reactive framework

  • DNS changes in Red Hat OpenShift Container Platform 3.6

  • How to build modules in Copr

  • How to backup Flatpak user-data and apps

  • How to Install and Use Lnav Log Viewer on Ubuntu 16.04 LTS

  • How to Exclude Specific Package from apt-get Upgrade

  • Installation of Lemur Certificate Manager on Ubuntu

  • The Perfect Server – Debian 9 (Nginx, BIND, Dovecot, ISPConfig 3.1)

  • Adding reCAPTCHA v2 support to Mailman

  • Quick and dirty checklist to update syn 0.11.x to syn 0.12

  • How To Create A Script Of A Linux Command

  • How To Use History Command Effectively In Linux

  • How to write bootstrap script that run Commands on Linux Ec2 Instance at Launch in AWS vlog

  • iftop – A Real Time Linux Network Bandwidth Monitoring Tool

• Games

  • WWI FPS ‘Tannenberg’ to get a good performance bump

    Tannenberg [Steam], the WWI FPS that follows the Eastern Front is going to get an update sometime soon that should give a decent performance boost.

  • Steampunk dungeon crawler ‘Vaporum’ is now officially available on GOG & Steam for Linux

    Vaporum, a steampunk dungeon crawler from Fatbot Games has been officially released for Linux, available from both GOG and Steam. I’ve spent some time with it now and here’s some thoughts.

  • The free to play MMO ‘Tale of Toast’ has launched, with some major scaling issues

    Much like the initial full launch of Albion Online, the servers for Tale of Toast have been completely overloaded. Naturally, there’s a lot of upset gamers out there, some of which have waited for hours to still not get in.

  • Power Rangers-inspired tactical RPG ‘Chroma Squad’ adds Episode Creator & Steam Workshop support

    If you enjoyed the camp tactical RPG Chroma Squad [Official Site], get ready for more action as it now has a free Episode Creator and Steam Workshop support.

  • Heroes of Hammerwatch releases in two days, check out their new trailer

Desktop Environments/WMs

• Where’s Xfce 4.14? Current Development, Roadmap & Future

  Xfce is one of the most common desktop environments on Linux and other Unix-like systems. it’s fast, lightweight and gets the job done. However, Xfce developers announced their roadmap to Xfce 4.14 around 3 years ago, but we are still not there yet.

  In this report, we post the ongoing development of Xfce, what’s missing and what’s being worked on, and we highlight some aspects regarding the adorable DE.

• K Desktop Environment/KDE SC/Qt

  • Calamares 3.2 Linux Installer Will Integrate a Module for the KDE Plasma Desktop

    Calamares is a distribution-independent system installer featuring advanced partitioning with full-disk encryption support used in popular GNU/Linux distros like KaOS, KDE Neon, OpenMandriva, Netrunner, Sabayon, Siduction, Tanglu, Bluestar Linux, Chakra GNU/Linux, GeckoLinux, and others.

    Calamares 3.2 will be the next major update of the universal installer framework, promising a plethora of attractive new features and enhancements for OS developers who want to implement it as default graphical installer in their next releases, such as Lubuntu Next 18.04 (Bionic Beaver).

  • First Version of Falkon Web Browser Released

    The first release of Falkon, the KDE web browser formerly known as QupZilla, is available to download.

    Falkon 3.0.0 is the first formal release of the rebadged Qt-based web navigator, and follows a name change in summer of last year.

    As this is more of a rebranding than a brand new app you won’t notice too many visual differences between the latest stable release of QupZilla 2.2.5, and the first hatching of Falkon 3.0.

  • Falkon 3.0 Released As The Successor To The QupZilla Browser

    Falkon 3.0 has been released today as the first version since its rebranding from QupZilla as an open-source, Qt-powered web-browser.

  • Falkon 3.0.0 released!

    Falkon is a new KDE web browser, previously known as QupZilla. Following this release, there will only be one last final QupZilla release.

  • Animated Plasma Wallpaper: Asciiquarium

    Years ago, for KDE 3, I had ported a console “asciiquarium” to operate as a KDE screensaver, called “KDE asciiquarium“. By KDE 4.2, it was included as part of the kdeartwork module by default.

    Since the KDE 3 times when I started this screensaver, our desktop concept has changed around a bit. We’ve developed the Plasma desktop, and have effectively deprecated the idea of screensavers (which are increasingly less popular), though lock screens are still important.

  • KDE Plasma 5 Should Soon Finally Be Ready For FreeBSD Ports

    Adriaan de Groot continues working on improving the KDE stack for FreeBSD. The moment is finally near where KDE Plasma 5 along with the modern KDE Applications stack should soon be available via the FreeBSD Ports collection.

    In preparation for finally having the modern KDE desktop stack available via FreeBSD Ports, the older KDE4 ports have been moved aside (but are still accessible via x11/kde4). KDE4 will continue to work for those who have already installed it on FreeBSD, but they are reorganizing these packages in preparation for pushing out the modern KDE Plasma 5 + Apps stack.

  • Clazy

    Clazy is a Clang plugin which extends the compiler with over 50 warnings related to Qt best practices ranging from unneeded memory allocations to API misuse. It’s an opensource project spawned by KDAB’s R&D efforts for better C++ tooling.

  • Hotspot

    Hotspot is a KDAB R&D project to create a standalone GUI for performance data. It is a replacement for perf report. Hotspot’s GUI takes a perf.data file, parses and evaluates its contents and then displays the result in a graphical way.

    Hotspot’s initial goal was to provide a UI like KCachegrind around Linux perf. In future versions we will be supporting various other performance data formats under this umbrella. You can find the source code on our GitHub page.

  • KStars 2.9.3 is out with numerous fixes

    After some heavy lifting in KStars January v2.9.2 release, we dedicated February to fix all those KStars issues that have been accumulating for a while. Today, KStars v2.9.3 is released with many several important fixes, mostly in Ekos scheduler and capture modules.

• GNOME Desktop/GTK

  • GNOME Notes 3.27.90

    I know, I’m late, but after releasing 3.27.90 I took some days off GNOME Notes development to enjoy my holidays with my son – girls stayed at home, doing girls stuff, this time.

    When I get back, I was involved in trying new Linux distros to see how my workflow would work with them. That took some days too, so here we go with my thoughts on GNOME Notes 3.28.

Distributions

• Red Hat Family

  • Get Started with Red Hat JBoss Fuse 7 Tech Preview 3 Today!

    Red Hat JBoss Fuse 7.0 technical preview three is out today! On the pathway to become one of the best cloud-native integration platforms, JBoss Fuse gives developers the freedom to choose how they want to develop an integration solution, where they want to deploy it. It also has capabilities to address new integration personas that do not have development experience.

  • Telco evolved: Made possible by open source

    The overarching theme of Mobile World Congress 2018 is “creating a better future.” This is a theme that can speak to the core of technology companies; at Red Hat, we see this exemplified through our global telecommunications customers who are embracing open source and the community to help transform their telcos from the inside out.

  • Organizing for innovation

    These days, innovation rules. Nearly every organization is seeking better and faster ways to generate new ideas to keep them on the cutting edge. But the era of digital transformation we live in is also one filled with disruption. Your entire business, or entire market, could change overnight—maybe by something you never even saw coming.

  • New Red Hat Management Innovations Designed to Accelerate Customers’ Hybrid Cloud Automation Strategies

  • New Red Hat management techniques designed to boost hybrid cloud automation strategies

    Red Hat announced on Tuesday new innovations in its management portfolio, including the latest releases of Red Hat Satellite and Red Hat CloudForms, designed to accelerate deployments of Red Hat-powered cloud environments, and automate and greater simplify ongoing infrastructure management.

  • Finance

    • Red Hat (RHT): A Deep Dive Into Openshift – Nomura

    • Red Hat Inc (RHT) Shares Moving 0.01% On Volume

• Debian Family

  • Derivatives

    • Canonical/Ubuntu

      • See ‘Full Linux’ Running on a Samsung Galaxy Phone [Video]

        Itching to see more of Samsung’s promising ‘Linux on Galaxy’ initiative? Then you have to watch the following video.

        The smartphone giant has uploaded a short clip to YouTube in which it demos ‘Linux on Galaxy’ to a group of Android developers.

      • The Samsung Galaxy S9 Official Wallpapers are Perfect for Ubuntu

        If you’ve been reading this site for a while you’ll know that I change my desktop and smartphone wallpaper regularly — too regularly, perhaps! It’s partly why this site has a ‘wallpaper category’; I can write about my favourite wallpapers primarily so I can go back and find my favourites at a later date!

      • Kernel Team summary: February 27, 2018

        On the road to 18.04 we have a 4.15 based kernel in the Bionic repository.

      • Ubuntu Server development summary – 27 February 2018

        The purpose of this communication is to provide a status update and highlights for any interesting subjects from the Ubuntu Server Team. If you would like to reach the server team, you can find us at the #ubuntu-server channel on Freenode. Alternatively, you can sign up and use the Ubuntu Server Team mailing list.

Devices/Embedded

• Jolla announces Sailfish 3, with support for crypto-services and more

  The Mobile World Congress (MWC) 2018 is at full swing in Barcelona and we’ve already seen a number of new devices being introduced. One that has caught our attention is probably Android 8 Oreo running Samsung flagship, the Galaxy S9. However, Android isn’t the only mobile OS catching some media buzz at the mega event. Finnish company Jolla also announced the third version of its mobile platform, Sailfish OS.

• Customizable Alexa development board builds on i.MX7 module

  The Gumstix “Chatterbox for the Colibri iMX7” is a Geppetto-customizable, Linux-driven Alexa Voice Service development board that features Toradex’s i.MX7 based module, and offers a 2.5-Watt speaker driver, mic and audio jacks, plus WiFi, BT, Ethernet, USB, and more.

  Gumstix has partnered with Toradex to launch an Amazon Alexa Voice Service (AVS) development board with a SODIMM connector for Toradex’s Cortex-A7 based Colibri iMX7 module. The Gumstix Chatterbox for the Colibri iMX7 was built in the Gumstix Geppetto “Design-to-Order” Web development platform, and can be customized using the same service. In addition, the Colibri iMX7 SODIMM connector is available in Geppetto so developers can build their own iMX7 based boards independent of the Chatterbox.

• Tiny, wireless enabled module offers OTA updates for Linux on Allwinner H5

  Emlid’s 41 x 29.5mm “Neutis N5” module runs OTA-updated mainline Linux on a quad-A53 Allwinner H5, and offers a crypto chip, 8GB eMMC, WiFi with BT 4.0/BLE, extended temp support, and an optional development board.

  Emlid, which is known for its ArduPilot compatible, Linux-driven drone controllers such as the Navio2 autopilot HAT for the Raspberry Pi and more recent, standalone Emlid Edge, is dipping its toes into the mainstream embedded market with a Neutis N5 computer-on-module.

• Pico-ITX SBC runs Linux on i.MX8M with 8GB LPDDR4

  A year ago, F&S Elektronik Systeme announced an armStone A53SD Pico-ITX SBC with a Snapdragon 410E. Now it has returned to Embedded World to show off its latest Pico-ITX entry, this time based on the NXP i.MX8M. The layout of the new armStone MX8M is almost identical to the A53SD, and the feature set is very close, as well.

• AMD’s Ryzen Embedded V1000 SoC gets in the game with a casino gaming SBC

  Advantech-Innocore announced a Linux-supported “DPX-E140” casino gaming platform with AMD’s new Ryzen Embedded V1000 SoC, quad-4K display support, 9x USB ports, and passive cooling on up to 25W V1000 parts.

• Tizen

  • Collabio Documents App finally launched to Tizen OS

• Android

  • Google starts a push for cross-platform app development with Flutter SDK

  • Google opens up Flutter mobile app user interface software to beta test

  • Google hopes for fresher, faster phone apps with Flutter

  • First Beta Release of Google’s Flutter, Event News, Fedora Supplemental Wallpaper and More

  • BlackBerry’s upcoming Ghost is a bezel-free, high-end Android phone for the Indian market

  • Parking.sg app temporarily down for Android users on Tuesday

  • Android phone for children on show at MWC 2018

  • Airtel and Google join hands to launch Android Go-powered smartphones in India

  • Bixby 2.0 may launch with the Galaxy Note 9 this year

  • Google’s Flutter app SDK for iOS and Android is now in beta

  • Here’s How to Get Android Apps Running on Your Laptop

  • Sophisticated Android malware spies on smartphones users and runs up their phone bill too

  • Android upgrade downslide: 4 years of damning data in 3 crazy charts

Ashnik launches Tech Insights, a platform for open source technologies shaping digital transformation

The global open source services market size is expected to grow from USD 11.40 billion in 2017 to USD 32.95 billion by 2022, at a Compound Annual Growth Rate (CAGR) of 23.65%

Web Browsers

• Mozilla

  • Introduction to Neutrino

    If you want to learn more about Neutrino, Eli Perelman (original author of the project) wrote about Neutrino at hacks.mozilla.org. You can find the official documentation at https://neutrino.js.org.

  • Firefox 59 new contributors

    With the upcoming release of Firefox 59, we are pleased to welcome the 53 developers who contributed their first code change to Firefox in this release, 49 of whom were brand new volunteers!

  • 5 Ways to Take Screenshots Further

    If you’re a veteran of using old-style screenshot tactics, you know it used to involve a lot of saving to the desktop or cloud, re-finding the image files in a mass of similar file names, then having to crop or otherwise “fix up” the images before re-saving them and getting them into a google doc, presentation, or other platform.

  • Come Join the Rust and WebAssembly Working Group!

  • This Week in Rust 223

    Hello and welcome to another issue of This Week in Rust! Rust is a systems language pursuing the trifecta: safety, concurrency, and speed.

  • Django, K8s, and ELB Health checks

    As you may have seen in several of our SRE status reports, we’re moving all of our webapp hosting from Deis to Kubernetes (k8s). As part of that we’ve also been doing some additional thinking about the security of our deployments. One thing we’ve not done as good a job as we should is with Django’s ALLOWED_HOSTS setting. We should have been adding all possible hosts to that list, but it seems we used to occasionally leave it set to ['*']. This isn’t great, but also isn’t the end-of-the-world since we don’t knowingly construct URLs using the info sent via the Host header. In an effort to cover all bases we’ve decided to improve this. Unfortunately our particular combination of technologies doesn’t make this as easy as we thought it would (story of our lives).

    [...]

    Conclusion

    That was a long way to go to get to some simple health checking, but we believe it was the right move for the reliability and security of our Django apps hosted in our k8s infrastructure on AWS. Please check out the repo for django-allow-cidr on Github if you’re interested in the code. Our hope is that releasing this as a general use package will help others that find themselves in our situation, as well as helping ourselves to do less copypasta coding around our various web projects.

Blockchain

• Spotlight On Copyright Issues Of Blockchain Technology

  There is a large number of different open source licenses with significantly different terms (some prominent licenses used for blockchain projects are GNU General Public License, GNU Lesser General Public License [LGPL], Apache License 2.0, MIT license). These licenses impact the way of how the software proliferated under the license may be used, modified and redistributed. Particular attention needs to be paid to the redistribution rights and obligations because several open source licenses require that software or at least the derivative part of the software incorporating the open source software is redistributed again under the same open source terms (“copy-left”, GNU and LGPL).

• Blockchain Powered 3D and VR Open Source Platform MARK.SPACE Announces the Launch of CRYPTO.VALLEY Virtual City

  MARK.SPACE is delighted to announce the mega launch of CRYPTO.VALLEY, a new virtual infrastructure project that promises to be a cynosure of the global crypto community as an interactive and informational pool. In its fully functional form, CRYPTO.VALLEY will be a virtual city completely compatible with the 3D and VR technologies.

• Op-Ed: The Potentially Fatal Flaw of Open-Source Blockchain Protocols

  The most important question to ask any decentralized blockchain protocol is: “How do you protect your protocol from ‘incumbent’ companies?” While many emerging protocols promise disintermediated commercial interactions between people, it is critical that these protocols are weary of corporate giants with FOMO . After all, most decentralized protocols are open-source – copying their code is free and 100 percent legal.

Pseudo-Open Source (Openwashing)

• Why open source is so important to Microsoft [Ed: Why spreading lies is so important to ZDNet. Check who pays the parent company, CBS, e.g. for advertising.]

• LogiGear and Sauce Labs Partner To Accelerate Adoption of Open Source Selenium for Automated Testing at Enterprise Scale

Funding

• FundRequest raises $12.5 million to fund Open Source Development

  FundRequest, a blockchain based platform for incentivizing open source development, has recently completed their crowd sale where they raised $12.5 million from investors and the public. The token sale also drew some big-name investors such as 1kx, an angel fund who pursues companies committed to creating distributed ledger technology-based solutions; Connect Capital, a blockchain and digital asset investment fund; Tetras Capital, a New York City-based hedge fund focusing on blockchain and crypto asset classes; and ZestAds, a digital advertising firm with offices in Southeast Asia.

BSD

• Interview with MidnightBSD Founder and Lead Dev Lucas Holt

  MidnightBSD founder Lucas Holt shares the story of his project and discusses the recent Pale Moon controversy.

Public Services/Government

• DoD announces open source software experiment

  The U.S. Department of Defense (DoD) recently announced the launch of Code.mil, an open source initiative that allows software developers around the world to collaborate on unclassified code written by federal employees in support of DoD projects.

