Contents

• GNU/Linux
  • Distributions
  • Devices/Embedded
• Free Software/Open Source
• Leftovers

GNU/Linux

• Desktop

  • Changes [Pop!_OS]

    For the last 12 years, my main development machine has been a Mac. As of last week, it’s a Dell XPS 13 running Pop!_OS 18.04.

    [...]

    Take note: this is the first operating system I’ve used that is simpler, more elegant, and does certain things better than macOS.

  • System76 Opens Manufacturing Facility to Build Linux Laptops

    As it turns out, System76 is making the transition from a Linux-based computer seller, into a complete Linux-based computer manufacturer. The Twitter photos are from their new manufacturing facility. This means that System76 will no longer be slapping their logo on other company’s laptops and shipping them out, but making their own in-house laptops for consumers.

  • Extension adding Windows Timeline support to third-party browsers should have raised more privacy questions

    Windows Timeline is a unified activity history explorer that received a prominent placement next to the Start menu button in Windows 10 earlier this year. You can see all your activities including your web browser history and app activity across all your Windows devices in one place; and pickup and resume activities you were doing on other devices. This is a useful and cool feature, but it’s also a privacy nightmare.

    You may have read about a cool new browser extension that adds your web browsing history from third-party web browsers — including Firefox, Google Chrome, Vivaldi, and others — to Windows Timeline. The extension attracted some media attention from outlets like MSPoweruser, Neowin, The Verge, and Windows Central.

  • How to add Linux to your Chromebook

    It’s long been possible to run Linux on a Chromebook. That’s no surprise. After all, Chrome OS is a Linux variant. But, doing it by using either Crouton in a chroot container or Gallium OS, a Xubuntu Chromebook-specific Linux variant, wasn’t easy. Then, Google announced it was bringing a completely integrated Linux desktop to the Chromebook.

    Today, with a properly-equipped Chromebook and the bravery to run canary code, you can run Debian Linux on your Chromebook. Here’s how to do it.

    This new Chromebook Linux feature is Crostini, the umbrella technology for getting Linux running with Chrome OS. Crostini gets enough Linux running to run KVM, Linux’s built-in virtual machine (VM). On top of this, Crostini starts and runs LXC containers. You won’t see it, unless you look closely, but it’s in those containers that your Debian Linux instances are running.

  • Ditching Windows: 2 Weeks With Ubuntu Linux On The Dell XPS 13 [Ed: sadly it's behind a malicious spywall]

• Server

  • Linux File Server Guide

    Linux file servers play an essential role. The ability to share files is a basic expectation with any modern operating system in the workplace. When using one of the popular Linux distributions, you have a few different file sharing options to choose from. Some of them are simple but not that secure. Others are highly secure, yet require some know-how to set up initially.

    Once set up on a dedicated machine, you can utilize these file sharing technologies on a dedicated file server. This article will address these technologies and provide some guidance on choosing one option over another.

  • What Serverless Architecture Actually Means, and Where Servers Enter the Picture

  • What are ‘mature’ stateful applications?

    BlueK8s is a new open source Kubernetes initiative from ‘big data workloads’ company BlueData — the project’s direction leads us to learn a little about which direction containerised cloud-centric applications are growing.

    Kubernetes is a portable and extensible open source platform for managing containerised workloads and services (essentially it is a container ‘orchestration’ system) that facilitates both declarative configuration and automation.

    The first open project in the BlueK8s initiative is Kubernetes Director (aka KubeDirector), for deploying and managing distributed ‘stateful applications’ with Kubernetes.

• Kernel Space

  • Greg Kroah-Hartman on Linux, Security, and Making Connections at Open Source Summit

    People might not think about the Linux kernel all that much when talking about containers, serverless, and other hot technologies, but none of them would be possible without Linux as a solid base to build on, says Greg Kroah-Hartman. He should know. Kroah-Hartman maintains the stable branch of the Linux kernel along with several subsystems. He is also co-author of the Linux Kernel Development Report, a Fellow at The Linux Foundation, and he serves on the program committee for Open Source Summit.

    In this article, we talk with Kroah-Hartman about his long involvement with Linux, the importance of community interaction, and the upcoming Open Source Summit.

  • Linux 4.17.8

    I’m announcing the release of the 4.17.8 kernel.

    This is to fix the i386 issue that was in the 4.17.7 release. All should be fine now.

  • PTI Support To Address Meltdown Nearing The Finish Line For x86 32-bit Linux

    While Page Table Isolation (PTI/KPTI) has been available since the Meltdown CPU vulnerability was disclosed at the start of the year, that’s been for x86_64 Linux while the x86 32-bit support has remained a work-in-progress and only relatively recently has come together.

    Joerg Roedel sent out the eighth version of the x86-32 PTI patches today, which address feedback following a good round of review. This latest page table isolation work for x86 32-bit address more developer feedback and tidies up some of the code.

  • Linux To Better Protect Entropy Sent In From User-Space

    Fedora has begun utilizing a user-space jitter entropy daemon for feeding entropy to the kernel at boot time in case not enough is available for the kernel’s random needs. But with that approach not being from a true hardware random number generator, a patch worked out by veteran Linux kernel developer Ted Ts’o will mix in RdRand entropy.

    Fedora has resorted to a user-space jitter entropy daemon to workaround slow boot times on a sub-set of systems/VMs when using recent kernels. A change was made to the kernel earlier this year for addressing CVE-2018-1108, which is about a weakness in the kernel’s random seed data whereby early processes in the boot sequence could not have random enough data. But the fix dramatically slows down systems booting by waiting until sufficient entropy is available. This is problematic particularly for VMs where virtio-rng is not present. For some users, they can’t get the system(s) booted on affected kernels unless tapping on keyboard keys enough times for generating sufficient entropy.

  • Linux 4.19 To Feature Support For HDMI CEC With DP/USB-C To HDMI Adapters

    Adding to the big batch of feature additions and improvements queuing in DRM-Next for the upcoming Linux 4.19 kernel merge window is another round of drm-misc-next improvements.

    While the drm-misc-next material consists of the random DRM core and small driver changes not big enough to otherwise warrant their own individual pull requests to DRM-Next, for Linux 4.19 this “misc” material has been fairly exciting. Last week’s drm-misc-next pull request introduced the Virtual KMS (VKMS) driver that offers exciting potential. With this week’s drm-misc-next pull are further improvements to the VKMS code for frame-buffer and plane helpers, among other additions.

  • Nouveau Changes Queue Ahead Of Linux 4.19

    Linux 4.19 is going to be another exciting kernel on the Direct Rendering Manager (DRM) front with a lot of good stuff included while hours ago we finally got a look at what’s in store for the open-source NVIDIA “Nouveau” driver.

    Nouveau DRM maintainer Ben Skeggs of Red Hat has updated the Nouveau DRM tree of the latest batch of patches ahead of sending in the pull request to DRM-Next. As has been the trend in recent times, the Nouveau DRM work mostly boils down to bug/regression fixes.

  • IR decoding with BPF

    In the 4.18 kernel, a new feature was merged to allow infrared (IR) decoding to be done using BPF. Infrared remotes use many different encodings; if a decoder were to be written for each, we would end up with hundreds of decoders in the kernel. So, currently, the kernel only supports the most widely used protocols. Alternatively, the lirc daemon can be run to decode IR. Decoding IR can usually be expressed in a few lines of code, so a more lightweight solution without many kernel-to-userspace context switches would be preferable. This article will explain how IR messages are encoded, the structure of a BPF program, and how a BPF program can maintain state between invocations. It concludes with a look at the steps that are taken to end up with a button event, such as a volume-up key event.