  DoD is working with GitHub, an open source platform, in an experiment aimed at fostering collaboration between federal employees and private-sector software developers on software projects built within the DoD. The Code.mil URL directs users to an online repository that will store code written for a range of projects across the DoD for individuals to review and make suggested changes.

Openness/Sharing/Collaboration

• Open Hardware/Modding

  • Can Open-source Hardware Be Like Open-source Software?

    Hardware and software are certainly different beasts. Software is really just information, and the storing, modification, duplication, and transmission of information is essentially free. Hardware is expensive, or so we think, because it’s made out of physical stuff which is costly to ship or copy. So when we talk about open-source software (OSS) or open-source hardware (OSHW), we’re talking about different things — OSS is itself the end product, while OSHW is just the information to fabricate the end product, or have it fabricated.

    The fabrication step makes OSHW essentially different from OSS, at least for now, but I think there’s something even more fundamentally different between the current state of OSHW and OSS: the pull request and the community. The success or failure of an OSS project depends on the community of people developing it, and for smaller projects that can hinge on the ease of a motivated individual digging in and contributing. This is the main virtue of OSS in my opinion: open-source software is most interesting when people are reading and writing that source.

  • GreenWaves Intros Open-Source AI Processor GAP8

    The company’s new processor is based on the RISC-V open-source processor architecture, with the focus being on handling low-power AI processing in sensory devices that other mainstream chips would not typically be designed to handle specifically. In fact, GreenWaves has designed the processor with image, sound and vibration analysis at its heart, with a number of new algorithms being included in order to execute a wide variety of tasks. These tasks will also consume minimal amounts of energy due to the integrated 8-core cluster that is coupled with a separate core designed to handle any pre-analysis communication, control, and information. It is because of this low power consumption that GreenWaves has designed the processor with battery-powered devices in mind, although it hopes the chip will result in a number of new connected products with support for artificial intelligence such as smart toys, certain wearables, or even the implementation of always-on facial recognition in mobile devices. However, the new processor isn’t just energy-efficient, but also relatively affordable, with the handling of machine vision potentially costing less than $15 to implement. The product should also help relieve pressure on networks due to the fact that all processes will happen wherever the sensors are placed, removing the need for a secondary product while also reducing the costs of data management and speeding up the processing, according to the company.

  • RISC-V RV64GC High-Performance Extendable Platform Kit For Fast Linux Execution Released by Imperas

    “The RISC-V movement has tremendous potential but it is absolutely reliant on a robust ecosystem, including early software development solutions,” noted Simon Davidmann, President and Chief Executive Officer, Imperas Software, Ltd. “Imperas has uniquely solved this problem, providing RISC-V developers with commercial-grade processor simulation to accelerate software verification as well as hardware validation.”

Programming/Development

• Compilers Fortify Critical Embedded Software [Ed: Proprietary software merely provides access to Free software]

  Green Hills Software introduces its Compiler 2018.1 for creating highly optimized 32-bit and 64-bit embedded C and C++ software applications for all common embedded processor architectures, including Arm, Intel and Power Architecture. As a result, users see 3x faster vector processing speeds, and scores beating the LLVM Compiler even on LLVM’s own benchmark suite. Other highlights of Compiler 2018.1 include full C++14 support, Spectre mitigations and support for the highest functional safety levels. As per Green Hills, compiler 2018.1 enables designers to bring their products to market more quickly, meet safety and security requirements and extract maximum processor performance in all embedded markets including automotive, industrial control, high performance computing (HPC), digital storage and consumer products.

Health/Nutrition

• Wellcome Trust Report Recommends UK-EU Agreement On Research & Innovation

  The EU and UK should agree on how to maintain the free flow of personal data for research. This would ideally be achieved through a comprehensive ‘adequacy’ agreement (where it is agreed that there are adequate levels of data protection to allow personal data to be transferred without more safeguards). A practical alternative is agreeing sector-specific safeguards to allow the free flow of personal data for research as part of a research and innovation agreement.

Security

• Security updates for Tuesday

• Reproducible Builds: Weekly report #148

• Fixing Spectre/Meltdown in [Slackware] 14.2

• Intel didn’t tell CERTS, govs, about Meltdown and Spectre because they couldn’t help fix it

  Letters sent to the United States Congress by Intel and the other six companies in the Meltdown/Spectre disclosure cabal have revealed how and why they didn’t inform the wider world about the dangerous chip design flaws.

  Republican members of the House Energy and Commerce Committee sent letters to the seven in January, to seek answers about the reasons they chose not to disclose the flaws and whether they felt their actions were responsible and safe.

  All the letters go over old ground: Google Project Zero spotted the design errors, told Intel, which formed a cabal comprising itself, Google, AMD, Arm, Apple, Amazon and Microsoft. The gang of seven decided that Project Zero’s 90-day disclosure deadline had to be extended to January, then spoke to others to help them prepare fixes. But stray posts and sharp-eyed Reg hacks foiled that plan as we broke the news on January 3rd.

• Serverless Security: What’s Left to Protect? [Ed: "Serverless" is a junk buzzword; it's server-'full' and it just means passing one's server or control/access to that server to some other company, which occasionally gets cracked too.]

  Serverless is an exciting development in the modern infrastructure world. It brings with it the promise of dramatically reduced system costs, simpler and cheaper total cost of ownership, and highly elastic systems that can seamlessly scale to what old-timers (like me) call a “Slashdot moment” – a large and immediate spike in traffic.

  The cost savings Serverless offers greatly accelerated its rate of adoption, and many companies are starting to use it in production, coping with less mature dev and monitoring practices to get the monthly bill down. Such a trade off makes sense when you balance effort vs reward, but one aspect of it is especially scary – security.

  This article aims to provide a broad understanding of security in the Serverless world. We’ll consider the ways in which Serverless improves security, the areas where it changes security, and the security concerns it hurts.

Defence/Aggression

• Washington Gov. Jay Inslee Slams Trump’s Idea to Arm Teachers

  This all comes as, in Florida, Broward County Sheriff Scott Israel is facing increasing calls to resign over his department’s inability to stop the mass school shooting, which included his department’s failure to take seriously dozens of previous calls about the gunman, Nikolas Cruz, about whom residents had expressed fears for years. One of his deputies, Scot Peterson, has resigned after details emerged that he took cover outside the school during the shooting. He is now claiming that he didn’t enter the school because he thought the shooting was happening outside.

Transparency/Investigative Reporting

• Roger Stone’s Secret Messages with WikiLeaks [Ed: So telling someone to stop lying is ‘colluding’ (in ‘secret’) with that someone.]

• Roger Stone and WikiLeaks Directly Messaged During Election

• The Atlantic Publishes Campaign-Era Messages Between Wikileaks, Roger Stone

• Roger Stone exchanged messages with WikiLeaks on Twitter: Report

• Roger Stone and WikiLeaks have publicly denied they communicated — but secret messages prove otherwise

• Roger Stone Corresponded Directly With WikiLeaks Despite Both Claiming Otherwise

AstroTurf/Lobbying/Politics

• US cyber chief says Trump hasn’t told him to confront Russian cyber threat

  US Cyber Command chief Adm. Mike Rogers told lawmakers on Tuesday that he has not been granted the authority by President Donald Trump to disrupt Russian election hacking operations where they originate.
  Asked by Democratic Sen. Jack Reed if he has been directed by the President, through the defense secretary, to confront Russian cyber operators at the source, Rogers said “no I have not” but noted that he has tried to work within the authority he maintains as a commander.

• NSA Boss Suggests Trump Lets Putin Think ‘Little Price to Pay’ for Messing With U.S.

• NSA director tells lawmakers Trump has not authorized him to stop Russian cyberattacks

• NSA: Trump hasn’t ordered Russian meddling stopped at source

• NSA chief: Trump hasn’t given command to stop Russian cyber threat

• Trump hasn’t directed NSA chief to strike back at Russian hackers

• NSA director says he hasn’t received orders from Trump to disrupt Russian cyberattacks targeting elections

• US Not Doing Enough to Counter Russia’s Cyberattacks, But Taking Steps – NSA

• Democrats furious Trump didn’t tell NSA chief to fight Russian meddling

• President Trump hasn’t given an order to counter Russian meddling, NSA chief says

• NSA director says Trump hasn’t ‘granted the authority’ to stop Russian election interference

  Less than two weeks after special counsel Robert Mueller indicted 13 individuals and a trio of Russian companies for “interference operations targeting the United States,” NSA Director Mike Rogers told members of Congress that the Trump administration hasn’t even authorized him to take measures to prevent election meddling going forward.

• NSA chief: Trump ‘has not ordered disruption of Russia election meddling’

  A top national security official told lawmakers on Tuesday he had not been directed by Donald Trump to disrupt Russian efforts to meddle in US elections, and that Vladimir Putin had come to the conclusion there was “little price to pay” for such actions.

• NSA Director: Trump Has Given No Specific Order to Combat Russian Meddling in 2018 Election

  A top U.S. intelligence official said Tuesday that President Donald Trump has given him no specific instructions to combat Russian meddling in the 2018 congressional elections that mirrors Moscow’s interference in the 2016 presidential contest aimed at helping Trump win.

  “I’ve never been given any specific direction to take additional steps outside my authority,” Admiral Mike Rogers, director of both the U.S. Cyber Command and the National Security Agency, told lawmakers.

• NSA boss: Trump won’t pull trigger for Russia election hack retaliation

  NSA boss Mike Rogers told a US congressional panel today that Russia’s online mischief-making in America’s elections is not going to stop – because Uncle Sam isn’t hitting back.

  “I believe that President Putin has clearly come to the conclusion there’s little price to pay here, and that therefore I can continue this activity,” Admiral Rogers told the Senate Armed Services Committee.

• NSA Chief: U.S. Response ‘Hasn’t Changed The Calculus’ Of Russian Interference

  The admiral in charge of both the nation’s top electronic spying agency and the Pentagon’s cybersecurity operations would seem a logical point man for countering Russia’s digital intrusions in U.S. election campaigns.

• Senator Klobuchar Thinks We Need To Start Fining Social Media Companies For Not Removing Bots Fast Enough

  First, let’s stop giving politicians bad ideas. Whoever prompted this response from Klobuchar has bits on their hands if this ever becomes law. Klobuchar can come up with her own bad ideas. There’s absolutely no reason journalists should be floating ideas containing First Amendment collateral damage. Let Klobuchar come up with her own terrible legislation. It’s not like she hasn’t done it before.

  Second, what the hell does this even mean? Weeding out all bots is impossible. Weeding out those the government has noticed might be doable, but they’ll likely be replaced with new ones as soon as they’re deleted. On top of that, forcing large platforms to cull anything that resembles automation is going to do damage to legitimate accounts that schedule posts in advance and it might result in the removal of truly useful bots, like Brad Heath’s Big Cases bot — one that trawls federal court RSS feeds for cases of interest and posts publicly-available copies of filings locked behind the government’s PACER paywall.

  Such a task is unfeasible. Legislation like this would only serve as a platform for political grandstanding. Fining tech companies for violations of terms of service by users is ridiculous. It’s not as though we don’t have enough ongoing threats to service provider immunity. Twitter and Facebook are already trying to wrestle with bot problems, but criminalizing the mere existence of bots doesn’t solve the problem. It just makes it easier for the government to monetize the very behavior reps are claiming they want to stamp out. It’s an incentive with a government perversion attached.

Censorship/Free Speech

• Anti-NRA Censorship Efforts Echo Earlier Pro-NRA Censorship Efforts, And Learn No Lessons From Them

  Lately I’ve been enjoying watching re-runs of Rowan & Martin’s Laugh-In. It’s somewhat reassuring to watch a previous generation get through a period of political angst as we go through this current one, especially as there are quite a few parallels that can be drawn.
  I mention this because as people call for Amazon, Apple, Roku, and YouTube to drop NRA-TV, I realize that we’ve seen calls for censorship like this before.

• Dundee’s student union accused of ‘regressive censorship’ over Daily Mail ban bid

  A motion was backed by Dundee University Students’ Association’s ruling body to remove the Daily Mail, Daily Express and The Sun from its shops.

  Sean O’Connor, the DUSA president, said the newspapers “do not match our values” and run “inflammatory and sensationalised articles that demean and insult members of our community”.

  But the move has been condemned by critics as an erosion of freedom of speech.

  Ross Starke, a politics student who works as a Dundee United kit man, leads a group of students opposed to the ban.

• Caesar Rodney censorship indicative of a certain reactionary mentality here in Delaware

  I hope you’ve heard — even better — read, Amy Cherry’s story about the Caesar Rodney school district’s censorship of dissenting views on the district’s official Facebook page.

• Elgin U46 school official: Social media guidelines encourage censorship

  An Elgin-area U46 official is blasting proposed changes to guidelines for school board members as an attempt to censor her social media statements about school district policies.

  Jeanette Ward is taking issue with direction that elected officials “carefully consider what they post on social media before they post it, avoiding statements that might be volatile,” which is part of proposed changes to a series of board agreements.

• EU’s new copyright law will effectively create censorship machines

  Last week, the European Parliament’s MEP in charge of overhauling the EU’s copyright laws did a U-turn on his predecessor’s position. Axel Voss is charged with making the EU’s copyright laws fit for the Internet Age, yet in a staggering disregard for advice from all quarters, he decided to include a obligation on websites to automatically filter content.

  In 2016 the European Commission proposed a new Directive on Copyright in the Digital Single Market. While there are other serious concerns about the proposals, Article 13, which sets out how online platforms should manage user-uploaded content appears to have the most dangerous implications for fundamental rights. Since then, European Parliament committees have done some good work improving the draft law — which makes Voss’ 180° spin all the more alarming.

• Facebook censors 30000 year-old Venus of Willendorf as ‘pornographic’

  Cases of art censorship on Facebook continue to surface. The latest work deemed “pornographic” is the 30,000 year-old nude statue famously known as the Venus of Willendorf, part of the Naturhistorisches Museum (NHM) collection in Vienna.

• Ali Schofield muses on censorship in the art world

  Millennials, we keep hearing, are too easily offended. The slightest whiff of troubling female sexualisation, for instance, and they’ll default straight to indignant outrage.

  Earlier this month Manchester Art Gallery took down a pre-Raphaelite painting showing young nude “femmes fatales”. The gallery put a sign up in place of Hylas and the Nymphs by John Williams Waterhouse encouraging visitors to comment.

• When Humphrey Bogart Tackled Movie Censorship in 1941

  “While people are always quick to take up the cudgels against censorship of the press, or radio, any crackpot can advocate new forms of censorship for the movies,” the screen star wrote, “and not a voice is lifted in protest.”

• Censorship, product placement, and pandering: inside Hollywood’s doomed attempts to conquer China

  Pacific Rim, Guillermo del Toro’s 2013 futuristic sci-fi film starring Idris Elba, was a resounding flop, recouping just $106 million in United States cinema ticket sales from a budget of $190 million. The critical reception wasn’t much better: “You might as well watch the birth of an elephant,” lamented one reviewer.

• São Paulo Court Rules That Censorship of Play About Trans Jesus Is Unconstitutional

• Brazilian Court Ends Censorship of Play About Transgender Jesus

• DOJ Tells Congress SESTA/FOSTA Will Make It MORE DIFFICULT To Catch Traffickers; House Votes For It Anyway

  As we’ve been discussing, this afternoon, the House voted both on Rep. Mimi Walters’ bad amendment to attach SESTA to FOSTA, and then on the combined bill — and both sailed through Congress. Somewhat incredibly, this happened even though the Justice Department weighed in with a last minute letter saying that the language in the combined SESTA/FOSTA is so poorly drafted that it would actually make it more difficult to prosecute sex traffickers, and also calling into question whether or not the bill was even Constitutional.

  You would think that with the DOJ pointing out these fairly fatal flaws with the bill, that perhaps (just perhaps), the House would delay voting on this. As noted last week, bringing the amendment to the floor without having it go through the House Judiciary Committee (as is supposed to happen), seemed to be the House’s way of washing its hands of the bill, and tossing the issue back to the Senate. But rushing through a bill with huge implications is no way to make law.

• House Vote on FOSTA is a Win for Censorship

  The bill passed today 388-25 by the U.S. House of Representatives marks an unprecedented push towards Internet censorship, and does nothing to fight sex traffickers.

  H.R. 1865, the Allow States and Victims to Fight Online Sex Trafficking Act (FOSTA), allows for private lawsuits and criminal prosecutions against Internet platforms and websites, based on the actions of their users. Facing huge new liabilities, the law will undoubtedly lead to platforms policing more user speech.

  The Internet we know today is possible only because of Section 230 of the Communications Decency Act, which prevents online platforms from being held liable for their users’ speech, except in certain circumstances. FOSTA would punch a major hole in Section 230, enabling lawsuits and prosecutions against online platforms—including ones that aren’t even aware that sex trafficking is taking place.

• Final push to fight underage sex trafficking hiding in plain sight

• US bill holds websites liable for online sex trade

• Hamilton Public Library fights literary censorship with ‘blackout poetry’

  It’s an art form that’s used to push back against censorship, and it’s happening at the Hamilton Public Library right now.

  It’s called “blackout poetry” — a form of visual and intellectual art that uses contentious books that have been banned in the past to create a piece that celebrates free expression.

  These pieces are being created at the library’s central branch as part of Freedom to Read Week, which is a national celebration of free expression, born of a protest against censorship that stretches back decades.

• Stanford Professor Drops Stupid SLAPP Suit Against Critics; Still Mad Online

  Back in November, we wrote about a pure SLAPP lawsuit filed by Stanford professor Mark Jacobson against another scientist, Christopher Clack, and the National Academy of Sciences. Jacobson claimed that Clack and others defamed him by publishing a rebuttal of a paper that he and some others had published earlier. In other words, this was a standard kind of academic dispute, with different scientists taking different positions. Rather than continue to debate it in academic settings, Jacobson sued the critics. We went through all of the details of the case, and why it was so ridiculous in the original article, so we won’t rehash that here.

• Concerns over censorship order

  The interim order issued by Chief Justice Gopal Parajuli to the Press Council instructing pre-censorship of news concerning the discrepancies in his birth-date mentioned in his official documents has drawn widespread criticism from different sides.

  The order that came from the bench presided by Parajuli himself on Sunday, following a series of news story about his birth-date controversy published in Kantipur daily, has been seen as an attack on free press by the advocates of democracy. Many of them took to social media to voice their concern on Tuesday. They were strident in their reactions against Parajuli’s attempt to muzzle the media.

Privacy/Surveillance

• Ninth Circuit Court of Appeals Has New Opportunity to Protect Device Privacy at the Border

  The U.S. Court of Appeals for the Ninth Circuit has a new opportunity to strengthen personal privacy at the border. When courts recognize and strengthen our Fourth Amendment rights against warrantless, suspicionless searches of our electronic devices at the border, it’s an important check on the government’s power to search anyone, for any or no reason, at airports and border checkpoints.

  EFF recently filed amicus briefs in two cases, U.S. v. Cano and U.S. v. Caballero, before the Ninth Circuit arguing that the Constitution requires border agents to have a probable cause warrant to search travelers’ electronic devices.

  Border agents, whether from U.S. Customs and Border Protection (CBP) or U.S. Immigration and Customs Enforcement (ICE), regularly search cell phones, laptops, and other electronic devices that travelers carry across the U.S. border. The number of device searches at the border has increased six-fold in the past five years, with the increase accelerating during the Trump administration. These searches are authorized by agency policies that generally permit suspicionless searches without any court oversight.

  The last significant ruling on device privacy at the border in the Ninth Circuit, whose rulings apply to nine western states, was in U.S. v. Cotterman (2013). In that case, the court of appeals held that the Fourth Amendment required border agents to have had reasonable suspicion—a standard between no suspicion and probable cause—before they conducted a “forensic” search, aided by sophisticated software, of the defendant’s laptop. Unfortunately, the Ninth Circuit also held that a manual search of an electronic device is “routine” and so the traditional border search exception to the warrant requirement applies—that is, no warrant or any suspicion of wrongdoing is needed.

• Can India’s Biometric Identity Program Aadhaar Be Fixed?

  The Supreme Court of India has commenced final hearings in the long-standing challenge to India’s massive biometric identity apparatus, Aadhaar. Following last August’s ruling in the Puttaswamy case rejecting the Attorney General’s contention that privacy was not a fundamental right, a five-judge bench is now weighing in on the privacy concerns raised by the unsanctioned use of Aadhaar.

  The stakes in the Aadhaar case are huge, given the central government’s ambitions to export the underlying technology to other countries. Russia, Morocco, Algeria, Tunisia, Malaysia, Philippines, and Thailand have expressed interest in implementing biometric identification system inspired by Aadhaar. The Sri Lankan government has already made plans to introduce a biometric digital identity for citizens to access services, despite stiff opposition to the proposal, and similar plans are under consideration in Pakistan, Nepal and Singapore. The outcome of this hearing will impact the acceptance and adoption of biometric identity across the world.

  At home in India, the need for biometric identity is staked on claims that it will improve government savings through efficient, targeted delivery of welfare. But in the years since its implementation, there is little evidence to back the government’s savings claims. A widely-quoted World Bank’s estimate of $11 billion annual savings (or potential savings) due to Aadhaar has been challenged by economists.

  The architects of Aadhaar also invoke inclusion to justify the need for creating a centralized identity scheme. Yet, contrary to government claims, there is growing evidence of denial of services for lack of Aadhaar card, authentication failures that have led to death, starvation, denial of medical services and hospitalization, and denial of public utilities such as pensions, rations, and cooking gas. During last week’s hearings , Aadhaar’s governing institution, the Unique Identity Authority of India (UIDAI), was forced to clarify that access to entitlements would be maintained until an adequate mechanism for authentication of identity was in place, issuing a statement that “no essential service or benefit should be denied to a genuine beneficiary for the want of Aadhaar.”

• Apple Agrees To Store Chinese iCloud Data In China, Making It Much Easier For The Chinese Gov’t To Access It [Ed: Apple does for China what it has already done for ages for Western governments. Because it doesn't (and never did) care about privacy. Ignore its show trial (like Microsoft's). Mere PR stunts to make them seem like they care for privacy.]

  This will allow the Chinese government to quell dissent and hunt down wrong-thinkers much more efficiently. It also shows the company is willing to drastically change the way it does business in order to maintain a large foreign customer base. This move will prompt questions from Congressional reps and FBI officials about Apple’s refusal to work with the US government to provide access to locked devices and encrypted communications. Thanks to its acquiescence to the Chinese government, these questions won’t be so easy to answer.

  This change in policy won’t budge the needle much in terms of US lawful access. US authorities will now have to route requests for Chinese data through the Chinese government, but it’s unlikely there’s much of that going on now. Requests for domestic data and communications stored in Apple’s iCloud will be handled the way they always have been. Apple’s always held keys domestically for iCloud accounts, which makes the cries of “going dark” a bit melodramatic.

  But it does indicate Apple is willing to change policies for governments far less freedom-friendly than ours. And if it’s willing to do that, why won’t it stash encryption keys for locked devices where US law enforcement can access them?

• Government could face greater burden of proof in NSA espionage case

  A federal judge has thrown a wrench in the government’s case against National Security Agency Contractor Harold T. Martin III by questioning how much foreknowledge a federal contractor needs to have for their possession of NSA documents to constitute theft of government information.

  On Feb 16, 2018, U.S. District Judge Marvin Garbis ordered a legal hearing to take place before March 6, 2018, at which both the defense and prosecution must define what they think the government must legally prove to convict Martin of theft, as originally reported by Politico.

Civil Rights/Policing

• Atlantic Bravely Confronts Twitter Insults, Ignores Threat of Decades in Prison

  New York Times editorial page deputy editor Bari Weiss—a boilerplate neocon warmonger, anti-Arab racist, and sexual abuse soft-peddler—got into hot water when she sent a tweet last week praising Asian-American Mirai Nagasu (born in California) for being “an immigrant” who “got things done.” When several people noted not only that Nagasu was born in the US–and thus not an immigrant–but that the assumption that Asian-Americans are inherently foreign is a pervasive, deeply toxic trope that should be apologized for, Weiss had a classic Twitter meltdown, ending in claims that animosity leveled at her was “another sign of civilization’s end.”

  Right on cue, fellow blue-checkmark Serious People rushed to her defense, most prominently—and uniformly—from the ultimate arbiter of seriousness, Atlantic Magazine. The centrist outlet published not one but two articles on the topic of Twitter being mean to Weiss: “The Excesses of Call-Out Culture“ by Conor Friedersdorf (2/19/18) and “Bari Weiss and the Left-Wing Infatuation With Taking Offense” by Shadi Hamid (2/17/19).

• Homeland Security Unlawfully Ended DACA Protections for Some Dreamers

  A federal court orders the government to reinstate DACA status that it unlawfully revoked without due process.

  As part of its anti-immigrant agenda, the Trump administration has been revoking Deferred Action for Childhood Arrivals grants based on unproven allegations or minor offenses that should have no effect on whether a person can protected from deportation under DACA. This policy has caused many young immigrants to lose their permission to live and work in the United States with no notice, explanation or opportunity to respond.

  But on Monday night, a federal court in Los Angeles put a stop to the practice, ruling that the government violates its own rules and the Administrative Procedure Act when it terminates DACA status without notice or a chance to contest the government’s actions. The APA is a 1946 law that regulates federal agencies and provides judicial oversight over their behavior.

• Jeff Sessions’ Culture War

  Sessions’ gay panic is just one example of his efforts to diminish rights and protections for certain groups, while intensifying the nation’s mass incarceration culture. He recently announced that he would end Obama-era protections for marijuana users in states that have legalized possession. While marijuana possession is still a federal crime — one based on retrograde, anti-scientific laws — he is using his authority to counter the will of voters in states where the public supports decriminalization of marijuana. He is doing this based on a comically outdated view of marijuana — that “good people” don’t smoke it — and a tragic resuscitation of the failed war on drugs more broadly.

• How Chicago Ticket Debt Sends Black Motorists Into Bankruptcy

  By last summer, Laqueanda Reneau felt like she had finally gotten her life on track.

  A single mother who had gotten pregnant in high school, she supported her family with a series of jobs at coffee shops, restaurants and clothing stores until she landed a position she loved as a community organizer on Chicago’s West Side. At the same time, she was working her way toward a degree in public health at DePaul University.

  But one large barrier stood in her way: $6,700 in unpaid tickets, late fines and impound fees.

  She had begun racking up the ticket debt five years earlier, in 2012, after a neighbor who saw her riding the bus late at night with her infant son sold her her first car, a used Toyota Camry, for a few hundred dollars. She was grateful for the shorter commute to work but unprepared for the extra costs of owning a car in Chicago.

• The Many Roads to Bankruptcy

  We’ve been reporting on how unpaid parking and automated traffic camera tickets can quickly spiral out of control for Chicago’s working poor, and particularly for African Americans.

  Thousands of drivers file for Chapter 13 bankruptcy each year to cope with ticket debt, getting a chance to lift license suspensions or to protect their vehicles from the city’s boot list.

  But bankruptcy often leaves drivers in worse financial shape.

• Top Lawmakers Call for Investigation of DEA-Led Unit in Mexico

  Powerful Democrats in both the House and Senate called Tuesday for an investigation into Drug Enforcement Administration-led operations in Mexico that played a role in triggering violent drug cartel attacks. These attacks left dozens, possibly hundreds, of people dead or missing, including many who had nothing to do with the drug trade.

  The call was issued in a letter signed by ranking members of the committees that oversee America’s foreign law enforcement operations and draws heavily on two stories last year by ProPublica and National Geographic that documented the attacks and the DEA’s role. One story reconstructed a 2011 massacre by the Zetas cartel in the Mexican state of Coahuila. It revealed that the wave of killings was unleashed after sensitive information obtained during a DEA operation wound up in the hands of cartel leaders, who ordered a wave of retaliation against suspected traitors.

Internet Policy/Net Neutrality

• NRA Gives FCC Boss An Award For ‘Courageously’ Killing Net Neutrality, May Have Violated Ethics Rules

  The NRA last week thought it would be a good idea to give FCC boss Ajit Pai an award for killing net neutrality. More specifically, the NRA gave Pai the Charleton Heston Award for Courage at the CPAC conference for killing the popular consumer protections. The entire affair was a tone deafness supernova from beginning to end, with American Conservative Union (ACU) Executive Director Dan Schneider making it abundantly clear that he and other attendees have absolutely no coherent idea what net neutrality even is.

• Tell Congress to Protect the Open Internet

  Today, EFF is participating in a national Day of Action to push Congress to preserve the net neutrality rules the FCC repealed in December. With a simple majority, Congress can use the Congressional Review Act (CRA) to overturn the FCC’s new rule. We’re asking for members of the House and Senate to commit to doing so publicly.

  On Thursday, February 22, the FCC’s so-called “Restoring Internet Freedom Order” was published in the Federal Register. Under the CRA, Congress has 60 working days to vote to overturn that Order. We’re asking representatives to publicly commit to doing just that. In the House of Representatives, that means supporting Representative Mike Doyle’s bill, which has 150 co-sponsors. In the Senate, Senator Ed Markey’s bill is just one vote away from passing.

Intellectual Monopolies

• Copyrights

  • Second Circuit Gouges TVEyes With Terrible Fair Use Ruling

    In a decision that threatens legitimate fair uses, the Second Circuit ruled against part of the service offered by TVEyes, which creates a text-searchable database of broadcast content from thousands of television and radio stations in the United States and worldwide. The service is invaluable to people looking to investigate and analyze the claims made on broadcast television and radio. Sadly, this ruling is likely to interfere with that valuable service.

    TVEyes allows subscribers to search through transcripts of broadcast content and gives a time code for what the search returns. It also allows its subscribers to search for, view, download, and share ten-minute clips. It’s used by exactly who you’d think would need a service like this: journalists, scholars, politicians, and so on in order to monitor what’s being said in the media. If you’ve ever read a story where a public figure’s words now are contrasted with contradictory things they said in the past, then you’ve seen the effects of TVEyes.

  • How To Use uTorrent Web To Download And Stream Torrents In Your Browser?

    An appealing user interface is a de facto requirement in modern software that has become better and better over the years. The world of BitTorrent clients is no different. While we still have those somewhat ugly but feature-packed torrent downloaders, there are many good looking options available for everyday torrent downloaders.

  • US v. Lundgren: When Recycling is a Crime

    A pending case against recycler Eric Lundgren has now moved to the 11th Circuit Court of Appeals. Lundgren pled guilty to criminal copyright infringement and was sentenced to 15 months incarceration. The basics are that he manufactured over 28,000 discs containing Dell/Microsoft Restore Discs and shipped them from China to the U.S. Lundgren argued that the discs should be seen as publicly available since they don’t work without an access code and his actual plan involved using legitimate access codes that he had obtained from purchasers. Microsoft apparently pushed the Miami FBI to pursue Lundgren for counterfeiting and last year he pled guilty to both Criminal Copyright Infringement and Conspiracy to Traffic in Counterfeit Goods.

    [...]

    The conspiracy to traffic in counterfeit goods is, I imagine, what really drove the charges — the problem with the discs was not only that they were Microsoft Restore discs, but that he had printed on them the Dell and Microsoft logos. Of course, one trick with Conspiracy is that it is a future-crime – an agreement to commit a crime at some time in the future.

  • ‘I got in Microsoft’s way’: Recycler sentenced over free Windows recovery CDs tells RT

    Recycling advocate Eric Lundgren, who was sentenced to 15 months in prison for making free Windows recovery discs, told RT that he will use his appeal to continue fighting against planned obsolescence by Microsoft and others.
    “I was very, very shocked when I was given a prison sentence for extending the lifecycle of electronics, practicing recycling and trying to empower people,” Lundgren said of the one year and three months conviction handed to him by a Florida court earlier in February.

    Lundgren was found guilty of “conspiracy and copyright infringement” after burning 28,000 copies of recovery discs for Windows back in 2016, despite the fact that the CDs, which had absolutely no retail value, were seized by the authorities. He was also slapped with a $50,000 fine but luckily avoided repaying $420,000 that Microsoft sought in restitution for lost sales.

• Distributions
• Devices/Embedded

‘Getting to Done’ on the Linux command line

There is a lot of talk about getting things done at the command line. How many articles are there about using obscure flags with ls, nifty regular expressions with Sed and Awk, and how to parse out lots of text with Perl? That isn’t what this is about.

This is about Getting to Done, making sure that the stuff we have to do actually gets tracked and done using tools that don’t require a graphical desktop, a web browser, or an internet connection. To do this, we’ll look at four ways of tracking your to-do list: plaintext files, Todo.txt, TaskWarrior, and Org-mode.

Desktop

• Chrome OS to support running Linux software in virtual machines

  The idea of a fusion of Android and Chrome OS might not be totally dead but is, instead, taking on a different form. And that form comes in Chrome OS’ ability to run almost any kind of software from any OS, officially or otherwise. A recently spotted change to the Chromium source seems to imply that, in just a few months, Chromebooks might officially support running Linux software, considerably expanding the number of possible uses these “cloud” machines can have.

• Google Plans to Add Support for Containerized Linux Apps to Chromebooks

  Google is apparently working on Project Crostini for Chrome OS to allow Linux VMs on Chrome OS, according to a Reddit thread, which points to a recent Chromium commit explaining a new device policy designed will allow Linux virtual machines to run on Chrome OS if it’s set to true.

  “If the policy is unset or set to true, running Linux VMs on Chrome OS is allowed. The unset is allowed means non-managed devices are allowed. At this time, in order for Linux VMs to run, the Finch experiment also needs to be enabled. After this feature is fully launched, the Finch control logic will be removed,” reads the commit.

• Chrome OS could be getting containers for running Linux VMs

• ​Chrome OS could be getting containers for running Linux VMs

• Google Developing Linux Virtual Machine Support In Chrome OS

• Why containers could finally bring Linux apps to Chrome OS

• Google code commits point to Linux-on-Chrome OS plans

• Soon You’ll Be Able To Run Linux Apps In VM On Chrome OS

• Chromebooks may get native support for (some) Linux apps via Crostini

• Crostini: A First Look At The New Linux Terminal For Chrome OS

  This past weekend, we discovered the Crostini Project which appears to bring Linux terminal to Chrome OS in a native environment that cicumvents the current method that requires Developer mode and sacrifices the security of your Chromebook.

• Linux Virtual Machines vs Linux Live Images

  I’ll be the first to admit that I tend to try out new Linux distros on a far too frequent basis. Yet the method I use to test them, does vary depending on my goals for each instance. In this article, we’re going to look at both running Linux virtual machines and running Linux live images. There are advantages to each method, but there are some hurdles with each method as well.