    Infrared remote controls emit IR light using a simple LED. The LED is turned on and off for shorter or longer periods, which is interpreted somewhat akin to morse code. When infrared light has been detected for a period, the result is called a “pulse”. The time between pulses when no infrared light is detected is called a “space”.

  • The block I/O latency controller

    Large data centers routinely use control groups to balance the use of the available computing resources among competing users. Block I/O bandwidth can be one of the most important resources for certain types of workloads, but the kernel’s I/O controller is not a complete solution to the problem. The upcoming block I/O latency controller looks set to fill that gap in the near future, at least for some classes of users.

    Modern block devices are fast, especially when solid-state storage devices are in use. But some workloads can be even faster when it comes to the generation of block I/O requests. If a device fails to keep up, the length of the request queue(s) will increase, as will the time it takes for any specific request to complete. The slowdown is unwelcome in almost any setting, but the corresponding increase in latency can be especially problematic for latency-sensitive workloads.

• Applications

  • Latte Dock 0.8 Released with Widget Separators, Setup Sharing, More

    A new version of Latte Dock, an icon-based task bar for the KDE desktop, is available to download.

    Latte Dock 0.8 is the first stable release of the app switching software in almost a year and is the third stable release overall.

  • 3 Emacs modes for taking notes

    No matter what line of work you’re in, it’s inevitable you have to take a few notes. Often, more than a few. If you’re like many people in this day and age, you take your notes digitally.

    Open source enthusiasts have a variety of options for jotting down their ideas, thoughts, and research in electronic format. You might use a web-based tool. You might go for a desktop application. Or, you might turn to the command line.

    If you use Emacs, that wonderful operating system disguised as a text editor, there are modes that can help you take notes more efficiently. Let’s look at three of them.

  • Ick version 0.53 released: CI engine

    I have just made a new release of ick, my CI system. The new version number is 0.53, and a summary of the changes is below. The source code is pushed to my git server (git.liw.fi), and Debian packages to my APT repository (code.liw.fi/debian). See https://ick.liw.fi/download/ for instructions.

  • Best Tools to Access Remote Linux Desktop

    Nowadays, you can’t carry your system or laptop everywhere. So to make the things more manageable, there is a service of remote access that gives you full access to your system from anywhere. It is made possible by the Microsoft that developed a remote desktop protocol (RDP), which offers a graphical interface to connect to a remote system over a network connection.

  • Winds – Machine Learning Powered RSS and Podcast App

    There are numerous RSS reader apps available in Linux universe, some of them are best and some of them are your native Linux apps. Not all of them are having ability to support podcast though.

    Winds is very beautiful RSS and podcast app based on stream API and it comes with him nice user interface and loaded with features.

  • Proprietary

    • REAPER 5.93 Brings New Linux-Native Builds

      Since 2016 we have been looking forward to the REAPER digital audio workstation software for Linux while with this week’s v5.93 release, the experimental Linux-native builds are now officially available.

    • Digital Audio Workstation REAPER Adds Experimental Native Linux Builds

      REAPER, a popular music production tool, added experimental native Linux builds to its download page with the latest 5.93 release.

      Initially released in 2005, REAPER (Rapid Environment for Audio Production, Engineering, and Recording) is a powerful digital audio workstation (DAW) and MIDI sequencer, available for Windows, macOS and Linux. Cockos, the company that develops REAPER, was founded by Justin Frankel of Winamp and Gnutella peer-to-peer network fame.

      The application uses a proprietary license and you can evaluate it for free for 60 days without having to provide any personal details or register. After the free trial ends, you can continue to use it but a nag screen will show up for a few seconds when the application starts. A license costs $225 for commercial use, or $60 for a discounted license (details here).

    • REAPER V5.93 DAW introduces Linux-Native Builds

      The popular digital audio workstation REAPER was just recently updated to version 5.93, which introduces Linux-Native builds. This is huge news for Linux users who usually do their audio recordings on Windows or Mac machines, as REAPER is one of the most popular DAWs available (Appuals has a handful of how to guides for REAPER, in fact).

    • Reaper audio editing software gets a native Linux installer

      Reaper is a powerful, versatile digital audio workstation for editing music, podcasts, or other audio projects. I’ve used it to edit and mix every single episode of the LPX podcast and Loving Project podcast.

      The software is also cross-platform. There 32-bit and 64-bit builds available for Windows and macOS, and there’s been an experimental Linux version for a few years.

    • Common Vision Blox 2018 with Enhanced 3D and Linux Functionality

      CVB Image Manager is the core component of Common Vision Blox and offers unrivalled functionality in image acquisition, image handling, image display and image processing. It is also included with the free CameraSuite SDK licence which is supplied with all GigE Vision or USB3 Vision cameras purchased from Stemmer Imaging.

      CVB 2018 Image Manager features core 3D functionality to handle point clouds and pre-existing calibrations as well as the display of 3D data. A new tool called Match 3D, which operates in both Windows and Linux, has been added. This allows a point cloud to be compared to a template point cloud, returning the 3D transformation between the two. It can be useful for 3D positioning systems and also for calculating the differences for quality control applications. The new features in CVB 2018 Image Manager have also been extended to Linux (on Intel and ARM platforms), making it even more suitable for developing solutions in embedded and OEM applications.

  • Instructionals/Technical

    • How to set up a reverse proxy on Ubuntu Server 18.04

    • How To Install Asterisk on Ubuntu 18.04

    • Configuring UPS for FreeNAS Unix server

    • How to Install and Configure Magento 2 on Ubuntu 18.04

    • Update all Docker Images

    • How to Fix “passwd: Authentication token manipulation error” in Linux

    • Stress Test CPU and Memory (VM) On a Linux / Unix With Stress-ng

    • How to Customize Firefox Quantum User Interface in Linux

    • Set Up A Headless Deluge Server on Linux

    • Contributing to Fedora: Testing Packages

    • How to check free disk space in Linux

    • Viewing Linux Logs from the Command Line

    • How to Monitor Linux Server Security with Osquery

    • How to Upgrade to Linux Mint 19 [Step by Step Tutorial]

    • 18 Things to Do After Installing Linux Mint 19 Tara

    • How To Install GNOME Desktop Environment In Arch Linux

    • How to Configure WordPress to use a Remote Database

    • Linux chattr Command Tutorial for Beginners (5 Examples)

  • Games

    • Zachtronics’ next puzzle game ‘EXAPUNKS’ will have you writing viruses, announced with Linux support

      Get ready to push your brain to the limit again as Zachtronics have announced their next game with EXAPUNKS [Official Site].

      They confirmed to us directly on Twitter, that it should have Linux support at launch. That will make their eighth commercial game to support Linux—fantastic!

    • Minecraft ‘Update Aquatic’ is a huge update which brings the new launcher officially to Linux

      Minecraft’s Update Aquatic is a huge update to the sandbox builder that’s now out, it also brings the new launcher officially to Linux.

    • Looks like the sci-fi mystery game ‘The Station’ sold well on Linux

      The Station is another game with a Linux version that seems to have sold really well and I’m honestly not surprised by this.

    • Chicken Assassin: Reloaded now has official Linux support

      For those of you who love your idle/clicker games, you might want to take a look at Chicken Assassin: Reloaded as it now has official Linux support, it seems quite popular too.

    • Stack Gun Heroes gives you a gun that can be modded during combat, superpowers and lots of explosions

      Stack Gun Heroes from developer Unstackd seems like it could be quite a fun shooter, one that gives you a highly customizable gun.

    • Slime Rancher adds in happy little helper drones

      Slime Rancher is probably one of the sweetest games available on Linux and this latest free content update continues keeping it sweet.

    • Chicago 1930, another classic Spellbound game looks like it’s coming to Linux

      Chicago 1930, originally released back in 2003 is another classic Spellbound game that looks like it may be coming to Linux.

      Two months ago, we had hints of it happening on SteamDB but not a lot seemed to happen. That was, until yesterday when work seemed to start on the Linux version again.

    • Squad-based shoot ‘em up ‘Lazy Galaxy: Rebel Story’ now has a demo out ahead release next month

      Lazy Galaxy: Rebel Story is an interesting take on the shoot ‘em up genre, as it mixes it up a little with you rescuing allies who join you in the fight.

    • Regular Human Basketball will have you shooting hoops from your giant mechanical death machine

    • Some thoughts on Warhammer 40,000: Gladius – Relics of War

      Warhammer 40,000: Gladius – Relics of War recently released with same-day Linux support and now I’ve had some time with it I do have to say I’m pretty happy with it.

    • 8-Bit Adventures 2, a retro-inspired RPG that aims to be more than just a throwback will support Linux

      Arriving later this year from developer Critical Games, 8-Bit Adventures 2 [Official Site] will bring a vast and varied world inspired by classics with modern touches.

    • Clone Hero is a Guitar Hero clone built with Unity that has a Linux version, it’s free too

      For those who love their music, you might want to take a look at Clone Hero (they’re working on a better name) which aims to be a cross-platform clone of Guitar Hero.

    • Two Point Hospital confirmed to be releasing for Linux next month

      It’s now officially confirmed that Two Point Hospital, which is developed by Two Point Studios made up of developers previously from Bullfrog, Muckyfoot and Lionhead and published by SEGA will be released for Linux.

• Desktop Environments/WMs

  • K Desktop Environment/KDE SC/Qt

    • Krita 4.1.1 Released

      When it is updated, you can also use the Krita Lime PPA to install Krita 4.1.1 on Ubuntu and derivatives. We are working on an updated snap.

  • GNOME Desktop/GTK

    • Felipe Borges: Summing up GUADEC 2018

      This year’s edition was once again a blast. The best opportunity to put faces into the names we interact daily throughout the communication channels of our community, and to meet new folk.

      Once again a volunteer, this year a chaired the sessions in the auditorium during the first day, organized one of the newcomers activities, and the football game. Don’t forget to check out the conference photos.

    • GUADEC 2018 (It’s a Gitlab world)

      GUADEC in Almería was a great opportunity to catch up with some technologies in the GNOME world, hang out with lovely folks again, and spend time at the beach.

    • Jakub Steiner: Detail Considered Harmful

      As many moons have passed since GNOME 3, it’s fair to stop and reconsider the aesthetic choices we made. We don’t actually present app icons at small resolutions anymore. Pixel perfection sounds like a great slogan, but maybe this is another area that dillutes our focus. Asking app authors to craft pixel precise variants that nobody actually sees? Complex size lookup infrastructure that prominent applications like Blender fail to utilize properly?

      [...]

      The irony of the previous blog post is not lost on me, as I’ve been seduced by the shading and detail of these highres artworks. But every day it’s more obvious that we need to do a dramatic redesign of the app icon style. Perhaps allowing to programatically generate the unstable/nightlies style. Allow a faster turnaround for keeping the style contemporary and in sync what other platforms are doing. Right now, the dated nature of our current guidelines shows.

• Distributions

  • Slackware Family

    • Oldest swinger in town, Slackware, notches up a quarter of a century

      Slackware, the oldest Linux distribution still being maintained, has turned 25 this week, making many an enthusiast wonder where all those years went.

      Mention Slackware, and the odds are that the FOSS fan before you will go a bit misty-eyed and mumble something about dependency resolution as they recall their first entry into the world of Linux.

      Released by Patrick Volkerding on 17 July 1993, Slackware aimed to be the most “UNIX-like” Linux distribution available and purports to be designed “with the twin goals of ease of use and stability as top priorities”. Enthusiasts downloading the distro for the first time might take issue with the former goal – the lack of a cuddly graphical installer can be jarring.

  • Red Hat Family

    • Red Hat and CentOS Fix Kernel Bug in Latest OS Versions, Urge Users to Update

      It would appear the there was a bug in the previous Linux kernel update for the Red Hat Enterprise Linux 7.5 and CentOS Linux 7.5 releases, which was released to address the Spectre V4 security vulnerability, making connection tracking information to not function correctly, which could lead to connectivity loss and leaking of configuration properties related to the respective connection tracking into other namespaces.

      “Previously, the connection tracking information was not cleared properly for packets forwarded to another network namespace,” said Red Hat in an advisory. “Packets that were marked with the “NOTRACK” target in one namespace were excluded from connection tracking even in the new namespace. Consequently, a loss of connectivity occasionally occurred, depending on the packet filtering ruleset of the other network namespaces.”

    • Red Hat Open-Sources Scanner That Checks Linux Binaries For Spectre V1 Potential

    • SPECTRE Variant 1 scanning tool

    • Red Hat Continues Driving Wonderful Innovations In Fedora Workstation

    • CO.LAB alumni shine at Red Hat Summit

    • Red Hat Ansible Engine 2.6 extends automation across AWS, Google Cloud Platform, Microsoft Azure, VMware; delivers capabilities to network and Windows environments

    • Red Hat Introduces Red Hat Ansible Engine 2.6

      Red Hat has announced the general availability of Red Hat Ansible Engine 2.6, the latest release of its simple, powerful and agentless open source IT automation solution. Red Hat Ansible Engine 2.6 adds new content for automating across hybrid and multicloud environments, along with simplified connections to network APIs and updates for Ansible deployments overseeing Windows environments.

    • Itential Collaborates with Red Hat to Simplify and Accelerate the Journey Toward Automated Networks for the Enterprise

    • Open source IT automation solution from Red Hat gets an update

      Red Hat, Inc. announced the general availability of Red Hat Ansible Engine 2.6, the latest release of its agentless open source IT automation solution. Red Hat Ansible Engine 2.6 adds new content for automating across hybrid and multi-cloud environments, along with simplified connections to network APIs and updates for Ansible deployments overseeing Windows environments.

    • Ansible exec talks growth 3 years after Red Hat buy

    • Finance

      • As Cloud Kings Go, Red Hat Stock Isn’t Looking Very Regal Right Now

      • Long-Term Investment or Short-Term, Red Hat, Inc. (RHT), Warrior Met Coal, Inc. (HCC)

      • Are These a Risky Play with big payoff? PayPal Holdings, Inc. (PYPL) and Red Hat, Inc. (RHT)

      • How These Stocks Are Currently Valued TechnipFMC plc (FTI), Red Hat, Inc. (RHT)?

      • Form 4 RED HAT INC For: Jul 16 Filed by: Kelly Michael A

      • Form 4 RED HAT INC For: Jul 16 Filed by: KAISER WILLIAM S

    • Fedora

      • When your software is used way after you EOL it.

        One of my first jobs was working on a satellite project called ALEXIS at Los Alamos National Laboratory and had been part of a Congressional plan to explore making space missions faster and cheaper. This meant the project was a mix-mash of whatever computer systems were available at the time. Satellite tracking was planned on I think a Macintosh SE, the main uploads and capture were a combination of off the shelf hardware and a Sparc 10. Other analysis was done on spare Digital and SGI Irix systems. It was here I really learned a lot about system administration as each of those systems had their own ‘quirks’ and ways of doing things.