• Chromebooks could soon run Linux applications and VMs using containers

  With Linux being at the core of Chrome OS, it perhaps seems surprising that there’s no easy way to run Linux distros or applications on Chromebooks. Yes, there’s a Crouton script that can help you to achieve this, but it’s far from ideal as it massively lowers system security. All this could be about to change, however.

• Chrome OS to support running Linux software in virtual machines

  Google could be set to make its Chrome OS a much more potent threat to Microsoft if a new commit in the Chromium source is any guide. A developer project known as Crostini shows signs of Google officially introducing support for Linux virtual machines on Chrome OS.

Audiocasts/Shows

• EzeeLinux Show 18.10 | XBT 2 2, Ubuntu Wants Info and I Don’t Do Windows!

Kernel Space

• Linux 4.16-rc3

  We’re on the normal schedule for 4.16 and everything still looks very regular.

  rc3 is larger than rc2 was, but as mentioned last week, that’s
  expected – rc2 really was tiny. People have started finding things to
  fix, but there’s nothing that really stands out as particularly scary
  here.

  “Small changes all over” is the word.

  About half the changes are drivers (networking, rdma, scsi, usb, gpu),
  with half of the remainder being core networking (most of it
  netfilter, but it’s all over). The remaining 25% of the patch is
  “misc” – arch fixes, core kernel and vm, security subsystem, and
  tooling being the main stuff.

  The appended shortlog gives an overview of the details for interested parties.

• Linux 4.16-rc3 Released With “Small Changes All Over”

• Linux Foundation

  • Ribbon Communications Joins The Linux Foundation as Silver Member

    Ribbon Communications Inc. (Nasdaq: RBBN), a global leader in secure and intelligent cloud communications, today announced that it has joined The Linux Foundation and the Linux Foundation Networking Fund (LFN) as a Silver Member. The Linux Foundation is the organization of choice for the world’s top developers and companies to build ecosystems that accelerate open technology development and commercial adoption. Together with the worldwide open source community, it is solving the hardest technology problems by creating the largest shared technology investment in history.

• Graphics Stack

  • AMDGPU DC Gets HDMI Fixes, More Raven/DCN Patches

    DC patch wrangler Harry Wentland of AMD has sent out the 33 latest patches for the AMDGPU display code stack.

    This latest public update to the DC code includes fixes for HDMI 4K displays at 60Hz for some GPUs as well as fixing an HDMI info-frame problem. This batch of updates also increases the LUT size to 4096, there are an umber of multi-plane fixes for Chrome, a null pointer came up when trying to wake up a screen, and “bunch of other DCN patches.”

  • wayland 1.14.91

  • Wayland 1.15 Alpha Released, Pulls In Libwayland-EGL

    Derek Foreman of Samsung’s Open-Source Group has announced the alpha release of Wayland 1.15.

  • Weston 4.0 Alpha Brings Atomic Mode-Setting, New Protocol Support

    Shortly after announcing the Wayland 1.15 Alpha release on Monday, Samsung’s Derek Foreman did the adjoining alpha release of the Weston 4.0 reference compositor.

  • Samsung Proposes Session Management Protocol For Wayland

    Samsung OSG developer Mike Blumenkrantz is proposing a new Wayland protocol for dealing with session management behavior.

  • GSoC 2018 Could Bring Better Video Decode, Nouveau Vulkan, Wayland Improvements

    The X.Org Foundation is calling on student developers to consider applying for this year’s Google Summer of Code where you could be working on exciting projects for Nouveau, Mesa, Wayland, and more while gaining valuable work experience and earning a nice stipend.

    GSoC is a wonderful way to find a career in Linux/open-source developer and particularly with the X.Org-related projects, former GSoC students have a great track record of landing a related job from the big companies investing in Linux graphics drivers.

  • Mesa 17.3.6 Released To Fix Intel GPU Hangs

    It’s been just one week since the Mesa 17.3.5 debut while today it’s been succeeded by v17.3.6 as what’s being advertised as an emergency release.

    Mesa 17.3.6 solely contains i965 OpenGL driver changes for addressing GPU lockups that came in during the Mesa 17.3 development cycle. A handful of changes are needed for addressing these Intel GPU driver bugs that have been present the past few months.

  • Freedreno Is Looking Forward To Mesa SPIR-V/OpenCL Too

    There has been some interesting open-source GPU compute happenings in the works this year including SPIR-V support for Gallium3D Clover and Nouveau NIR support along with associated Mesa changes. Rob Clark of Red Hat and lead developer on the Freedreno driver has also jumped on board these recent Mesa compute initiatives.

    Rob Clark posted some patches this weekend pertaining to the recent Mesa OpenCL compute efforts. Curious if he had plans for OpenCL with the Freedreno driver, the reverse-engineered open-source driver stack for Qualcomm Adreno hardware, I fired off an email for more details.

Applications

• AtCore update 2/18

• Tidal CLI Client – Stream Tidal Music From Linux Command Line

  Tidal CLI Client is an open-source command line-based music streaming app with which Tidal users can search for and play music on their Linux PCs. Users can search for tracks either by track or artist name and add tracks to queues.

• Proprietary

  • Zenkit Brings Its Project Management App To Windows, MacOS And Yes, Linux Desktops

    The Linux thing is an interesting twist for Zekit. Often we see mobile or web-based apps transition to stand-alone desktop application on Windows or Mac operating systems, but Linux is usually left out in the cold

  • Green Hills Software Delivers The Most Advanced Compilers for Critical Embedded Software

  • REDMINT NETWORK Launches Loud ML Deep Learning API for Linux in the US in Partnership with InfluxData

• Instructionals/Technical

  • Prioritize BuildRequires from Copr

  • On generating kickstart passwords

  • Working with git branches was the best decision I made

  • Install Grub Customizer on Ubuntu

  • How to install Popcorn Time movie player on Debian 9 Stretch Linux

  • Dual Boot Windows with Linux on your PC – A Basic Guide

  • Comparing Elasticsearch with Solr

  • Installation of Lemur Certificate Manager on Ubuntu

  • How to install the latest NVIDIA drivers on Debian 9 Stretch Linux

  • How compilers work: Meticulous Transformer

  • Automated provisioning in Kubernetes

  • How to block local spoofed addresses using the Linux firewall

  • How to setup web server in AWS vlog

  • How to Use a Chromecast as a Quick Information Dashboard

  • Mytop – A Useful Tool for Monitoring MySQL/MariaDB Performance in Linux

  • Whisking Functions with Promises

  • How to Use WSL Like a Linux Pro

  • Deploying Ubuntu OpenStack to ARM64 servers

  • How to Install Eclipse Oxygen IDE in Debian and Ubuntu

  • Qubes Desktop Tips

  • Simple Guide to install OpenVPN on CentOS, Ubuntu (& their derivatives)

  • Convolutional Autoencoder as TensorFlow estimator

  • hauhan: Decoupling GStreamer Pipelines

  • Linux who Command Tutorial for Beginners (8 Examples)

  • Kubuntu 17.10 Guide for Newbie Part 8

  • The Longest Debugging—The journey towards a reliable Linux workstation

• Games

  • The 80′s inspired action-adventure Crossing Souls is out, it’s pretty good

    Crossing Souls [GOG, Steam], from Fourattic and Devolver Digital is an action-adventure love letter to the 80′s and it’s pretty good overall. I did some impressions of the demo previously, where I actually came off pretty impressed and wanting more.

  • Albion Online ‘Lancelot’ update to land March 12th with Fishing, Roaming Mobs & more

    Albion Online [Official Site] is set to expand again with the ‘Lancelot’ update that has been announced for release on March 12th.

  • The developer of ‘Rise to Ruins’ has shared some Linux sales and players data

    While obviously small, the numbers are in-line with what we’ve seen a few times, it’s also much higher than the currently reported Linux market share on the Steam Hardware Survey. This is a similar situation as seen with games like Maia, Helium Rain and Deep Sixed in regards to a higher share of Linux sales than developers might have expected.

    [...]

    …developer also shared the percentages per-platform of actual players who loaded it up during December, where Linux accounted for approximately 5.12%.

  • Godot Engine to work on Vulkan support

    Speaking on their official blog, Godot Engine [Official Site] developer Juan Linietsky writes about how the open source game engine will be getting Vulkan API support.

  • Moving to Vulkan (and ES 2.0) instead of OpenGL ES 3.0

    Edit: Changed post title for clarity (previously Abandoning OpenGL ES 3.0 for Vulkan (and ES 2.0)). We are not abandoning the current OpenGL ES 3.0 backend right now: as outlined in the post, we will start working on a Vulkan backend, which will eventually coexist with the OpenGL ES 2.0 and 3.0 backends – and eventually we might deprecate the OpenGL ES 3.0 backend if Vulkan cuts it.

  • Godot To Focus On Vulkan Over OpenGL ES 3.0 Now That There’s Mac Support

    The Godot Game Engine is one of the few projects already announcing a change in their plans following this morning’s announcement of better and open-source Vulkan support on macOS/iOS.

    The Godot engine had been focusing on its OpenGL ES 3.0 renderer as the single code-base for supporting all of their major platform targets. But with OpenGL ES 3.0 not working perfectly everywhere (particularly on some mobile devices) and poor WebGL 2 adoption along with driver issues in some cases, it hasn’t worked out as they would have liked. But now they are interested in having Vulkan replace this OpenGL ES 3.0 renderer.

  • Feudal Alloy, a metroidvania action-RPG with robots controlled by fish will support Linux

    That’s a title I didn’t think I would ever write! Robots controlled by fish is certainly an amusing idea and it’s coming with the metroidvania action-RPG ‘Feudal Alloy’ [Steam, Official Site] later this year.

  • Attrition: Tactical Fronts, a quick play, turn-based strategy game for 1-2 players added Linux support

    Here’s one that didn’t seen to get any attention, Attrition: Tactical Fronts [itch.io, Steam, Official Site] a quick play, turn-based strategy game for 1-2 players added Linux support back in December.

  • The developer of Solstice Chronicles: MIA is continuing to work on a Linux port

    Solstice Chronicles: MIA [Steam] might still be a few months away, but the developer has confirmed they’re continuing to bring it to Linux.

  • BYTEPATH is an arcade shooter with a huge skill tree, retro visuals and it’s insane

    It might not seem like much on the surface, but boiling below is actually a rather good arcade shooter full of character. There’s quite a lot of customisation on offer through different classes, different ships, a big skill tree and so on.

  • Vulkan can now run on Mac as MoltenVK is now open source

    Not exactly Linux news, but still interesting since Vulkan is what will likely power many Linux games in future and having Vulkan on Mac could result in easier ports to Linux. The Khronos Group has worked with Valve, LunarG, and The Brenwill Workshop to make this happen.

    Announced today by The Khronos Group, the MoltenVK project is now officially open source under the Apache License 2.0 and you can find it on GitHub right now. There’s no fees or royalties involved, so any game developer can use it without any hassle—which is really great.

  • Vulkan Is Now Available On macOS/iOS By MoltenVK Being Open-Sourced, Vulkan SDK for Mac

    Two years and a few days since the Vulkan 1.0 release is now marked by a new significant milestone for this cross-platform graphics/compute API… It’s not a new Vulkan release today, but Vulkan is now available on Apple’s iOS and macOS platforms! Here are the details with the embargo just expiring on Vulkan now on macOS/iOS but still without the official support from Apple.

  • Vulkan is coming to macOS and iOS, but no thanks to Apple

  • Vulkan graphics will enable faster games and apps on Apple platforms

  • Bringing Vulkan to Apple’s Platforms: Khronos Group Announces Open Source MoltenVK 1.0 & SDKs

Desktop Environments/WMs

• K Desktop Environment/KDE SC/Qt

  • IU not UI – Want a great desktop? Use the brain.

    The desktop works. It’s a given. Plasma works, too. No argument there. But that does mean we’ve peaked, or even come remotely close to nailing the desktop formula. It is true that a lot of things we do today have become a habit, which is why people rarely look at the norms and wonder if they might be silly or inefficient. They just are. But Plasma is a growing, evolving, and it has the power – and chance – to break through the stagnation. It won’t be trivial or fast. But it’s possible.

    The main reason why Plasma can do this – it has the most advanced desktop ecosystem in the Linux world, and it’s probing into the waters of mobile usage. It could become the superior, superlative face of the desktop, so that one day, when the technology and human needs finally meet, i.e. the Linux desktop will have the applications that the majority of people need, it will not fail due to a classic mistake of neglecting the convoluted randomness of computer usage. Linux never had to face this problem due to its small share. But that day may yet come. You don’t want to be the guy telling your grandma to chroot her mail, now do you?

  • Qt Visual Studio Tools 2.2.0 Released

  • Outta the way, KDE4

    KDE4 has been rudely moved aside on FreeBSD. It still installs (use x11/kde4) and should update without a problem, but this is another step towards adding modern KDE (Plasma 5 and Applications) to the official FreeBSD Ports tree.

    This has taken a long time mostly for administrative reasons, getting all the bits lined up so that people sticking with KDE4 (which, right now, would be everyone using KDE from official ports and packages on FreeBSD) don’t end up with a broken desktop. We don’t want that. But now that everything Qt4 and kdelibs4-based has been moved aside by suffixing it with -kde4, we have the unsuffixed names free to indicate the latest-and-greatest from upstream.

  • On Benchmarks

    A well knwon Linux website published a “benchmark” about Plasma Wayland vs Plasma Xorg vs Gnome Shell (Wayland and Xorg). Before anybody tries to draw any conclusion: this is not a proper benchmark. It shows no statistical relevance as it was only tested on one hardware and only on one distribution. It shows numbers, that’s it. The numbers might be nice or not, I don’t know. I am not able to draw any conclusions from these numbers.

  • Event Notes

    But if you’re thirsting for more KDE events, there’s the list of KDE Sprints which is where you will find the small, focused, fairly short events for hacking on a well-defined project. Some are open for visitors, and if there’s something you want to hack on with a group of KDE contributors, get organising! (Like, seriously, getting a hacking weekend together is just a few phone calls to reserve a rental house somewhere nice and to arrange for transportation — if you can get the people together, which is usually the biggest problem).

Distributions

• Why I fell in love with Antergos Linux

  My first experience with Linux was with Ubuntu 9.4. I installed it as a dual-boot with Windows 7. Dual-boot, for those who are new to Linux, allows you to choose whether to use your computer with Windows, Linux, or another operating system. It was my first adventure in something completely different from mainstream computing, and while I was intrigued, I couldn’t get hardware like my new printer and scanner to work with Ubuntu. That was not the only deal-breaker; I was also unable to open or convert some files so that my Windows-using friends could see things exactly as I did. I appreciated where Ubuntu was going, but it wasn’t ready for prime time to me.

• Reviews

  • Review: OviOS 2.31

    OviOS is a Linux-based distribution which is designed to act as a storage appliance. OviOS can be thought of along similar lines as a network attached storage (NAS) device, a box dedicated to holding and sharing files over a network. Where OviOS differs from most NAS solutions is OviOS does not feature a graphical or web-based interface. Everything on OviOS is managed from a command line shell, typically over a secure shell (OpenSSH) connection. The OviOS distribution ships with its own, custom shell which should streamline administration. The central idea behind the project appears to be making file storage and sharing as minimal as possible, without any unnecessary features such as web-based control panels.

    OviOS ships with ZFS support, giving us the ability to create multi-disk storage volumes, compress files at the file system level and create snapshots of our data. The distribution currently does not support booting on UEFI-enabled computers and runs on 64-bit x86 machines which support booting in legacy BIOS mode only.

  • Linux Deepin Review – For The Record

    Linux Deepin Review. Today I take a close look at Deepin Linux. It’s a Linux distro from a company in China called Wuhan Deepin Technology Co., Ltd. Despite being a little unsure what to expect at first, I came to appreciate a lot of the thoughtful features that went into the desktop.

    There are some rough edges, but overall it’s a fascinating distro taking a very different approach to blending FoSS and proprietary software.

• PCLinuxOS/Mageia/Mandriva Family

  • Mageia Infrastructure planned outage

    That means Forums, Wiki, Bugzilla, Mailing lists, website (www.mageia.org) and the buildsystem will be unavailable until the maintenance is done.

  • Mageia Weekly roundup 2018 – Weeks 7 & 8

    Before we get in to the roundup, here’s a huge thank-you to the Mageians who helped with all the password resets after our security problem reported last week. Everything is mostly sorted now, but please contact the forum or the discuss mailing list if you still need help.

• Arch Family

  • ArchLabs First Release for 2018

    The end of February is nigh, the official end to summer in NZ is almost over though the heat shows no sign of slacking.

    On that note, ArchLabs has a new release.

• OpenSUSE/SUSE

  • GNOME Shell vs. KDE Plasma Graphics Tests On Wayland vs. X.Org Server

    A premium member this week had requested some benchmarks of openSUSE Tumbleweed when looking at the performance of KDE Plasma vs. GNOME Shell in some open-source graphics/gaming tests while also looking at the Wayland vs. X.Org Server performance.

    With KDE Plasma 5.12 that openSUSE Tumbleweed has picked up, there is much better Wayland session support compared to previous releases. While KDE developers aren’t yet ready to declare their Wayland session the default, in my experience so far it’s been working out very well but still routinely will find application crashes in Kate and the like when testing under the KWin’s Wayland compositor.