        I worked on this for about a year as a Graduate Research Assistant, and learned a lot about how many projects in science and industrial controls get ‘frozen’ in place way longer than anyone writing the software expects. This is because at a certain point the device becomes cheaper to keep running than replace or even updating. So when I was watching this USGS video this morning,

      • An update from Fedora Workstation land

        Feral Interactive, one of the leading Linux game companies, released a tool they call gamemode for Linux not long ago. Since we want gamers to be first class citizens in Fedora Workstation we ended up going back and forth internally a bit about what to do about it, basically discussing if there was another way to resolve the problem even more seamlessly than gamemode. In the end we concluded that while the ideal solution would be to have the default CPU governor be able to deal with games better, we also realized that the technical challenge games posed to the CPU governor, by having a very uneven workload, is hard to resolve automatically and not something we have the resources currently to take a deep dive into. So in the end we decided that just packaging gamemode was the most reasonable way forward. So the package is lined up for the next batch update in Fedora 28 so you should soon be able to install it and for Fedora Workstation 29 we are looking at including it as part of the default install.

  • Debian Family

    • Derivatives

      • Canonical/Ubuntu

        • The improved 18.04.1 LTS Server Installer – Call for testing!

          With the release of 18.04 LTS Bionic Beaver the new server installer
          was introduced. At the time, it still lacked certain critical features
          which have now been implemented.

        • Ubuntu 18.04.1 LTS Introducing Revised Server Installer, Adds Missing Features

          With the April release of Ubuntu 18.04 LTS on the server front was a brand new, in-house developed server installer created by Canonical to differentiate it from Debian’s long-used text installer for the Ubuntu Server images. While it offered a fresh look and some new features, it shipped without many features common to Linux server installers. Fortunately, that is changing with the upcoming Ubuntu Server 18.04.1 release.

          As expected, Canonical is filling in the gaps with their new server installer dubbed Subiquity. With the upcoming Ubuntu 18.04.1 LTS release they will be shipping a new version of this installer.

          This updated installer now supports LVM, RAID, VLAN, and bonds — important features missing originally from Ubuntu Server 18.04.0. The functionality is now in place with the latest daily images although the text-based user-interface is still being refined.

        • IoT Security at Scale: Managing end-to-end security

        • Perfectly Formed Snaps Challenge

          Snaps are perfect for the smaller things in life too. Looking away from the graphical flagship apps, the snap store hosts lightweight server daemons, command line utilities, developer tools and even tiny games.

          Recently, a couple of petite snaps were published in the store. Sparky is a simple game played in a terminal, and a modest 32KB on disk. Bash-Shell-RPG is similarly diminutive at only 8KB. Neither contain an excess of additional libraries, just the absolute minimum needed to function everywhere.

        • Ubuntu 17.10 (Artful Aardvark) Reached End of Life, Upgrade to Ubuntu 18.04 LTS

          Released nine months ago on October 19, 2017, Ubuntu 17.10 was dubbed “Artful Aardvark” by Canonical CEO Mark Shuttleworth because it was the first release of the Ubuntu Linux operating system to ship with the GNOME desktop environment instead of Unity on the Desktop edition.

          To due to the sudden move from Unity to GNOME, Ubuntu 17.10 brought several substantial changes, such as the switch to the next-generation Wayland display server by default instead of X.Org Server, a decision that was reverted with the release of Ubuntu 18.04 LTS (Bionic Beaver), and the discontinuation of the Ubuntu GNOME flavor.

        • Ubuntu 17.10 Reaches End of Life, Existing Users Must Upgrade to 18.04

          Ubuntu 17.10 was released on 19th October 2017 and nine months later, it has reached its end of life. This shouldn’t come as a surprise because Ubuntu 17.10 was a normal or short-term release and these releases are supported for only nine months.

          Ubuntu 17.10 was a crucial release in many senses. It was used as a testing platform for Ubuntu’s switch from Unity to GNOME desktop before the release of Ubuntu 18.04 LTS. It also tried using Wayland as the default display server and we all know that was a disastrous decision. Thanks to 17.10, Ubuntu 18.04 didn’t feature Wayland as the default display server.

        • Flavours and Variants

          • What’s New in Xubuntu 18.04 LTS

            Xubuntu 18.04 LTS is the latest release of Xubuntu, it now available to download and install on your laptop and PC. This release features latest version of Xfce 4.12 as default desktop, include latest Xfce components.

            Xubuntu 18.04 LTS also comes with an updated Greybird GTK+ theme that includes a new dark style, better HiDPI support, greater consistency between GTK+ 2 and GTK+ 3 apps, GTK+ 3 styles for Google Chrome and Chromium web browsers, smaller switches, and improved scales. However, the GTK Theme Configuration tool was removed and it’s no longer possible to override colors in themes.

• Devices/Embedded

  • Raspberry Pi On Linux 4.19 Will Be Able To Report Under-Voltage Issues

    The Linux 4.19 kernel will be introducing a new “raspberrypi-hwmon” driver capable of reporting under-voltage conditions for Raspberry Pi boards.

    This Raspberry Pi Hwmon driver makes it easy to find out if your ARM SBC is suffering from any under-voltage condition: the driver reports the under-voltage sensor state via a mailbox interface with the VC4 firmware. Undervoltage conditions are then written to the kernel log.

  • SDR meets AI in a mash-up of Jetson TX2, Artix-7, and 2×2 MIMO

    Deepwave Digital has launched an Ubuntu-driven, $5K “AIR-T” Mini-ITX board for AI-infused SDR, equipped with an Nvidia Jetson TX2, a Xilinx Artix-7 FPGA, and an AD9371 2×2 MIMO transceiver.

  • 8BitDo’s DIY Kit Can Turn Your Fave Retro Gamepad into a Wireless Steam Controller

    The “8BitDo Mod Kit” is a DIY package that gives you everything you need to convert an existing wired game pad for the NES, SNES, or Sega Mega Drive/Genesis systems into a fully-fledged wireless controller.

    A wireless controller you could then use with Ubuntu.

    No soldering is required. You just unscrew the case of an existing controller and the PCB inside and replace it with the one included in the mod kit. Screw it all back up and, hey presto, wireless gaming on a classic controller.

    Modded controllers are compatible with Steam on Windows and macOS (one assumes Linux too), as well the Nintendo Switch, and the Raspberry Pi — that’s a versatility classic game pads rarely had!

  • Tizen

    • Galaxy Watch will run Tizen 4.0

      In May, Samsung trademarked the “Galaxy Watch” and “Galaxy Fit” monikers at the USPTO, suggesting its plan to bring its wearables under the Galaxy branding. Now two months later, SamMobile confirms that Samsung’s next smartwatch, the successor to the Gear S3, will indeed be called the Galaxy Watch, and not Gear S4. Furthermore, they add that the upcoming Galaxy Watch will run Tizen 4.0 out of the box.

  • Android

    • Google Hints A Future Where Android Might NOT Be Free

    • Android has created more choice, not less

    • Google Fined Record $5 Billion by EU, Given 90 Days to Stop ‘Illegal Practices’

      EU regulators rejected arguments that Apple Inc. competes with Android, saying Apple’s phone software can’t be licensed by handset makers and that Apple phones are often priced outside many Android users’ purchasing power.

    • EU: Google illegally used Android to dominate search, must pay $5B fine

      Thirdly, Google allegedly ran afoul of EU rules by deterring manufacturers from using Android forks. Google “has prevented manufacturers wishing to pre-install Google apps from selling even a single smart mobile device running on alternative versions of Android that were not approved by Google,” the commission said.

    • EU hits Google with US$5b fine over alleged Android misuse

      The European Union has hit Google with a second fine in as many years, demanding that the search behemoth pay €4.34 billion (US$5.05 billion, A$6.82 billion) for breaching anti-trust rules over its Android mobile operating system.

      Announcing the fine on Wednesday in Brussels, the EU said Google must end such conduct within 90 days or pay a penalty of up to 5% of the average daily turnover of its parent company, Alphabet.

      The company has said it will appeal against the fine.

    • iPhone users buy half as many apps as Android users, but spend twice as much

      Apple’s app store is still yielding twice the revenue of Google Play, and yet is only recording half the number of downloads.