• Red Hat Family

  • Red Hat Enterprise Linux now available on Alibaba Cloud

    Alibaba Cloud, the cloud computing arm of Alibaba Group, has announced that Red Hat Enterprise Linux, the enterprise open source operating system developed by open-source solutions provider Red Hat, is now available globally in the Alibaba Cloud Marketplace on a pay-as-you-go basis, bringing more choice and flexibility to customers of both Alibaba Cloud and Red Hat globally.

  • Atos Launches Managed Container Services Leveraging Red Hat OpenShift, Kubernetes

    Atos has launched a managed container service built on Red Hat OpenShift. The offering, leveraging Linux and Kubernetes, enables customers to create and run cloud-native applications and migrate legacy workloads to hybrid cloud environments, Atos claims.

  • Cisco, Intel, Red Hat take aim at closed 5G radio systems

    Cisco has used Mobile World Congress 2018 to tout a group of vendors working on open tech for the mobile radio access network.

    “Virtual RAN” – Radio Access Network – refers to a shift in base station architecture away from proprietary functions running on vendor-specific base station hardware.

    vRAN remakes the mobile network on the principles of the International Telecommunication Union’s (ITU’s) network function virtualisation (NFV) standards: the base station becomes a minimally-featured radio unit, with baseband, management, and subscriber functions on shared, virtualised, general-purpose computers in the carrier core.

  • DevOps jobs salaries: 9 statistics to see

  • Netronome Collaborates with Red Hat to Drive Performance for Open Cloud and NFV Infrastructure Technologies

  • archive.rpmfusion.org

    As of now we have moved all unsupported releases (EL-5, Fedora 8 – 25) to our archive (http://archive.rpmfusion.org/) and clients are now being redirected to the new archive system. The archive consists of 260GB which means we can reduce the size mirrors need to carry by more than 75%.

  • [Podcast] PodCTL #27 – The Serverless Landscape

  • python-libevdev – a python wrapper for libevdev

  • Finance

    • Red Hat Inc (RHT) Showing Positive Momentum in the Technicals

  • Fedora

    • Meet the supplemental wallpapers in Fedora 28

      The release of Fedora 28 is growing closer, and now you can see the supplemental wallpaper for the upcoming release. The Fedora Design team works with the community to supplement the standard wallpaper for each release. For this release there is a set of 16 additional wallpapers for your enjoyment and use. Congratulations to all the winners, and thanks to all those who submitted — do try again next release. Here are the amazing entries included in the upcoming release.

    • Bodhi 3.4.0 released

• Debian Family

  • Debian updates: CafeOBJ, Calibre, Html5-parser, LaTeXML, TeX Live

    The last few days have seen a somehow quite unusual frenzy of uploads to Debian from my side. Mostly due to the fact that while doing my tax declaration (btw, a huge pain here in Japan) I needed some spare time and dedicated them to long overdue package maintenance work as well as some new request.

  • Report from SnowCamp #2

  • Derivatives

    • Canonical/Ubuntu

      • LXD weekly status #36

        This past week we’ve been working very hard to land all those last few bits ahead of us tagging a number of 3.0.0.beta1 releases of all our repositories.

        We’re now waiting for a few last bits to land, including LXD clustering and some reshuffling of templates, bindings and tools in LXC. The current plan is to start tagging a number of projects later today, tomorrow and Wednesday, with all of them making their way into Ubuntu by end of day on Thursday.

        Note that all of those will be beta releases and so will not see our usual backporting effort at this point nor get full release announcements, we’ll keep all that for the final 3.0 release in about a month’s time.

        For snap users, we expect to push all of this to the currently unused beta channel, allowing you to try the upcoming LXD 3.0 along with the matching LXC 3.0 and LXCFS 3.0.

      • Flavours and Variants

        • Five Tiny Features of Linux Mint Cinnamon I’ve Come to Love

          I’m often asked by traumatized Windows users which Linux operating system I would recommend. Until a year and a half ago I recommended Zorin OS without hesitation. However, last year at this time, Zorin was still working on a major re-write and could not offer an LTS (long-term support) release.

          One of the problems of the Linux world is that distros great and small come and go. So lacking any certainty that Zorin would be ready before my version lost its support—or that Zorin would still exist—I downloaded Linux Mint Cinnamon 18 and have been using and recommending it ever since.

        • List of elementary OS PPA Links

          While we want to follow elementary OS latest updates, we may find it’s difficult to find its official Launchpad PPA addresses. For example, if you want to try 5.0 “Juno” but you cannot get latest ISO image, then installing software in development version from PPA on Loki is the only way. If you are a review writer (like me) you need those PPAs, but believe me it’s hard to find them on elementary OS website. So, I think it will be good to have a list of elementary OS PPAs in one article with instruction to install each. As a bonus, these PPAs of elementary OS are also installable for Ubuntu or Mint i.e. to install Pantheon Desktop on Ubuntu.

        • What’s New in LXLE 16.04.3 Eclectica

          LXLE 16.04.3 is latest release of LXLE 16.04.x series. This release brings various package updates and improvements, integrated with various of the components of the MATE and LXQt desktop environments, as well as some from the Linux Mint. The application menu received improvements to its layout and how items are organization, the system theme was tweaked for consistency and LXhotkey replaces the Obkey Openbox key editor.

          Based on Lubuntu 16.04 LTS and powered by Linux Kernel 4.4 series, some GTK+ theme tweaks have also been implemented to make Qt apps look better, login and bootloader wallpapers were added for system-wide theme consitency, and various desktop effects like transparency, fading, and shadows are now provided by Compton.

Devices/Embedded

• Crankshaft: Open Source Car Computer

  Modern cars and head units are pretty fancy gadget-wise. But what if your car still has an 8-track? No problem. Just pick up a Raspberry Pi 3 and a seven-inch touchscreen, and use Crankshaft to turn it into an Android Auto setup.

  The open source project is based on OpenAuto which, in turn, leverages aasdk. The advantage to Crankshaft is it is a plug-and-play distribution. However, if you prefer, you can build it all yourself from GitHub.

• Oreo-driven dev board showcases octa-core Snapdragon 845

  Intrinsyc’s Android 8.0 powered “Open-Q 845” HDK debuts the Snapdragon 845 with 8x “Kryo 835” cores split between Cortex-A75 and -A55 like designs, plus security and neural network engines.

• Build a DIY Google Assistant controlled Smart home Light with a Raspberry Pi

  Smart home Lights in recent times have become quite common thanks to the growing IoT market. But more recently, we are getting to see these lights being controlled with just the power of voice (instead of apps) through AI assistants on people’s phones, speakers, computers, etc. However, these Smart Lights haven’t yet beaten the conventional lights in terms of price and hence require a bit of an investment. So, if you have a Raspberry Pi lying around, we will show you how you can make your own Smartlight with a dumb one that can be controlled using Google Assistant. The project will involve playing around with IFTTT and Particle services so below is a bit of background about them-

• Jolla Working To Ship Sailfish OS 3.0 This Year

  Jolla is talking up Sailfish OS 3.0 this week at the Embedded World conference as the “next-generation of the independent mobile operating system” and plans to ship it this calendar year.

• SAMA5D27 SOM: Linux Performance in a Compact Package

  The processor supports QSPI Execute-in-Place (XIP) Linux. In addition, a 256-byte EEPROM contains a pre-programmed MAC address for the 10/100 Ethernet interface.

• Android

  • 10 Best Android Photo Editor Apps In 2018

    Don’t you hate it when the photos you’ve clicked doesn’t seem right even after a dozen attempts? You may not like its brightness, contrast, orientation or, you may want to add something to make the photos look catchy. That’s when photo editing apps come to your rescue. They pack a lot of features and are on par with lightweight desktop editors. Most social media apps already include editors in their interface. But, if you want more vivid customizations, you can use any of these photo editor apps we’ve compiled in this post.

  • Power Max P16K Pro Smartphone Has A Massive 16,000 mAh Battery, Charges In Just 90 Minutes

    The Android-powered smartphone, which weights 350g, can last for around five days after a full charge and provides a standby time of up to 40 days.

  • Nokia Floods Market With 4 New Android Smartphones And A Resurrected “Banana Phone”

    The Finnish smartphone maker HMD Global has been doing a great of job of bringing back Nokia heroes from the dead. First, it was the Nokia 3310, and now, HMD has announced the release of Nokia 8110 – the feature phone that starred in The Matrix.

    However, the relaunch comes with a twist. The new Nokia 8110 keeps the same banana-like curved form factor but boasts 4G LTE connectivity with VoLTE support. The device comes loaded with a Snapdragon 205 running Linux-based KaiOS. It supports a variety of apps like Google Maps, Google Search, Google Assistant, etc. Another big feature included is WiFi support.

  • ​Nokia attempts a smartphone comeback with Android

    Remember when Nokia was the mobile phone powerhouse? Under a new owner, HMD Global, the brand is trying to make a comeback to the top with Android smartphones.

    It’s a smart move. While most of the attention is going to Nokia’s 8110 4G, a modern, low-powered slider phone you may remember from The Matrix, which runs KaiOS, there’s so many users who want to take a nostalgic visit to 1999 feature phones.

  • Photos companion is the fastest way to bring your Android photos to Windows 10

  • Google Assistant now launches specific tasks in Android apps

  • Amazon brings AR View feature to Android

  • Forget Android Oreo, the next Google OS will have THIS awesome feature

  • The best weather apps for iOS and Android to keep you on top of forecasts

  • Amazon’s AR shopping tool is now available on Android

  • The leaked BlackBerry ‘Ghost’ is reportedly a high-end Android phone built for India

  • Google’s Phone app for Android now transcribes voicemail for T-Mobile customers

  • Apple rolls out new iPhone ads to convince Android users to make the switch

  • HMD/Nokia’s smartphones join Google’s Android One program ‘leading the charge’

  • Sony’s smartphone comeback starts with the Xperia XZ2 and XZ2 Compact

  • Our guide to Android Oreo

  • The 4 Best Cheap Phones May Surprise You

  • Google Android Go: Nokia, ZTE and Alcatel unveil first super-cheap smartphones

  • Netflix is testing a navigation bar on Android

  • Android Messages adds RCS support for dual SIM phones

  • The Nokia 1 joins Google’s Android Go effort with removable Xpress-on covers

  • Nokia 8 Sirocco hands-on: Android One goes sexy and expensive

  • 20 New Software Features in Android Oreo for the Galaxy S9

  • New LineageOS, based on Android 8.1, lands on Monday

  • Huawei kicks off MWC 2018 with premium Windows laptops and Android tablets

  • How to watch Sony’s MWC 2018 press conference on Chromecast, Android, Chrome OS, and Android TV

Top 10 open source legal stories that shook 2017

Like every year, legal issues were a hot topic in the open source world in 2017. While we’re deep into the first quarter of the year, it’s still worthwhile to look back at the top legal news in open source last year.

Has OSS finally come into its own?

Many moons ago – more than 15 years, in fact – South Africa’s government decided it would go open source.

Back in 2002, the Government Information Officers’ Council (Gito) – a body of government CIOs – released a policy framework document recommending government `explicitly’ support the adoption of open source software (OSS) as part of its e-government strategy.

Some eight years after the policy document was released, open source as a solution got the nod, with some government departments actually making the move. Back then, open source was seen as a way to stimulate skills development.

Improving teamwork by engineering trust

Even in highly mature open organizations, where we’re doing our best to be collaborative, inclusive, and transparent, we can fail to reach alignment or common understanding. Disagreements and miscommunication between leaders and their teams, between members of the same team, between different teams in a department, or between colleagues in different departments remain common even in the most high-performing organizations. Responses to their intensity and impact run the gamut, from “Why did someone take our whiteboard?” to “Why are we doing this big project?”

Community metrics: The challenge behind the numbers

We are all obsessed with the numbers and statistics we can measure in our lives. We are concerned about our health, so we monitor our weight, blood pressure, and calorie intake. We also observe ourselves and our work environments to evaluate our efficiency and team dynamics. This mindset of focusing on the numbers carries over to how we evaluate open source communities.

Events

• 6 Days Left to Submit a Proposal to Speak at LinuxCon + ContainerCon + CloudOpen China

  Submit a proposal to speak at LinuxCon + ContainerCon + CloudOpen China (LC3), taking place in Beijing this June 25 – 27, and share your expertise with 3,000+ open source technologists, executives and community members.

• Yet Another Perl Conference :: Europe :: 2018

  The Perl Conference – which in the Perl community is usually referred to as Yet Another Perl Conference Europe (YAPC::EU) – is the annual meeting of Perl Mongers, developers, administrators, technical managers and interested parties in Europe. In 2018 the European Perl Conference will be held at The Studio in Glasgow between 13th-17th August.

• SiFive to Host RISC-V Hackathon at Embedded Linux Conference

  SiFive will hold its first hackathon at the Embedded Linux Conference, providing an opportunity for developers to test SiFive’s HiFive Unleashed board featuring the Freedom U540 SoC, the industry’s first RISC-V based, 64-bit quadcore processor running Linux.

Web Browsers

• Mozilla

  • It’s Resilient CSS Week

    Writing code that works in all web browsers at the same time is one of the most important things we do. New technology is coming out all the time. Yet many of the people visiting the websites we build are using old browsers. How can we use new CSS if it’s not supported in every browser — especially when users keep using old, crufty browsers? Do we have to wait until 100% of people have a browsers with the new feature? Don’t we have to wait until Internet Explorer is dead before we can use the new stuff?

  • Speed Without Wizardry

    Most of the improvements that mraleph implemented are desirable regardless of the programming language that is our medium. Excessive allocation rates make any garbage collector (or malloc and free implementation) a bottleneck. Monomorphization and inlining are crucial to eking out performance in both Rust and JavaScript. Algorithms transcend programming languages.

  • This Week In Servo 105

    Welcome back to This Week in Servo, and apologies for the long delay since the last update! Servo has continued making progress throughout that time, including shipping the Stylo CSS engine in Firefox among many other things. We’re resuming weekly updates now that the pressure has let up a bit!

    In the last week, we landed 87 PRs in the Servo organization’s repositories.

  • Mozilla removes individual cookie management in Firefox 60

    The most recent version of Firefox Nightly, currently at version 60, comes with changes to Firefox’s cookie management. Mozilla merged cookie settings with site data in the web browser which impacts how you configure and manage cookie options.

    If you run Firefox 59 or earlier, you can load about:preferences#privacy to manage privacy related settings in Firefox. If you set the history to “use custom settings for history” or “remember history”, you get an option manage cookie settings and to remove individual cookies from Firefox.

  • Using Permissions to Establish Trust

    I used to work in an industry where being ISO 9001 certified was necessary in order to remain competitive. If you are unfamiliar with ISO 9001, it is a set of standards that requires a business to document each process, and then follow those documented processes. And every autumn, sure as the leaves falling from the trees, an independent auditor would show up to verify we were indeed documenting and following our processes. It’s like a tax audit you impose on yourself (and about as unpleasant).

    The idea behind ISO 9001, though, is that a certified business can be trusted, both in its business dealings and its delivered products. It is meant to convey a sense of quality and security to customers.

  • Firefox 59 Beta 14 DevEdition Testday, March 2nd

    We are happy to let you know that Friday, 2nd of March, we are organizing Firefox 59 .0b14 DevEdition Testday. We’ll be focusing our testing on the following features: Toolbars & window controls and Default & custom theme support.

SaaS/Back End

• Weighing Open Source’s Worth for the Future of Big Data

  The open source software movement began in earnest 20 years ago, when a group of technology leaders in Silicon Valley coined the term as an alternative to the repugnant “free software.” Fast forward to 2018, and the concept has been cemented in our psyches. But does open source have the staying power to drive the next 20 years’ worth of innovation?

  There was, of course, open source software before 1998. Linus Torvalds created the first Linux kernel in the open back in 1991, and even IBM engaged in sharing of operating system internals going back into the 1950s.

Databases

• MariaDB launches innovation labs

  he open source database company MariaDB is launching a research division aimed at tackling the most pressing issues in the database field.

  Speaking at the M18 user conference in New York yesterday, MariaDB CEO Michael Howard identified that the labs will focus on three key areas: “Machine learning, distributed computing and the use and exploitation of new chips, persistent storage and in-memory processing.”

Oracle/Java/LibreOffice

• LibreOffice 6 Review

  LibreOffice is an office productivity suite that is similar to Microsoft Office Suite. It has word processor program called Writer, spreadsheet known as Calc, and presentation as Impress. Other than these programs it also has a Draw, Base, and a Math program. LibreOffice can be installed on almost all platforms: Windows, OS X, Linux and certain UNIX OS.

CMS

• SuiteCRM brings open source CRM to new level

  SalesAgility has announced the release of the latest version of SuiteCRM and a new online documentation platform.

  SuiteCRM is the worlds largest open source CRM, it was created after SugarCRM stopped its open source development of the product. It was first released in October 2013 as version 7.00. The latest release is 7.10 and comes with a series of enhancements.

  The second announcement around the documentation platform sees SugarCRM bring online documentation to the wider community. One of the changes is that it enables non developers from customers to add value to the community.

• SalesAgility, the driving force behind SuiteCRM, joins Open Source Initiative as Corporate Sponsor

• SalesAgility joins open Source initiative

  SalesAgility has joined the Open Source Initiative (OSI) as a Premium Corporate Sponsor. In some ways it is surprising that it has taken this long for SalesAgility to have joined OSI. SalesAgility are the developers of SuiteCRM, the leading open source CRM software. It was created in 2013 when it forked from SugarCRM. Prior to 2013 SugarCRM had an at times fractious relationship with OSI.

Pseudo-Open Source (Openwashing)

• Microsoft brings its quantum dev kit to macOS, Linux; new kind of qubit this year [Ed: Having failed with Mono. According to Microsoft Peter, Microsoft now attempts to screw developers with something called Q#. And in its usual fashion it 'steals' names of FOSS projects, this time "quantum".]

• Mass Protest in Support of Net Neutrality Tomorrow, Linux Support Added to Microsoft’s Quantum Development Kit and More

• Radisys Open Sources 4G RAN Software on the Qualcomm® FSM™ Platform for Small Cell and CBRS Deployments

• Radisys open sources 4G RAN software on Qualcomm FSM platform for small cell, CBRS deployments

• TrackNet Contributes to LoRaWAN Ecosystem with Open-Source Version of Large-Scale Firmware Updates Over-the-Air

BSD

• An Open Letter to BSD-powered Companies and Projects

  For three years, the Tor BSD Diversity Project (TDP) has worked to bring the BSDs into the mainstream of the privacy-enhancing technology ecosystem (PETs).

  We aim to expand the use of the BSDs as a platform for Tor relays, public nodes in the Tor anonymity network. Tor is a critical tool for maintaining privacy online, frequently employed by journalists, human rights workers and those residing in repressive and censored environments.

  [...]

  iIf your entity isn’t ready to run a Tor node, but you’re interested in donating resources such as bandwidth, hardware or some type of monetary support, contact us. TDP looks forward to assisting your staff in configuring and maintaining BSD relays.

• [llvm-dev] [6.0.0 Release] Release Candidate 3 source, docs and binaries available

• LLVM 6.0 Release Candidate 3 Arrives As The Official Release Nears

  The third release candidate is available today of LLVM 6.0 and its associated components like Clang, Compiler-RT, libc++, LLDB, etc.

  Hans Wennborg just announced the 6.0.0 RC3 milestone that is now available for download.

FSF/FSFE/GNU/SFLC

• GNU Automake 1.16 Preps For More Changes Ahead Of Automake 2.0

  While Meson+Ninja remains all the hype these days when it comes to open-source build systems, the GNU build system isn’t going away any time soon and a key component of that was just updated, Automake 1.16.

  GNU Automake 1.16 has fixes around its automatic dependency tracking, improvements around dealing with the reproducible builds effort, a custom test suite driver for the Guile Scheme SRFI-64 API, and various other minor changes.

• GNU Automake 1.16 released

  We are pleased to announce the GNU Automake 1.16 minor release.

  This release follows 1.15.1 which was made 8 months ago.

  See below for the detailed list of changes since the previous version, as summarized by the NEWS file.

Openness/Sharing/Collaboration

• Open Hardware/Modding

  • GREEN WAVES : GreenWaves Technologies Unveils GAP8, the Industry’s Lowest Power IoT Application Processor, Enabling Groundbreaking Embedded Artificial Intelligence at the Very Edge

  • GreenWaves Technologies unveils Gap8 processor for AI at the edge

    Grenoble, France-based GreenWaves is announcing its Gap8 internet of things (IoT) application processor today to handle low-power AI processing in sensor devices. The chip is based on the RISC-V open source processor architecture, and it is meant to solve problems that a lot of other processors were not designed to handle.

  • CEVA Extends its IP Platforms for Bluetooth and Wi-Fi with RISC-V

    Mobile World Congress – CEVA, Inc. (NASDAQ: CEVA), the leading licensor of signal processing platforms and artificial intelligence processors for smarter, connected devices, today announced that its market-leading RivieraWaves Bluetooth and Wi-Fi intellectual property (IP) platforms are now offered with an optional integrated open-source RISC-V MCU.

  • RISC-V Gains Its Footing

    The RISC-V instruction-set architecture, which started as a UC Berkeley project to improve energy efficiency, is gaining steam across the industry.

    The RISC-V Foundation’s member roster gives an indication who is behind this effort. Members include Google, Nvidia, Qualcomm, Rambus, Samsung, NXP, Micron, IBM, GlobalFoundries, and Siemens, among many others.

  • IoT apps processor boasts eight RISC-V cores

    Fabless startup Greenwaves Technologies has announced the availability of its GAP8 IoT application processor.

    Martin Croome, vp of business development, said: “GAP8 is aimed at battery powered devices performing content understanding and control applications. Examples include keyword spotting, beam forming and speech analysis. It could also be used for vibration analysis and face detection.”

  • 5 keys to building open hardware

    The science community is increasingly embracing free and open source hardware (FOSH). Researchers have been busy hacking their own equipment and creating hundreds of devices based on the distributed digital manufacturing model to advance their scientific experiments.

    A major reason for all this interest in distributed digital manufacturing of scientific FOSH is money: Research indicates that FOSH slashes costs by 90% to 99% compared to proprietary tools. Commercializing scientific FOSH with open hardware business models has supported the rapid growth of an engineering subfield to develop FOSH for science, which comes together annually at the Gathering for Open Science Hardware.

Programming/Development

• Introducing Qt Automotive Suite 2.0

  We are excited to announce the Qt Automotive Suite 2.0, a great leap forward towards a unified HMI toolchain and framework for digital cockpit, available end of February 2018.

• Qt Automotive Suite 2.0 Released

  Two years after unveiling Qt Automotive Suite 1.0 for designing digital cockpits for the ever increasing number of screens within cars, The Qt Company has today announced Qt Automotive Suite 2.0.

• Conan package manager brings C and C++ to devops

  Conan, a distributed, open source package and dependency manager, promises to bring C and C++ into devops.

  The multiplatform package manager builds and shares native binaries. Conan’s ability to quickly create builds, port packages, and run them on different operating systems (Windows, Linux, MacOS, and FreeBSD) helps make C and C++ suitable for devops, said Harry Manley, a senior solutions engineer at JFrog, which sponsors the Conan project.

• An ethical oath for programmers

  Nick Johnstone’s “Programmer’s Oath” is billed as “An oath for programmers, comparable to the Hippocratic Oath.” Naturally, it’s on Github and you can create a pull request if you think that Johnstone got something wrong.

• Compiler bug? Linker bug? Windows Kernel bug.
  

  Flaky failures are the worst. In this particular investigation, which spanned twenty months, we suspected hardware failure, compiler bugs, linker bugs, and other possibilities. Jumping too quickly to blaming hardware or build tools is a classic mistake, but in this case the mistake was that we weren’t thinking big enough. Yes, there was a linker bug, but we were also lucky enough to have hit a Windows kernel bug which is triggered by linkers!

  In September of 2016 we started noticing random failures when building Chrome – 3 out of 200 builds of Chrome failed when protoc.exe, one of the executables that is part of the build, crashed with an access violation. That is, we would build protoc.exe, and then run it to generate header files for the next build stage, but it would crash instead.

Apple confirms it now uses Google Cloud for iCloud services

Apple has confirmed that it uses Google’s public cloud to store data for its iCloud services in its latest version of the iOS Security Guide last month, as spotted by CNBC. Reports that Apple relied on Google’s cloud services surfaced in 2016 but were previously never confirmed.

Apple had previously used remote data storage systems provided by Amazon Web Services and Microsoft Azure. Apple’s edition of the iOS Security Guide in March 2017 still listed Microsoft Azure instead of Google Cloud Platform.

The new edition describes its iCloud service: “The encrypted chunks of the file are stored, without any user-identifying information, using third-party storage services, such as [Amazon] S3 and Google Cloud Platform.”

Science

• ‘Two-way signaling’ possible with a single quantum particle

  Classically, information travels in one direction only, from sender to receiver. In a new paper, however, physicists Flavio Del Santo at the University of Vienna and Borivoje Dakić at the Austrian Academy of Sciences have shown that, in the quantum world, information can travel in both directions simultaneously—a feature that is forbidden by the laws of classical physics.

• Largest molecular spin found close to a quantum phase transition

  An international research team headed by Professor Dr. Annie Powell, a chemist at the Karlsruhe Institute of Technology (KIT), and Professor Dr. Jürgen Schnack, a physicist at Bielefeld University, has synthesized a new magnetic molecule. The team has reported the largest ground state spin ever attained. It is publishing its new findings today (26.02.2018) in the new Nature partner journal npj Quantum Materials.

• Going with the DNA flow: Molecule of life finds new uses in microelectronics

  For sheer versatility, there’s no molecule quite like DNA. The iconic double-helix carries the genetic blueprint for living forms ranging from single-celled organisms to human beings.

  Recently, researchers have found that DNA’s remarkable properties of self-assembly and its ability to conduct electrical charge over considerable distance make it ideally suited for myriad applications, including tiny electronic circuits and computing devices, nanorobots and new advances in photonics.

• MIT boffins reckon private browsing still leaks data, but they have the answer

  At MIT’s Computer Science and Artificial Intelligence Laboratory, the smart folk found that so-called private browsing modes aren’t nearly private enough. The researchers noted that such modes still leak data like DNS cache, file system info and “on-disk reflections of RAM such as the swap file”.

• Stanford, MIT, Johns Hopkins University and Waterloo University eye Hong Kong as regional base for stem cell research

  Stanford, Massachusetts Institute of Technology, Johns Hopkins University and Waterloo University want to form a consortium in the city to engage in biotechnology R&D, source says – but hurdles remain

• China spirals past US in genome research

  The US government’s National Human Genome Research Institute (NHGRI) is studying if every American baby should undergo extensive DNA sequencing and analysis at birth, while China and other countries are already more advanced toward that goal despite rights concerns.

  DNA, the double helix of deoxyribonucleic acid, can reveal a person’s physical and psychiatric health, identity, relatives and other details. But databases of people’s DNA could also enable governments, police, hackers, corporations, forgers and others to abuse the information.

• Forecasts of genetic fate just got a lot more accurate

  When Amit Khera explains how he predicts disease, the young cardiologist’s hands touch the air, arranging imaginary columns of people: 30,000 who have suffered heart attacks here, 100,000 healthy controls there.

  There’s never been data available on as many people’s genes as there is today. And that wealth of information is allowing researchers to guess at any person’s chance of getting common diseases like diabetes, arthritis, clogged arteries, and depression.

Hardware

• Secretive U.S. security panel discussing Broadcom’s Qualcomm bid – sources

  A national security panel that can stop mergers that could harm U.S. security has begun looking at Singapore-based chipmaker Broadcom Ltd’s plan to take over rival Qualcomm Inc, according to three sources familiar with the matter.

  CFIUS, an opaque inter-agency panel, has been in touch with at least one of the companies in the proposed merger, one source said, and met last month to discuss the potential merger of the two big semiconductor companies, according to two sources familiar with the matter.

Health/Nutrition

• The high-tech medicine of the future may be biased in favor of well-off white men

  The promise of precision medicine is that all sorts of information about you—your genetics, ethnicity, diet, even neighborhood—could be used to create highly personalized treatments for whatever ails you, replacing the one-size-fits-all medicine of the past.

  Doctors hope this will make everyone healthier. But a new report by the Data & Society Research Institute in New York says certain groups in the US are in jeopardy of being worse off when medicine is tailor-made. The one group notably not at risk: white men who can afford health insurance and a decent lifestyle.

• Federal Watchdog Identifies New Workplace Safety Problems at Los Alamos Lab

  Los Alamos National Laboratory has failed to keep track of a toxic metal used in nuclear weapons production, potentially exposing workers to serious health consequences, a federal watchdog has found.

  The New Mexico lab’s failure to adequately track beryllium — small amounts of which can cause lung disease and cancer — violates federal regulations put in place to prevent worker overexposure, according to a report last week from the Department of Energy’s inspector general.

• Trump Era Threatens the Rights of People with Disabilities

  In the first year of Donald Trump’s presidency, Republicans in Congress have repeatedly threatened the American with Disabilities Act (ADA). According to Rewire, repealing the ADA would force significant cuts to Medicaid, compromising health care for people with disabilities. Medicaid pays for personal care assistants to help with employment, education and integrating in society for those with disabilities. Michelle Diament of Disability Scoop says that as of early January, 2018, Attorney General Jeff Sessions was also rescinding guidance documents related to ADA.

  The possible repeal of the ADA and the rescinding of documents by Sessions are alarming to the disabled community. Guidance documents define expectations on everything from “service animals to accessible building practices as well as a 2016 letter on employment of people with disabilities.” Documents such as these are important because they offer civil rights and protections to people with disabilities. One of the documents, established in 2016, enforces opportunities for people with disabilities to be gainfully employed. The main concern is that without such guidance people with disabilities will be employed in sheltered workshops, away from other employees.

• Trump White House Releases Biopharmaceutical Pricing Reform White Paper

  The White House Council of Economic Advisers recently released a report titled, “Reforming Biopharmaceutical Pricing at Home and Abroad.” [Report] The Report points to basically two problems: 1) overpricing in the United States; and 2) underpaying outside the United States.

Security

• Security updates for Monday

• Developer gets prison after admitting backdoor was made for malice

  An Arkansas man has been sentenced to serve almost three years in federal prison for developing advanced malware that he knew would be used to steal passwords, surreptitiously turn on webcams, and conduct other unlawful actions on infected computers.

• New bypass and protection techniques for ASLR on Linux

  Many important application functions are implemented in user space. Therefore, when analyzing the ASLR implementation mechanism, we also analyzed part of the GNU Libc (glibc) library, during which we found serious problems with stack canary implementation. We were able to bypass stack canary protection and execute arbitrary code by using ldd.

  This whitepaper describes several methods for bypassing ASLR in the context of application exploitation.

• Who Wasn’t Responsible for Olympic Destroyer?

  Evidence linking the Olympic Destroyer malware to a specific threat actor group is contradictory, and does not allow for unambiguous attribution. The threat actor responsible for the attack has purposefully included evidence to frustrate analysts and lead researchers to false attribution flags. This false attribution could embolden an adversary to deny an accusation, publicly citing evidence based upon false claims by unwitting third parties. Attribution, while headline grabbing, is difficult and not an exact science. This must force one to question purely software-based attribution going forward.

• A Technical Deep Dive: Securing the Automation of ACME DNS Challenge Validation

  Earlier this month, Let’s Encrypt (the free, automated, open Certificate Authority EFF helped launch two years ago) passed a huge milestone: issuing over 50 million active certificates. And that number is just going to keep growing, because in a few weeks Let’s Encrypt will also start issuing “wildcard” certificates—a feature many system administrators have been asking for.

• Linux 4.16 Receives More Spectre & Meltdown Fixes/Optimizations

  The in-development Linux 4.16 kernel has already received a few rounds of updates for the mitigation work on the Spectre and Meltdown CPU vulnerabilities while more is on the way.

  Thomas Gleixner today sent in another batch of “x86/pti” updates for Linux 4.16 in further addressing these CPU security vulnerabilities that were made public in early January.

• SecOps Spends Its Days Monitoring

  Developers, Security and Operations: DevSecOps. The operations part of the term usually refers to IT operations. However, today narrows in on SecOps, that work in security operations centers (SOCs) and cyber incident response teams (CIRTs). The Cyentia Institute’s survey of 160 of these security analysts shows they face some of the same challenges developers and IT operations teams do. They spend more time on monitoring than any other activity, but they much rather solve problems and “hunt” new threats. SecOps does not like reporting or something called Shift Ops — the actual details of change control and making sure the team doesn’t burn out. Given the shortage of information security professionals, it is concerning that only 45 percent of respondents said their job experience was meeting their expectations.

• Covert ‘Replay Sessions’ Have Been Harvesting Passwords by Mistake

  Bulk data collection is always a privacy red flag. But the Princeton research group that first published findings about session replay scripts has uncovered a troubling series of situations where seemingly well-intentioned safeguards fail, leading to an unacceptable level of exposure.

• How to Check if Your Password Has Been Stolen

• More than half of IT pros believe their organization was breached at least once in 2017

Defence/Aggression

• Why does the NRA have a non-profit, tax exempt status?

• Growing Risk of U.S.-Iran Hostilities Based on False Pretexts, Intel Vets Warn

  As President Donald Trump prepares to host Israeli Prime Minister Benjamin Netanyahu next week, a group of U.S. intelligence veterans offers corrections to a number of false accusations that have been levelled against Iran.

• U.S. Imposes New N. Korea Sanctions

  The Trump administration announced harsh new sanctions against North Korea on Friday, just before the Olympic Games ended in South Korea. During the games, North Korean officials met with their south Korean counterparts and reportedly expressed a willingness to hold talks with the United States.

Transparency/Investigative Reporting

• Slovakian journalist investigating claims of tax fraud linked to ruling party shot dead

  Ján Kuciak, 27, and his fiancee, Martina Kušnírová, were discovered shot dead in the home they shared after worried relatives alerted police, saying it had been a week since they had heard from the couple.

  Slovakia’s most senior police officer, Tibor Gašpar, told reporters the murders “likely have something to do with [Kuciak’s] investigative activities”.

• The mediation proposal on the Assange case “has not enhanced”

  Ecuador’s proposal to the United Kingdom for a mediation on the case of Julian Assange “has not enhanced,” said the Minister of Foreign Affairs and Human Mobility, Maria Fernanda Espinosa. “To mediate you need two parties, Ecuador is willing, but not necessarily the other party”, she explained.