      The figures for Q1&2 of the year suggest Apple owners spent $22.6bn on apps, whilst Android users only spent $11.8bn.

    • The EU fining Google over Android is too little, too late, say experts

      The Play Store is free to use under licence from Google, but comes with a set of conditions smartphone manufacturers must meet. The most important of these, and the one the EC has a problem with, is the requirement to set Google as the default search engine and the pre-installation of certain apps, including Google Chrome, YouTube and the Google search app. Google also dictates that some of the pre-installed apps be placed on the homescreen.

    • Don’t Expect Big Changes from Europe’s Record Google Fine

      The decision by the European Commission, the EU’s regulatory arm, found that Google manages Android, which runs roughly 80 percent of the world’s smartphones, in ways that illegally harm competition. The ruling focused on three practices: the bundling of Google’s Chrome web browser and its search app as a condition for licensing the Google Play store; payments Google makes to phone manufacturers and telecom companies to exclusively preinstall the Google search app on their devices; and Google’s practice of prohibiting device makers from running Google apps on Android “forks,” or alternative versions of the software unapproved by Google. In its ruling, the commission ordered Google to stop all of those practices.

    • Some Thoughts On The EU’s Latest $5 Billion Google Antitrust Fine

      Of course, it should be noted that there is some amount of karma here. Back during the Microsoft antitrust fight, Google stepped up in 2006 to complain to the EU Commission about Microsoft’s bundling and default practices.

      [...]

      And, amusingly, Microsoft’s own response to that criticism was nearly identical to Google’s today, saying that “the user is in control” and it’s easy to change the defaults. So there’s absolutely some hypocrisy in how Google has acted through this whole thing.

    • EU fines Google 4.3Bn€ for Android monopoly, and it’s a good thing.

    • Google to Appeal $5 Billion Antitrust Fine, Voices Fear for Android Open Source System

    • Android Smart Text Selection headed to Chrome OS

    • Chrome OS isn’t ready for tablets yet

    • Android Q+ may use the Vulkan Graphics API to render the UI

    • Configure Android folders to auto-sync with Google Drive

    • EU Fines Google $5.1 Billion in Android Antitrust Case

    • What Android users should know about Google’s fight with the EU

    • Android P Developer Preview 3 (beta 4) released for OnePlus 6

    • EU to hit Google with 4.3 bln euro fine in Android case

    • EU’s Vestager on Record $5 Billion Google Fine in Android Probe

    • EU Fines Google $5.1 Billion in Android Antitrust Case

    • EU fines Google a record $5 billion over mobile practices

    • Google to Appeal $5 Billion Antitrust Fine, Voices Fear for Android Open Source System

    • EU Fines Google a Record $5 Billion Over Mobile System

    • iPhone users buy half as many apps as Android users, but spend twice as much

    • OnePlus 6 gets updated Android P beta w/ stability fixes, redesigned app switcher

    • OnePlus rolls out new Android P developer preview for OnePlus 6

    • Chrome OS feature will let users resume Android browsing sessions

    • Forcing an Android device to update to a higher version

    • YouTube prominently displaying hashtags above video titles on Android & web

    • Android Auto comes to South Korea with support for popular local apps

    • Google faces record $5 billion EU fine for Android antitrust violations

    • Google hit with € 4.3bn Android fine from EU

    • EU Hits Google With $5 Billion Fine For Pushing Apps On Android Users

    • Google Hit With $5 Billion Fine Over Android in Europe

    • Nokia 7 Plus Gets a Android P Beta 3 (Developer Preview 4) Build: How to Install

    • Nest is joining the Google Home team, CEO stepping down

    • Android’s best launcher just jumped the shark

    • Mozilla Responds to European Commission’s Google Android Decision

      For Mozilla, these issues of innovation, openness, and competition speak to our history. Twenty years ago, we made Firefox to combat the vertical integration of Microsoft Windows and Internet Explorer. Today, we are again witnessing vertical integration concerns on a larger scale, with powerful players at all parts of the internet ecosystem. Mozilla’s 2018 Internet Health Report identified decentralization as a major goal to promote a healthy internet.

      Targeted, effective interventions can strengthen technology markets and are necessary to advance consumer welfare. Mozilla will continue to build competitive products and to advocate for effective policies and approaches to build a competitive and open technology ecosystem.

    • Google Fined A Record $5 Billion For Abusing Its Dominance in Android Ecosystem

      The European regulators have slapped Google with a record-breaking fine of $5 billion for breaking antitrust laws revolving around its Android operating system.

    • EU fines Google $5 billion over Android antitrust abuse

      European Union regulators have slapped Alphabet-owned Google with a record 4.34 billion euro ($5 billion) antitrust fine for abusing the dominance of its Android mobile operating system, which is by far the most popular smartphone OS in the world.

Free Software/Open Source

• Amid the 20th anniversary of open source, Tim O’Reilly warns that platform companies built on open-source software have lost their way

  It’s rare to hear Chinese philosophy quoted on stage at a software-development conference. But O’Reilly Media founder and CEO Tim O’Reilly invoked the words of Lao Tzu Wednesday morning during the opening keynotes at OSCON 2018 in hopes of convincing those in attendance — many of whom work for the big internet platform companies of our time — that the tech industry needs to return to the spirit of openness and collaboration that drove the early days of the open-source community before it is too late.

  “We have an opportunity with these next generation of systems, to rebuild, to rethink the future, to discover what does it mean to get these systems right,” O’Reilly said. If the first era of the internet was dominated by open protocols, and the second era was dominated by the rise of huge platform companies like Amazon, Google, and Facebook, the third era we’re about to enter presents a chance to get it right again.

• A 4-step plan for creating teams that aren't afraid to fail

• 3 big steps toward building authentic developer communities

  As more software businesses are selling open source products, we’ve seen a corresponding rise in the emphasis of building out developer communities around these products as a key metric for success. Happy users are passionate advocates, and these passionate advocates raise overall awareness of a company’s product offerings. Attract the right vocal influencers into your community, and customers become more interested in forming a relationship with your company.

  Doing community building the right way, however, is a delicate balance. Undercut the needs of your user community in favor of driving sales, and your company will face a decrease in adoption and unfavorable brand awareness. Meanwhile, too little focus on the bottom line isn’t good for the company. So how can this tension be balanced effectively, especially in a world in which developers are the “new kingmakers” and meeting their sensibilities is a cornerstone of driving corporate purchasing decisions?

  Over the past year, I’ve thought a lot about how to do effective community building while building the business bottom line. In this article, I’ll outline three big steps to take toward building authentic, productive, sustainable developer communities.

• Four top open source SIEM tools you should know

  With open source SIEM tools, organizations can test out certain capabilities and reduce cost barriers before expanding their product investments. Depending on what functions you’re interested in, there is a variety of software to choose from.

  [...]

  Another choice for open source SIEM tools is Apache Metron. ELK Stack is a general purpose log and data parsing tool; Apache Metron focuses squarely on security.

  Apache Metron provides four main capabilities. First, it offers long-term, cost-effective storage of telemetry data through its security data lake feature. Second, it features an extensible framework that collects data from a variety of sources and supports any future endpoints. Third, Metron performs normal SIEM tasks, such as data ingest and threat alerts. The fourth capability is threat intelligence driven by machine learning-based anomaly detection.

• Web Browsers

  • Mozilla

    • Biggest Mistakes with CSS Grid

      It’s easy to make lots of mistakes with a new technology, especially something that’s as big of a change from the past as CSS Grid. In this video, I explain the 9 Biggest Mistakes people are making, with advice and tips for avoiding these pitfalls and breaking old habits.

    • In loving memory of Abbackar DIOMANDE

      It brings us great sadness to share with you the recent news about one of our dear Rep we will so fondly remember. Abbackar DIOMANDE from Ivory Coast is unfortunately no longer with us.

      Diomande, was a Mozillian from Bouake, Ivory Coast and was contributing in various Mozilla projects including SUMO and L10n.
      He was a local community builder, that helped to build a healthy local community in his country while lately he had also taken the role of a Resources Rep, helping his fellow Mozillians on organizing local initiatives.

    • Mozilla Partners with Women Who Tech to Offer Startup Challenge Europe Award for Privacy, Transparency & Accountability

      The Women Startup Challenge Europe will connect women technology innovators from cities across Europe to compete for $60,000 in cash grants. In addition to the funding, all finalists will also receive: pitch coaching, one on one meetings with investors the day after the Women Startup Challenge, and other crucial startup friendly services. The Startup Challenge, co-hosted by the Office of Paris Mayor Anne Hidalgo, will feature 10 finalists pitching their ventures before a panel of judges on October 25, 2018 at Paris Hôtel de Ville.

      Women Who Tech is a nonprofit organization on a mission to close the funding gap and disrupt a culture and economy that has made it incredibly difficult for women entrepreneurs to raise capital. At Mozilla, we are committed to an internet that catalyzes collaboration among diverse communities working together for the common good. Promoting diversity and inclusion is core to our mission, so working with organizations like Women Who Tech furthers our commitment to create more diversity in innovation.

    • Open Your Own Front Page Using Firefox New Tab

      Did you know Firefox has a unique page full of great links and ideas curated just for you? In one simple click, we’ve made it faster and easier for you to find things that are important to you whenever you open a new tab in Firefox.

• Pseudo-Open Source (Openwashing)

  • Open Source is the foundation of Boundless: Andy Dearing

    Open source it the foundation of Boundless technologies, says Andy Dearing, CEO of Boundless. The organization works heavily with open source solutions built by individual contributors with utmost security.

  • Accenture Acquires Kogentix to Help Clients Run Legacy Analytics Applications on Open Source Technologies to Get Ahead of Data Surge [Ed: Accenture only ever attacks FOSS]

  • Electra Jailbreak is Now Open Source! [Ed: If you pay Apple a lot of money for a device only to "break" the "jail" in it, then maybe you're buying the wrong product]

  • Electra iOS 11.3.1 / 11.4 Jailbreak Source Code Released [Download]

  • Top 7 Reasons to Jailbreak iPhone or iPad on iOS 11.3.1

• BSD

  • pfSense Gold Free with 2.4.4-RELEASE

    Starting with the upcoming release of pfSense® 2.4.4, all of the services previously offered under “pfSense Gold” will continue, but will be free to all pfSense users. Read on for more detail.

  • Google Fined by EU for Antitrust Violations, Qt Creator 4.7.0 Now Available, New ownCloud Version 10.0.9, pfSense Gold to Be Free with the 2.4.4 Release, Kobol Relaunches Helios4

    Netgate announces that pfSense Gold will be free with the 2.4.4 release, including all services previously offered under the pfSense Gold subscription, such as the pfSense Book and monthly online Hangouts (video conferences). In addition, AutoConfigBackup (ACB) also will be free and will conform to GDPR best practices. The 2.4.4 release is planned for September 2018.

• FSF/FSFE/GNU/SFLC

  • Public money, public code? FSFE spearheads open-source initiative

    Last September, the non-profit Free Software Foundation Europe (FSFE) launched a new campaign that calls for EU-wide legislation that requires publicly financed software developed for the public sector to be made publicly available under a free and open-source software license.

    According to the ‘Public Money, Public Code’ open letter, free and open-source software in the public sector would enable anyone to “use, study, share, and improve applications used on a daily basis”.

    The initiative, says the non-profit, would provide safeguards against public sector organizations being locked into services from specific companies that use “restrictive licenses” to hinder competition.

    The FSFE also says the open-source model would help improve security in the public sector, as it would allow backdoors and other vulnerabilities to fixed quickly, without depending on one single service provider.

    Since its launch, the Public Money, Public Code initiative has gained the support of 150 organizations, including WordPress Foundation, Wikimedia Foundation, and Tor, along with nearly 18,000 individuals.

    With the initiative now approaching its first anniversary, The Daily Swig caught up with FSFE spokesperson Paul Brown, who discussed the campaign’s progress.

  • Emacs & TLS

    A recent query about the status of network security (TLS settings in particular) in Emacs led to a long thread in the emacs-devel mailing list. That thread touched on a number of different areas, including using OpenSSL (or other TLS libraries) rather than GnuTLS, what kinds of problems should lead to complaints out of the box, what settings should be the default, and when those settings could change for Emacs so as not to discombobulate users. The latter issue is one that lots of projects struggle with: what kinds of changes are appropriate for a bug-fix release versus a feature release. For Emacs, its lengthy development cycle, coupled with the perceived urgency of security changes, makes that question even more difficult.

• Programming/Development

  • This Week in Rust 243

    Always wanted to contribute to open-source projects but didn’t know where to start? Every week we highlight some tasks from the Rust community for you to pick and get started!

  • Qt Creator 4.7.0 released

    We are happy to announce the release of Qt Creator 4.7.0!

  • Qt Creator 4.7 Released With Clang Code Model Turned On By Default

    The Qt Company has officially released Qt Creator 4.7 as the newest feature release to this open-source, cross-platform Qt/C++ focused integrated development environment.

    Today’s Qt Creator 4.7 IDE release is quite significant in that it finally turns on the Clang code model by default. The Clang code model provides significantly better C++ support over what was offered by their in-house code model and will stay better up-to-date with newer C/C++ standards, etc. The Clang code model in Qt Creator 4.7 is based on LLVM/Clang 6.0.

  • Working with UE4 on Linux using Qt Creator

    I’ll start by pointing out that Epic already has a guide to using Qt Creator for UE4. However, I found a few things lacking in that guide. This is my attempt to improve upon it.

    This guide assumes you’re able to build and run UE4 outside of Qt Creator. For this guide, we’re going to be using a game project, MyGame, located under UnrealEngine/Projects. If you’re looking to just build base Unreal Engine for now, you can check out Epic’s guide at the above link for the proper build/run settings.

    This guide will not cover things like downloading source or resolving dependency issues specific to your Linux distribution. For that, I recommend looking over Epic’s documentation on building and running on Linux.

  • nanotime 0.2.2

    A new maintenance release of the nanotime package for working with nanosecond timestamps just arrived on CRAN.

Leftovers

• Science

  • Silicon Valley eyes Africa as new tech frontier

    Many African governments have given the tech titans an enthusiastic welcome.

• Security

  • Security updates for Wednesday

  • At Rest Encryption

    There are many steps you can take to harden a computer, and a common recommendation you’ll see in hardening guides is to enable disk encryption. Disk encryption also often is referred to as “at rest encryption”, especially in security compliance guides, and many compliance regimes, such as PCI, mandate the use of at rest encryption. This term refers to the fact that data is encrypted “at rest” or when the disk is unmounted and not in use. At rest encryption can be an important part of system-hardening, yet many administrators who enable it, whether on workstations or servers, may end up with a false sense of security if they don’t understand not only what disk encryption protects you from, but also, and more important, what it doesn’t.

  • Why Does Google Chrome Say Websites Are “Not Secure”?

    Starting with Chrome 68, Google Chrome labels all non-HTTPS websites as “Not Secure.” Nothing else has changed—HTTP websites are just as secure as they’ve always been—but Google is giving the entire web a shove towards secure, encrypted connections.