• Julian Assange: Ecuador says UK ‘at fault’ as talks on future break down

  Julian Assange looks set to continue his “refugee” status indefinitely after Ecuador admitted talks with the UK over his exit from its London embassy have failed.

  Maria Fernanda Espinosa, the South American country’s foreign minister, suggested British officials had been unwilling to negotiate over the Wikileaks founder’s potential release.

  Earlier this month, Senior District Judge Emma Arbuthnot upheld the warrant for the arrest of Mr Assange for skipping bail – saying he should have the courage to face court and not feel he is “above the law”.

  His legal team again argued that the outstanding warrant – which dates back to 2012 – should be dismissed because it had “lost its purpose and function” after a Swedish investigation over sex-related allegations was dropped last year.

• Ahead of Trial, Government Vilifies NSA Whistleblower Reality Winner

  As whistleblower Reality Winner nears trial, prosecutors for the United States government have focused on framing Winner as “anti-American,” denying her bail and due process, and depriving her defense attorneys of adequate access to resources.

  Winner, an Air Force veteran working for an intelligence contractor in Augusta, Georgia, printed out and mailed a classified NSA document to The Intercept in May 2017. The document reported that Russian hackers conducted cyberattacks against a United States voting software supplier and sent phishing emails to more than 100 election officials leading up to the November 2016 election, though the data used to develop this analysis was not included in the report.

• Julian Assange hung out to dry — yet again

  Italian investigator Maurizi, using freedom of information requests, and with the support of her newspaper Repubblica, has unearthed some of the real motives underlying the British attitude. It has nothing to do with “justice” and everything to do with kowtowing to the Americans — the latter making no secret of their desire to see Assange prosecuted for treason and locked up for a very long time.

  Maurizi showed that the Swedish authorities wanted to drop the sexual assault charges back in 2013, but were persuaded by the British to keep the case going.

  The British efforts included dissuading the Swedish authorities from coming to London to interview Assange, despite repeated offers from him, and a history of such interviews in 44 other extradition cases involving Sweden and the United Kingdom.

  The Swedish prosecutor, Marianne Ny, wrote to the Crown Prosecution Service on 18 October 2013, advising her British contacts that Swedish law would not allow the extradition case to continue. This followed an earlier email from the British to the Swedish authorities, saying ‘don’t you dare get cold feet’.

Environment/Energy/Wildlife/Nature

• Are Driving Bans Coming for German Cities?

  A court ruling could ban millions of diesel cars from German city centers, rendering the vehicles worthless. The federal government has considered responding with free public transportation and by forcing car manufacturers to submit to new requirements. By DER SPIEGEL Staff

• Major EPA reorganization will end science research program

  A federal environmental program that distributes grants to test the effects of chemical exposure on adults and children is being shuttered amidst a major organization consolidation at the Environmental Protection Agency (EPA).

  The National Center for Environmental Research (NCER) will no longer exist following plans to combine three EPA offices, the agency confirmed to The Hill Monday.

  The program provides millions of dollars in grants each year.

  Perhaps best known for its handling of fellowships that study the effects of chemicals on children’s health, NCER will be dissolved and science staff serving there will be reassigned elsewhere within the department, EPA said.

• Relying on renewables alone significantly inflates the cost of overhauling energy

  A growing number of US cities and states have proposed or even passed legislation that would require producing all electricity from renewable energy sources like solar and wind within a few decades.

  That might sound like a great idea. But a growing body of evidence shows it’s not.

• North Pole surges above freezing in the dead of winter, stunning scientists

Finance

• Coinbase: We will send data on 13,000 users to IRS

  Coinbase reminded its users that it is “unable to provide legal or tax advice.” The company also noted, “If you have concerns about this, we encourage you to seek legal advice from an attorney promptly. Coinbase expects to produce the information covered by the court’s order within 21 days.”

• Capio to acquire the Swedish primary care group Novakliniken

  Capio has signed an agreement to acquire 100% of Novakliniken with operations in the southeastern parts of [Scania], Sweden. Novakliniken operates eight primary care centers and two branches, and provides some occupational health and dental services. 2017 net sales were MSEK 245. The acquisition of Novakliniken complements and strengthens Capio’s presence and healthcare offering in [Scania].

• The American midwest is quickly becoming a blue-collar version of Silicon Valley

  Alongside the traditional high-flying software jobs that are plentiful in Silicon Valley, mid-tech jobs, loosely defined as tech jobs requiring less than a college degree, are growing fast in the Midwest. While not an official designation, mid-tech jobs can be defined as skilled tech work that doesn’t require a college degree: just intense, focused training on the job or in vocational programs like those of blue-collar trades of the industrial past.

• Uber, Lyft drivers are making city traffic worse, studies find

  One promise of ride-hailing companies like Uber and Lyft was fewer cars clogging city streets. But studies suggest the opposite: that ride-hailing companies are pulling riders off buses, subways, bicycles and their own feet and putting them in cars instead.

  And in what could be a new wrinkle, a service by Uber called Express Pool now is seen as directly competing with mass transit.

• American Manufacturing Doesn’t Have to Die

  Twelve-and-a-half million Americans worked in manufacturing in 2017, down from 14.1 million 11 years earlier.

• Why blockchain challenges conventional thinking about intellectual property

  Cryptocurrencies are getting a lot of attention, but finance is only one of many applications of the blockchain technology behind it.

  Blockchain technology is poised to revolutionise almost everything from supply chains (including illegal fishing and human rights abuses), insurance and health.

  [...]

  History is littered with examples of patents harming rather than aiding innovation. James Watt’s steam engine was an advance over existing steam engines, yet the technology could not be built upon because of Watt’s patents.

• Chinese Tycoon Makes $9 Billion Bet on Mercedes E-Car Know-How

  A dozen years ago, Chinese carmaker Geely announced its arrival on the global stage with a giant “I Am Geely” sign over its stand at the Frankfurt Auto Show. Last week, Geely founder Li Shufu effectively added an “I am Mercedes-Benz” banner to his collection.

  Li on Friday disclosed that he has become the top shareholder in Daimler AG, the storied company that is one of the crown jewels of German industry. Li, chairman of Zhejiang Geely Holding Group Co., said the 7.3 billion-euro ($9 billion) stake — 9.7 percent of Daimler’s shares — will help his company better compete as the likes of Google and Apple Inc. vie for a role in the shift to electric and self-driving vehicles.

• The Dropbox IPO is a transformative moment for Y Combinator

  Dropbox on Feb. 23 announced plans to raise $500 million through an initial public offering (pdf), making the 11-year-old file-storage startup the first company in Y Combinator’s portfolio to make a market debut.

  It’s a big moment, and a potential inflection point, for the influential incubator. Y Combinator has a roster of big companies, including Stripe and Airbnb, that plan to go public eventually.

• Cooke Aquaculture Pacific urges lawmakers to consider jobs, science-based policy, fair and equitable treatment

  Cooke Aquaculture Pacific urges lawmakers to consider jobs, science-based policy, fair and equitable treatment; Will seek NAFTA arbitration if ban on Atlantic salmon farming is approved

AstroTurf/Lobbying/Politics

• Trump campaign gamed Facebook ads even better than we thought

  So how much did the Clinton campaign pay? Here it gets a bit tricky. Last fall, a member of the Clinton campaign team told me that their CPMs averaged $10 to $30, which they described as typical for a targeted Facebook campaign. But that figure represented the cost only of paid impressions. As described above, ads that perform well can reach larger audiences as they receive likes, comments, and shares — so-called “organic reach.” That lowers the overall cost of the ad.

  When Parscale says “we had CPMs that were pennies in some cases,” he almost certainly took organic reach into account. (It’s very hard to place an ad for anything on Facebook for literal pennies.) Unfortunately, the person I spoke with at the Clinton campaign no longer had access to organic reach data. Still, they said, it was unlikely that organic reach would have lowered a $10 paid CPM to a $1 organic one, as my Facebook source had suggested.

• FCC Republican faces ethics complaint after calling for Trump’s re-election

  Also on Friday, FCC Commissioner Michael O’Rielly called for the re-election of President Donald Trump during his appearance at CPAC. Advocacy group American Oversight called for an investigation of O’Rielly, saying that he violated a rule against “engaging in partisan political activity while on duty.”

• Bots, Assange, an alliance: Has Russian propaganda infiltrated the Philippines?

  Top Spanish newspaper El Pais reported that all 3 Twitter accounts shared news articles in support of Catalan independence. All 3 tweeted 24 hours a day. All 3 tweeted the exact same articles at the exact same times.

  The 3 accounts were “part of an online army of robot profiles, who, armed with gasoline canisters brimming with fake news, stalk social media and fan the flames of debate as ordered by their generals,” said Spain’s widest read newspaper and second most read online news site.

  “At the beginning of October, this army went to work on the issue of Catalan independence. Evidence shows a total of 87% of the 65 accounts who most shared RT and Sputnik content were automated,” El Pais said.

  “Those accounts helped ensure that Russian news outlets were the fourth most influential in the digital conversation about Catalonia.”

• China Proposes Lifting Presidential Term Limit

  China’s ruling Communist Party has proposed scrapping constitutional term limits for the country’s president, which would give President Xi Jinping the option to stay on after the end of his second term in 2022. Critics see the move as reversing decades of efforts to create rules in China for the orderly exercise and transfer of political power.

  The official New China News Agency reported Sunday that the party’s 205-member Central Committee proposed that the term limits be removed from the constitution. The changes must be ratified by China’s parliament at its annual session next month, but that parliament, known as the National People’s Congress, has never rejected a law that the party or government has put before it.

• China moves to silence outcry over abolition of Xi’s term limit

• China censorship after Xi Jinping presidency extension proposal

  China’s governing Communist Party has proposed removing a clause in the constitution which limits presidencies to two five-year terms – which means President Xi Jinping could remain as leader after the end of his second term in 2023.

  The controversial move has ignited discussion on Chinese social media and pushed online government censors into overdrive.

• Xi Jinping’s power grab ‘does hark back to darker times in China,’ says expert

  Critics shared Winnie the Pooh images, including one that showed the cartoon bear hugging a pot of honey and featured the caption, “Find the thing you love and never let go.” Pooh Bear is often used to represent Xi, though censors cracked down on that last year.

• California Democratic Party declines to endorse Dianne Feinstein for re-election

  In a surprising show of discontent with one of California’s most enduring political leaders, the state Democratic Party declined to make an endorsement in this year’s U.S. Senate race on Sunday, snubbing Sen. Dianne Feinstein in her bid for a fifth full term.

  Her main challenger, State Senate leader Kevin de León, won the support of 54 percent of delegates at the state party convention here this weekend, short of the 60 percent needed to secure the party’s endorsement. Feinstein received only 37 percent of the votes.

  The rebuke of Feinstein by the party delegates comes even though the 25-year incumbent has led polls by wide margins and received the backing of political luminaries like Sen. Kamala Harris and House Minority Leader Nancy Pelosi.

• Surveillance-happy authoritarian “Democratic” California senator Dianne Feinstein loses California Democratic Party endorsement

  Dianne Feinstein has represented California in the US senate for 28 years, garnering the California Democratic Party endorsement every year despite her far-right positions on mass surveillance, military adventurism, and authoritarian rule (she’s trumpeted these policies as evidence of her “independence”).

  After a quarter-century of legislative malpractice, California Democrats have had enough. Yesterday, the California Democratic Party denied her their endorsement. The candidate favored by the state party is State Senator Kevin De León, a moderate left-wing Democrat who backed Hillary Clinton in the 2016 election but says he admires Bernie Sanders’ campaign and platform.

• The Democratic party is now publicly attacking progressive candidates

  In their desperation to win back the House in the 2018 midterm elections, the Democrats have turned to eating their own. How else to make sense of the unhappy drama unfolding in Texas’ 7th congressional district?

  The district, which includes much of affluent west Houston, has a Republican incumbent named John Culberson, but was carried by Hillary Clinton in 2016. Culberson, a gun-loving, climate change-denying champion of Donald Trump, is a dreary exemplar of the kind of reactionary outlier who now passes as a mainstream Republican politician. And so the effort to unseat him has attracted a crowded field of seven Democrats, all vying to win the 6 March primary.

• Who Benefits from Russia’s ‘Peculiar’ Doping Violations?

  Viewers of the 2018 Winter Olympics were offered a constant reminder of Russia’s supposed deviousness with the “OAR” – or Olympic Athlete from Russia – designation that Russian athletes competed under as a punishment for doping. The image of Russia being penalized for cheating fit in neatly with ongoing geopolitical narratives of Russia being blamed for election meddling in the United States and military aggression in Ukraine.

• How the Anti-Democracy Movement Used Media to Command the Narrative

  As far back as 1835, perhaps our nation’s earliest and most astute observer, Alexis de Tocqueville, understood the power of the media. He described the press as “the chief democratic instrument of freedom.” But today our “instrument of freedom” seems to mean the freedom to enrich oneself privately, whatever it takes. How did we get to this sad state?

  In 1969, the US Supreme Court unanimously upheld the public-good understanding of the press, stating, “The First Amendment is relevant to public broadcasting, but it is the right of the viewing and listening public, and not the right of the broadcasters, which is paramount.” In the 1960s, for example, media broadcasting gas-guzzling car advertisements had to pay for rebuttal airtime by public interest groups. But soon dramatic changes undermined this frame, as market ideology tightened its grip during the 1980s. “Television is just another appliance—it’s a toaster with pictures,” quipped Mark Fowler, the chair of the Federal Communications Commission (FCC) during Ronald Reagan’s presidency, as he mocked the very notion of media as a public good.

• Chinese censors move to block ridicule of ‘Emperor’ Xi Jinping’s power grab

  Beijing’s vast army of online censors have been mobilised to stamp out the ridicule and criticism to the announcement that President Xi Jinping could rule for life.

  China proposed to remove a two-term limit from its president on Sunday, in a move which would see the current Chinese leader rule beyond 2023 and perhaps indefinitely.

• End to term limits at the top may be start of global backlash for China, analysts say

  The proposed elimination of presidential term limits in China risks an international backlash over China’s strongman politics, but would help ensure the continuity of the country’s policies, diplomatic observers said.

  The bold move would send a message that Xi and his initiatives were here to stay and cement China’s ambition to fill the global leadership vacuum left by US President Donald Trump, they said.

Censorship/Free Speech

• YouTube conspiracy video problem ‘bigger than thought’

  The problem of conspiracy videos on YouTube appears to be growing, with a data journalist unearthing nearly 9000 such clips after a search using the video platform’s API.

• CJ Gopal Parajuli orders media censorship

  Chief Justice Gopal Parajuli on Sunday issued an interim order directing the Press Council to probe news reports published by Kantipur daily that highlighted discrepancies in his birth date mentioned by him in official documents.

• China Proposes Lifting Presidential Term Limit

• China’s move to abolish presidential term limits is more unpopular than the government thought — so it’s turning to censorship

  Criticism of the Chinese government’s desire to abolish presidential term limits has seen censorship soar since Sunday.

  China’s constitution restricts the president and vice-president to serving a maximum of two terms – 10 years – with President Xi Jinping’s leadership due to end in 2023.

  While censoring social media is a regular occurrence in China, the latest incident may mean the Communist Party’s proposal to scrap presidential term limits, and essentially allow President Xi Jinping to rule indefinitely, was more unpopular than anticipated.

• Curbing hate speech isn’t censorship – it’s the law

  IT IS hard to hear the phrase “political correctness” these days without reflexively appending the words “gone mad”. Thanks to self-appointed guardians of liberty, the inoffensive idea that people should try to avoid insulting language has been turned into a battleground over free speech.

  This might sound like a silly spat straight out of the pages of the tabloid press, but people who care about science ought to be paying attention. Free speech is a vital ingredient of enlightened scholarship and education.

• Mistakes And Strategic Failures: The Killing Of The Open Internet

  Sometime tomorrow, it’s widely expected that the House will approve a terrible Frankenstein bill that merges two separate bills we’ve spoken about, FOSTA and SESTA. The bills are bad. They will not actually do what the passionate and vocal supporters of those bills claim they will do — which is take on the problem of sex trafficking. Neither bill actually targets sex traffickers (which, you know, one would think would be a prime consideration in pushing a bill that you claim will take on sex trafficking). Instead, they seek to hold third parties (websites) responsible if people involved in sex trafficking use them. This has all sorts of problems that we’ve been discussing for months, so I won’t reiterate all of them here, but suffice it to say if these bills were really about stopping sex trafficking, they sure do a horrible job of it. If you want to try to stop these bills, check out EFF’s action page and please call your Congressional Rep., and let them know they’re about to do a really bad thing. If you want more in-depth information, CDT has you covered as well. Finally, Professor Eric Goldman details piece by piece what this Frankenstein bill does and how bolting SESTA and FOSTA together make two bad bills… even worse, and even less clear as to what it actually does.

• Letter: Board opening Pandora’s box for censorship

  Censorship of books is never good. Particularly when that book has been carefully chosen and is highly recommended by respected library sources.

• Section 230 Isn’t About Facebook, It’s About You

  Longtime Techdirt readers know how important Section 230 is for the Internet to work, as well as many of the reasons why the proposed SESTA bill threatens the operation of the law, and with it the operation of the Internet. But especially for people less familiar with the ins and outs of Section 230, as the law hangs in the balance, we want to take moment to explain why it’s something that everyone should want to preserve.