  • Biggest Voting Machine Maker Admits — Ooops — That It Installed Remote Access Software After First Denying It [Ed: Microsoft Windows TCO]

    We’ve been covering the mess that is electronic voting machines for nearly two decades on Techdirt, and the one thing that still flummoxes me is how are they so bad at this after all these years? And I don’t mean “bad at security” — though, that’s part of it — but I really mean “bad at understanding how insecure their machines really are.” For a while everyone focused on Diebold, but Election Systems and Software (ES&S) has long been a bigger player in the space, and had just as many issues. It just got less attention. There was even a brief period of time where ES&S bought what remained of Diebold’s flailing e-voting business before having to sell off the assets to deal with an antitrust lawsuit by the DOJ.

    What’s incredible, though, is that every credible computer security person has said that it is literally impossible to build a secure fully electronic voting system — and if you must have one at all, it must have a printed paper audit trail and not be accessible from the internet. Now, as Kim Zetter at Motherboard has reported, ES&S — under questioning from Senator Ron Wyden — has now admitted that it installed remote access software on its voting machines, something the company had vehemently denied to the same reporter just a few months ago.

  • Bringing cybersecurity to the DNC [Ed: Microsoft Windows TCO. Microsoft Exchange was used.]

    When Raffi Krikorian joined the Democratic National Committee (DNC) as chief technology officer, the party was still reeling from its devastating loss in 2016 — and the stunning cyberattacks that resulted in high-level officials’ emails being embarrassingly leaked online.

  • Getting Started with Successful Security Breach Detection

    Organizations historically believed that security software and tools were effective at protecting them from hackers. Today, this is no longer the case, as modern businesses are now connected in a digital global supply ecosystem with a web of connections to customers and suppliers. Often, organizations are attacked as part of a larger attack on one of their customers or suppliers. They represent low hanging fruit for hackers, as many organizations have not invested in operationalizing security breach detection.

    As this new reality takes hold in the marketplace, many will be tempted to invest in new technology tools to plug the perceived security hole and move on with their current activities. However, this approach is doomed to fail. Security is not a “set it and forget it” type of thing. Defending an organization from a breach requires a careful balance of tools and operational practices — operational practices being the more important element.

  • The SIM Hijackers

    By hijacking Rachel’s phone number, the hackers were able to seize not only Rachel’s Instagram, but her Amazon, Ebay, Paypal, Netflix, and Hulu accounts too. None of the security measures Rachel took to secure some of those accounts, including two-factor authentication, mattered once the hackers took control of her phone number.

  • Spectre V1 defense in GCC

  • Signing and distributing Gentoo

    The compromise of the Gentoo’s GitHub mirror was certainly embarrassing, but its overall impact on Gentoo users was likely fairly limited. Gentoo and GitHub responded quickly and forcefully to the breach, which greatly limited the damage that could be done; the fact that it was a mirror and not the master copy of Gentoo’s repositories made it relatively straightforward to recover from. But the black eye that it gave the project has led some to consider ways to make it even harder for an attacker to add malicious content to Gentoo—even if the distribution’s own infrastructure were to be compromised.

    Unlike other distributions, Gentoo is focused on each user building the software packages they want using the Portage software-management tool. This is done by using the emerge tool, which is the usual interface to Portage. Software “packages” are stored as ebuilds, which are sets of files that contain the information and code needed by Portage to build the software. The GitHub compromise altered the ebuilds for three packages to add malicious content so that users who pulled from those repositories would get it.

    Ebuilds are stored in the /usr/portage directory on each system. That local repository is updated using emerge –sync (which uses rsync under the hood), either from Gentoo’s infrastructure or one of its mirrors. Alternatively, users can use emerge-webrsync to get snapshots of the Gentoo repository, which are updated daily. Snapshots are individually signed by the Gentoo infrastructure OpenPGP keys, while the /usr/portage tree is signed by way of Manifest files that list the hash of each file in a directory. The top-level Manifest is signed by the infrastructure team, so following and verifying the chain of hashes down to a particular file (while also making sure there are no unlisted files) ensures that the right files are present in the tree.

  • Here’s How Hackers Are Using Google’s Servers To Host Malware For Free

• Defence/Aggression

  • In recording, Netanyahu boasts Israel convinced Trump to quit Iran nuclear deal

    In a video clip aired Tuesday by Israeli television, Prime Minister Benjamin Netanyahu boasted that Israel was responsible for US President Donald Trump’s decision to quit the Iran nuclear deal.

    In the video, which the Kan public broadcaster said was filmed two weeks ago, Netanyahu can be seen speaking to activists and senior members from his Likud party.

  • Crony Kleptocracy

    When President Dwight Eisenhower warned against the “unwarranted influence” of the “military-industrial complex,” he was concerned that certain firms selling to the government might obtain untoward privilege, twisting public resources to serve private ends. It is telling that one of those contractors, Lockheed Aircraft, would become the first company to be bailed out by Congress in 1971.

    For many observers, the George W. Bush administration’s “no-bid” contracts to Halliburton and Blackwater appeared to exemplify the sort of deals that Eisenhower had warned of. It is true that federal regulations explicitly permit contracts without open bidding in certain circumstances, such as when only one firm is capable of providing a certain service or when there is an unusual or compelling emergency. In any case, a report issued by the bipartisan Commission on Wartime Contracting in 2011 estimated that contractor fraud and abuse during operations in Afghanistan and Iraq cost taxpayers an estimated $31 to $60 billion.

  • Noam Chomsky calmly explains why Trump and allies are a threat to organized human life

  • When the US Invaded Russia

    Amid the bi-partisan mania over the Trump-Putin Summit in Helsinki, fevered, anti-Russian rhetoric in the United States makes conceivable what until recently seemed inconcievable: that dangerous tensions between Russia and the U.S. could lead to military conflict. It has happened before.

    [...]

    In July 1918, U.S. President Woodrow Wilson had personally typed the “Aide Memoire” on American military action in Russia that was hand-delivered by the Secretary of War at the beginning of August to General William Graves, the designated commander of the U.S. troops en route to Siberia. Wilson’s document was curiously ambivalent and contradictory. It began by asserting that foreign interference in Russia’s internal affairs was “impermissible,” and eventually concluded that the dispatch of U.S. troops to Siberia was not to be considered a “military intervention.”

    The Non-Intervention Intervention

    But the American intervention began when U.S. soldiers disembarked at Vladivostok on August 16, 1918. These were the 27th and 31st infantry regiments, regular army units that had been involved in pacification of U.S.-occupied Philippines. Eventually there were to be about 8,000 U.S. troops in Siberia.

    Judging from his memoires, General Graves was puzzled by how different things looked on the ground in Siberia than his vague instructions seemed to suggest. For one thing, the Czechs hardly needed rescuing. By the Summer of 1918 they had easily taken control of Vladivostok and a thousand miles of the Trans-Siberian Railway.

    For the next year and a half, General Graves, by all appearances an honest and non-political professional soldier, struggled to understand and carry out his mandate in Siberia. He seems to have driven the U.S. State Department and his fellow allied commanders to distraction by clinging stubbornly to a literal interpretation of Wilson’s Aide Memoire as mandating strict non-intervention in Russian affairs. The general seemed incapable of noticing the broad “wink” with which everyone else understood these instructions.

• AstroTurf/Lobbying/Politics

  • News media paid Melania Trump thousands for use of photos in ‘positive stories only’

    It’s not unheard of for celebrities to earn royalties from photos of themselves, but it’s very unusual for the wife of a currently serving elected official. More problematic for the many news organizations that have published or broadcast the images, however, is that Getty’s licensing agreement stipulates the pictures can be used in “positive stories only.”

    According to the revenue statement in President Trump’s May financial disclosure, Melania Trump earned between $100,000 and $1,000,000 in photo royalties in 2017 from the Getty deal.

  • Media Paid Melania Trump Up to $1M for ‘Positive Stories Only’ Photos

    When contacted by NBC News for comment, several of the news outlets (e.g. Yahoo News, SFGate, Houston Chronicle) immediately removed the photos from their websites.