  These days a lot of people are upset with Facebook, along with many other of its fellow big Internet companies. Being upset with these companies can make it tempting to try to punish them with regulation that might hurt them. But it does no good to punish them with regulation that will end up hurting everyone – including you.

• Judge Tells Coal Boss Bob Murray The Judicial Equivalent Of ‘Eat Shit, Bob’

  Remember Bob Murray? He’s the Ohio-based coal mining CEO who threatened and then sued John Oliver and HBO over this fun episode of Oliver’s show, Last Week Tonight, which discussed the ridiculousness of our President’s focus on “coal jobs.” However, it also spent a fair bit of time talking about Bob Murray, Murray Energy, and how his actions did not appear to support actual coal miners. A prominent part of the story features the phrase (originally written by a coal miner at Murray Energy as part of the process to void a bonus check) “Eat Shit, Bob.”

• Why muzzling social media is no answer

  The Russian government clearly sought to influence the 2016 election. This should not incite a rush to censor dissonant opinions on websites and social media, but that could easily happen in the good intentions to safeguard democracy from truly false and subversive content.

  Like the printing press, broadcast radio and television and cable television, the internet and social media revolutionized communications by making mass distribution of news and analysis more broadly accessible. That has widened public dialogue on everything from parking regulations to who should be president — it’s too good to lose even if it’s sometimes as annoying and discomforting as persistent demonstrations on the Washington Mall.

Privacy/Surveillance

• Case against alleged hoarder of NSA documents gets tougher for federal prosecutors

• UK Metro Police Sued Over Phone Malware Purchase

  Last spring, a hacker who had illicitly obtained data from malware/spyware company FlexiSpy shared some of it with Motherboard. In the trove of customer data, it was discovered that one purchase was linked to an officer in the UK Metro Police.

  FlexiSpy is powerful malware, capable of gathering communications from multiple messaging services, as well as providing GPS location, emails, and phone call records. The purchase of this malware is questionable, considering it’s regulated under the UK’s Computer Misuse Act. The most obvious limitation of the malware is the fact that it requires physical access to targeted devices. But phones, tablets, and computers are seized all the time by law enforcement officers, and they’re sometimes returned to their owners after being searched. Malware like this would allow officers to hitch a virtual ride on someone’s phone or laptop, seeing everything they see.

• Analog Equivalent Privacy Rights (18/21): Our analog parents had private conversations, both in public and at home

  Our parents, at least in the Western world, had a right to hold private conversations face-to-face, whether out in public or in the sanctity of their home. This is all but gone for our digital children.

• The Problems With FISA, Secrecy, and Automatically Classified Information

  We need to talk about national security secrecy. Right now, there are two memos on everyone’s mind, each with its own version of reality. But the memos are just one piece. How the memos came to be—and why they continue to roil the waters in Congress—is more important.

  On January 19, staff for Representative Devin Nunes (R-CA) wrote a classified memo alleging that the FBI and DOJ committed surveillance abuses in its applications for and renewal of a surveillance order against former Trump administration advisor Carter Page. Allegedly, the FBI and DOJ’s surveillance application included biased, politically-funded information.

• Rancher Sues CBP After Officers Install A Camera On His Private Property

  The CBP’s habit of moving further and further inland in their search for deportees, drugs, and water to dump on the ground isn’t making it any new friends. Residents of small towns near the border are getting very sick of having to assert their citizenship multiple times a day thanks to Checkpoint Charlie camping out on every road out of town.

  The federal government doesn’t care. No sacrifice is too great to demand from citizens to keep this country safe from job seekers, victims of violence, and the occasional MS-13 gang member. Rights are optional within 100 miles of US borders and they’re completely nonexistent within 25 miles of crossing points. It’s this 25-mile cutoff that’s key to federal lawsuit arising from trespassing CBP officers and the spy cam they placed on the property of a local who’s spent years complaining about the CBP’s incursions.

  Cyrus Farivar covers the story of Texas rancher Ricardo Palacios at Ars Technica. And it’s a good one. Palacios discovered a camera on his property and took it down. Shortly thereafter, the CBP and the Texas Rangers rang him up, demanding the return of their surveillance camera. Palacios refused and was threatened with criminal charges.

• Cakewalk for French tech-wiz, Aadhaar and Telangana portal easy hack

  A French security researcher on Monday breached the Telangana government benefit disbursement portal ‘TSPost’ and lay bare its vulnerabilities. The portal has account details including Aadhaar numbers of 56 lakh beneficiaries of NREGA (National Rural Employment Guarantee scheme) and 40 lakh beneficiaries of social security pensions (SSP).

• In re Silver – Texas Supreme Court Follows CAFC Lead and Recognizes Limited Patent-Agent Privilege

  I’ve written about Queen’s University, the CAFC case that recognized a privilege over patent agent communications, and the dissent by Judge Reyna who (properly) recognized that if its scope is limited to what agents are authorized to do, patent agents may need lawyers to advise them about the scope of the privilege.

• Surveillance watchdog investigates security risks of GCHQ IT contractors

  The investigatory powers commissioner is reviewing the security arrangements for IT contractors that have access to live computer systems at GCHQ holding highly sensitive records on the UK population

• MIT’s ‘Veil’ Fixes Holes In Private Browsing Modes To Boost Anonymity

  Web browsers’ private browsing mode is the first resolution taken by most users to protect their privacy online. But subconsciously they’re aware that the private mode or incognito mode is doing nothing but deleting the browsing activity from their computer. According to past studies, it’s possible to track people’s browsing habits even when privacy mode is enabled.

• The Dropbox IPO filing is here

  The company is not yet profitable, having lost nearly $112 million last year. This shows significantly improved margins when compared to losses of $210 million for 2016 and $326 million for 2015.

• Dropbox files to go public with over $1.1 billion in annual revenue

  Here’s what the filing said:

  • Revenue: $1.11 billion in 2017, up 31 percent from the prior year
  • Net loss: $111.7 million in 2017, narrower than 2016′s loss of $210.2 million
  • Average revenue per paid user: $111.91, up from 2016 but down from 2015
  • 500 million registered users, 100 million signed up since the beginning of 2017
  • More than 11 million paying users
  • Gross margin: 67 percent

  Dropbox will list on the Nasdaq under the ticker “DBX.” Dropbox’s plans to go public were unsealed by the SEC on Friday, after previously filing the documents confidentially.

• Dropbox saved almost $75 million over two years by building its own tech infrastructure

  After making the decision to roll its own infrastructure and reduce its dependence on Amazon Web Services, Dropbox reduced its operating costs by $74.6 million over the next two years, the company said in its S-1 statement Friday.

• Dropbox Gears Up for IPO

  Dropbox has filed an S-1 form with the U.S. Securities and Exchange Commission (SEC) regarding its initial public offering (IPO). The company did not mention any pricing details in the filing, but it values the entire offering up to $500 million. The company intends to list its shares on the Nasdaq under the symbol DBX.

  The underwriters for the offering are Goldman Sachs, JPMorgan, Deutsche Bank, Allen, Merrill Lynch, RBC Capital Markets, Jefferies, Macquarie Capital, Canaccord Genuity, JMP Securities, KeyBanc and Piper Jaffray.

• Military, FBI, and ICE Are Customers of Controversial ‘Stalkerware’

  Dozens of employees from US federal law enforcement agencies and the armed forces have bought smartphone malware that can, in some cases, intercept Facebook messages, track GPS locations, and remotely activate a device’s microphone, according to a large cache of data stolen by a hacker [sic] and obtained by Motherboard.

Civil Rights/Policing

• ‘Would you burn the Mona Lisa if it was sent?’: Our horror bureaucratic bungle

  It’s a bungle that has floored botanists around the globe and embarrassed the Australian government. How did 105 priceless and irreplaceable historical plant specimens, sent here by the French, end up being destroyed by biosecurity officers?

• Texas police shoot man who disarmed possible church shooter

  Police in Amarillo shot an innocent man who helped foil a possible church shooting.

  The shooting happened shortly after 9 a.m. Feb. 14 at the Faith City Mission, a faith-based outreach organization. Police said Joshua Len Jones, 35, of Amarillo, barged into a church building at Faith City Mission, pulled out a gun and was holding about 100 congregants and church staff hostage.

  In the time between when police were dispatched and when officers arrived, a handful of churchgoers wrestled Jones to the ground. One of the congregants was able to grab Jones’ gun.

• A Mother and Child Fled the Congo, Only to Be Forcibly Separated by the US Government

  The mother hasn’t seen her 7-year-old daughter in nearly four months, and the government won’t explain why.

  On Nov. 1, 2017, Ms. L. and her 7-year-old daughter, S.S., arrived at a United States port of entry near San Diego and presented themselves to border agents. Ms. L. had fled with her child from their home in the Democratic Republic of Congo, where Ms. L. left in fear for her life. Now, the pair was finally in the United States, seeking asylum in a country where they thought they would be safe.

  Approximately four days later, Ms. L.’s young daughter was taken from her without any explanation or justification. When the officers separated them, Ms. L. could hear her daughter in the next room screaming that she did not want to be taken away from her mother. No one explained why her daughter was being taken away, where she was being taken, or when she would see her child again. More than 3 1/2 months later, Ms. L. remains at a detention center in the San Diego area, while her daughter is detained in Chicago, halfway across the country, without her mother or anyone else she knows.

• 20,000 Protest Israeli Plan to Push Out African Migrants

  In other news from Israel, up to 20,000 people rallied in Tel Aviv Saturday to protest Israel’s plans to push out as many as 40,000 African migrants in the coming months. Israel is threatening to jail the migrants if they do not leave Israel. Protesters on Saturday condemned the Israeli government for shutting the door on refugees.

• How Grassroots Activists in Georgia Are Leading the Opposition Against a Dangerous “Computer Crime” Bill

  A misguided bill in Georgia (S.B. 315) threatens to criminalize independent computer security research and punish ordinary technology users who violate fine-print terms of service clauses. S.B. 315 is currently making its way through the state’s legislature amid uproar and resistance that its sponsors might not have fully anticipated. At the center of this opposition is a group of concerned citizen-advocates who, through their volunteer advocacy, have drawn national attention to the industry-wide implications of this bill.

  Scott M. Jones and David Merrill from Electronic Frontiers Georgia—a group that participates in the Electronic Frontier Alliance network —spoke to us about their efforts to inform legislators and the public of the harms this bill would cause.

• A Supreme Court Rebuke to the Trump Administration on DACA

  In a sharp rebuke to the Trump administration, the Supreme Court today refused to hear the government’s challenge to a lower court’s decision ordering the government to keep in place the Deferred Action for Childhood Arrivals program (DACA). Since the administration announced last fall that it was ending the program on March 5, many DACA recipients have already lost their residence and work permits.

  While the court’s decision is good news, it doesn’t end the uncertainty, confusion, and fear of deportation for the hundreds of thousands of undocumented young people who came to the U.S. as children.

• Childhood Is Now A Punishable Offense

  Who here hasn’t inhaled helium from a balloon and talked in a cartoon voice?

• Kansas Legislature Introduces Two Bills Mandating Speedy Release Of Police Body Cam Footage

  Two new bills have been introduced in the Kansas state legislature with the intent of forcing law enforcement agencies to turn over body camera footage in a timely manner. They appear to have been prompted by the family of a man shot and killed by police officers late last year. It took police 11 weeks to turn over footage of the incident. Even then, it wasn’t as though the footage was given to the executor of Dominique White’s estate. Instead, White’s father was “granted access” to the the body cam footage, which means he was able to watch the video on police equipment at a police station by himself with no other surviving family members.

  This is the state of Kansas’ current laws regarding body camera footage. Very few people are given access to footage and, with rare exceptions, the footage remains completely in the hands of law enforcement. The only people granted access to footage at this point in time are subjects of recordings, parents of minors who are subjects of recordings, attorneys for a recording subject, or a person’s heir.

• Bias already exists in search engine results, and it’s only going to get worse

  The internet might seem like a level playing field, but it isn’t. Safiya Umoja Noble came face to face with that fact one day when she used Google’s search engine to look for subjects her nieces might find interesting. She entered the term “black girls” and came back with pages dominated by pornography.

  Noble was horrified but not surprised. The UCLA communications professor has been arguing for years that the values of the web reflect its builders—mostly white, Western men—and do not represent minorities and women. Her latest book, Algorithms of Oppression, details research she started after that fateful Google search, and it explores the hidden structures that shape how we get information through the internet.

Internet Policy/Net Neutrality

• Twitch community, YouTube creators join protest to save net neutrality

  Dozens of websites and internet agencies are banding together to protest the FCC’s decision to kill net neutrality.

  Internet advocacy group Fight for the Future has organized Operation: #OneMoreVote, which will take place on Feb. 27. The campaign will enlist the help of communities like Twitch’s and companies like Reddit alongside organizations like YouTuber Hank Green’s Internet Creators Guild, to raise awareness about the appeal process. Only one more vote in the Senate is needed to take the case to the House of Representatives, where cosponsors can vote to block the repeal of net neutrality. If unsuccessful, net neutrality will be repealed in April.

• Charter Spectrum Fails To Wiggle Out From Under State Lawsuit For Crappy Service

  But the lawsuit also exposed how Charter was gaming an FCC program that uses routers with custom firmware to track real-world ISP performance. The lawsuit also hints at the fact that Charter executives toyed with intentionally creating congestion at peering points in order to extract additional money out of content and transit companies, something you’ll recall was at the heart of an industry battle with Netflix a few years ago. Those problems miraculously disappeared with the passage of net neutrality rules that governed interconnection (read: expect this problem to resurface with the elimination of the rules).

• AMP: the missing controversy

  One of the main implications of publishing an AMP page is that the page will be served from the Google domain. Or whoever is serving the AMP cache, yet mostly that will be Google.

  This means less direct traffic on your origin, and more time spent at Google. Less traffic on your origin could mean less monetization opportunities. In general, it means less control of anything. You’re subject to whatever the AMP standard allows or disallows.

Intellectual Monopolies

• Exclusive interview with Johanne Bélisle, Chief Executive Officer of the Canadian Intellectual Property Office

  With respect to “brand Canada” from CIPO’s perspective, we strive to be known as a modern, internationally-leading IP office, one that provides high-quality and timely rights and that serves its clients well. We are a trusted source of IP information and knowledge for Canadian businesses and innovators. And we work in partnership with others, including our international partners in the IP ecosystem, to help make Canada a global centre of innovation. Canada is already an attractive place for business, trade and innovation to flourish, and we continue to make it more attractive all the time.

• Trademarks

  • GUCCI as a well-known mark, with special attention to evidence, surveys, and unfair advantage

    Disputes involving luxury brands and the issue of well-known marks seem ubiquitous. Most often, two questions are asked: Is the mark at issue “well-known” and, if so, has there been dilution or an unfair advantage taken of the distinctive character of the well-known mark? A particularly interesting instance occurred recently before the Intellectual Property Office of Singapore involving the “GUCCI” mark, with particular attention to whether survey evidence was necessary and the need to prove that dilution or unfair advantage had occurred.

• Copyrights

  • When a Pro-Copyright Rant Goes Wrong….

    It is no secret that copyright issues can trigger heated debates. On the one hand there are those who caution against stricter regulation, fearing that Internet freedom is at stake, while others argue that artists need more protection. Ironically, one of the most vocal pro-copyright activists lost sight of his core mission recently.

  • Most Users of Exclusive Torrent Site Also Pay For Services Like Netflix or Prime

    A survey carried out on HDBits, one of the world’s most exclusive private torrent sites, has revealed that even the most hardcore of pirates are happy to pay for content. The poll, carried out among more than 5,300 respondents, found that not only do 57% pay for streaming accounts on services like Netflix, Hulu or Amazon Prime, but 26% use those platforms more than they use torrent sites.

  • BMG Wants Appeals Court to Rehear Cox Piracy Liability Case

    Music publisher BMG has petitioned the Court of Appeals for a rehearing of the piracy liability case against Internet provider Cox. The panel of judges reached the wrong conclusion when it overturned the $25 million verdict and issued a new trial, the company says. The RIAA and the National Music Publishers Association back the request.

  • Pirate Site Operators’ Jail Sentences Overturned By Court of Appeal

    Four men sentenced last year for their part in running several pirate sites have been told they will no longer have to spend time behind bars. After being ordered to spend up to ten months in prison, the court of appeal has now decided that for their activities on Dreamfilm, TFplay, Tankafetast and PirateHub, the men should walk free but pay increased damages to the entertainment industries.

  • ESA Comes Out Against Allowing Museums To Curate Online Video Games For Posterity

    A week or so back, we discussed the Museum of Art and Digital Entertainment (MADE) calling on the Copyright Office to extend exemptions to anti-circumvention in the DMCA to organizations looking to curate and preserve online games. Any reading of stories covering this idea needs to be grounded in the understanding that the Librarian of Congress has already extended these same exemptions to video games that are not online multiplayer games. Games of this sort are art, after all, and exemptions to the anti-circumvention laws allow museums, libraries, and others to preserve and display older games that may not natively run on current technology, or those that have been largely lost in terms of physical product. MADE’s argument is that online multiplayer games are every bit the art that these single-player games are and deserve preservation as well.

  • Does embedding copyrighted content constitute infringement? NY judge says yes

    In a summary judgement delivered on February 15, Judge Katherine Forrest of the Southern District of New York ruled that embedding a tweet containing a copyrighted image on a website amounts to direct infringement.