  • Defending InfoWars, Facebook declines to stop fake news

    Facebook held an expensive shrimp-cocktail-and-overproduced-trailer press event Wednesday in New York selling the company’s big serious fight against the scourge of misinformation. After its pitch on Facebook’s new efforts to fight fake news, CNN’s Oliver Darcy asked John Hegeman, the head of Facebook’s News Feed, “how the company could claim it was serious about tackling the problem of misinformation online while simultaneously allowing InfoWars to maintain a page with nearly 1 million followers on its website.”

  • Mark Zuckerberg says Holocaust deniers are making an honest mistake

    Last week, CNN’s Oliver Darcy questioned how Facebook could be sincere in its stated efforts to reduce the spread of false news stories while it also offered sites like Infowars a place to develop a large following and routinely distribute hoaxes.

  • Why is InfoWars allowed on Facebook? Zuckerberg: Because it doesn’t cause “harm”

    But Swisher challenged Zuckerberg by noting that InfoWars’ repeated claims that the Sandy Hook shooting was staged are lies and “not a debate.” Zuckerberg agreed that “it is false.” However, if one Facebook user is going to attack a Sandy Hook victim or their family member, “that is harassment, and we actually will take that down.”

• Censorship/Free Speech

  • Experts divided over SC verdict on mob lynching, vigilantism

    Most of these incidents took place because of WhatsApp messages and some responsibilities have to be attached with those using these platforms. Though there were provisions under the IPC, the focus has to be given to the specific problems,” Rohatgi said.

  • Israel Set to Approve ‘Facebook Law’ Against Web Incitement

    The bill would allow the government to ask courts for an order removing content within 48 hours. No other country has provisions as broad as the proposed Israeli law, and none allows the state to ask the courts to rule on an order to remove content without needing to present evidence, Shwartz Altshuler wrote in a report.

  • Grandstanding Idiots In Congress Attack Social Media For Censoring Too Much And Too Little Without Understanding Anything

    So, yesterday the House Judiciary Committee did what the House Judiciary Committee seems to do best: hold a stupid, nonsensical, nearly fact-free “hearing” that serves as nothing more than an opportunity for elected members of Congress to demonstrate their ignorance of an important topic, while attempting to play to their base. This time, the topic was on the content filtering practices of Facebook, Twitter and Google. Back in May there was actually a whole one day conference in Washington DC on this topic. The Judiciary Committee would have been a lot better served attending that than holding this hearing.

    [...]

    But, never let facts get in the way of a narrative. Since that seems to be the way many hyperpartisan sites (at either end of the spectrum) deal with these things, Congress is helping out. The only bit of sanity, perhaps bizarrely, came from Rep. Ted Lieu, who reminded everyone of the importance of free markets, free speech and the fact that private platforms get to decide how they manage their own services. Considering that Republicans often like to claim the mantle of being the “small, limited government” party who wants the government’s hands out of business regulation, the fact that most of the hearing involved Republicans screaming for regulating internet platforms and a Democrat reminding everyone about the importance of a free market, capitalism and free speech, it really was quite a hearing. Lieu’s remarks were some of the rare moments of sanity during the hearing — including defending Facebook leaving Alex Jones’ conspiracy theories on its site. Let’s start with that high point before we dive into the awfulness.

• Privacy/Surveillance

  • Facebook Messenger Now Wants To Sync Your Instagram Contacts As Well

    To increase the usage of Messenger and to link all their services, Facebook has added a new feature to the Messenger app. Now users can sync their Instagram contacts into the Messenger App.

    This new option is available in the ‘People’ section of the Messenger app. Earlier, there was an option to sync phone contacts, and now Instagram has also been added to it.

  • Like Chicago Police, Cook County and Illinois Officials Track Thousands of People in Gang Databases

    Over the last 25 years, Illinois State Police have built a database of more than 90,000 people they deem to be gang members — but won’t say what gangs they’re in or where they live.

    The Cook County sheriff’s office has a gang database, too. It includes 25,000 people, including hundreds whose gangs aren’t known and hundreds who are dead.

    And the Illinois Department of Corrections says the only information it can provide about its gang database is that it can’t provide any information.

    The Chicago Police Department’s massive gang database has received considerable scrutiny in recent months. But it’s not the only gang tracking system used by area law enforcement. Police and other authorities have been keeping files of alleged gang members for decades now. A Chicago officer recently told me that when he first joined the force in the 1980s, police bought high school yearbooks to help them keep track of names and faces in their districts.

  • ‘Smart’ TVs Remain The Poster Child For Dismal Privacy, Transparency & Security Standards

    The dumpster fire that passes for security and privacy standards in the internet of things space is by now pretty well understood. It’s also pretty clear that in this sector, “smart TV” vendors have been among the laziest sectors around in terms of making sure private consumer data is adequately encrypted, and that consumers understand that their viewing habits and even some in-room conversations are being hoovered up and monetized, usually sloppily.

    Recent studies have found that upwards of 90% of smart TVs can be compromised remotely, and leaked documents have made it clear that intelligence agencies have been having a field day with the lack of security in such sets, easily exploiting paper-mache grade protections in order to use TV microphones to monitor targets without anybody being the wiser.

    Meanwhile, set vendors and viewing tracking firms continue to do a pretty dismal job clearly explaining to the end user what data is being collected and monetized. The New York Times, for example, recently did a profile piece on a company named SambaTV, whose viewer-tracking software is now collects viewing data from 13.5 million smart TVs in the United States.

  • Cambridge Analytica’s Facebook data was accessed from Russia, MP says

    Damian Collins, the Conservative MP leading a British parliamentary investigation into online disinformation, told CNN that a British investigation found evidence that the data, collected by Professor Aleksandr Kogan on behalf of Cambridge Analytica, had been accessed from Russia and other countries. The discovery was made by the Information Commissioner’s Office (ICO), Britain’s data protection authority, Collins said.

  • Guy jailed for refusing to unlock phones

    It’s a minor infraction, but it was the first step on what’s turned into a Fifth Amendment meltdown: one that earlier this month led to Montanez being jailed for failing to unlock his cell phones.

    [...]

    Regardless of what “it” was, Montanez declined to agree to another police request: this time to search his phone. That led to police getting a warrant, and that’s how Montanez wound up in court, in front of Judge Gregory Holder, on 5 July.

• Civil Rights/Policing

  • I Came as a Journalist to Ask Important Questions

    Here’s what I would have asked, had I been given the chance.

    [...]

    I was taken to a small room downstairs where I was told that Finnish law allows for police to detain me for 24 hours without charge. They did not allow me access to my phone or other possessions, and they forced me to give up my press badge, which I later got back. I was then taken to a detention facility. As I was moved outside, I hollered to onlookers, “This is freedom of press in Finland!” At that point, officers started tackling me to the ground, and my legs and hands were cuffed. At the detention facility, I was asked more questions and laid out the facts of what had happened. I was released around midnight.

  • Obtained Documents Show The DEA Sold Compromised Phones To Suspected Drug Dealers

    Human Rights Watch — which delivered info on law enforcement’s “parallel construction” habit earlier this year — is back with a bombshell. Court documents obtained by the group show the DEA sold compromised devices to drug dealers during an investigation into a Mexico-to-Canada trafficking operation.

  • The ugly scandal that cancelled the Nobel prize

    But this year there will be no prize and no ceremony. In November 2017, it was revealed in the Swedish press that the husband of one of the academy members had been accused of serial sexual abuse, in assaults alleged to have taken place over more than 20 years. Jean-Claude Arnault, a French photographer and cultural entrepreneur, is married to the poet and academician Katarina Frostenson. In addition to assault accusations against him, the pair are accused of misusing academy funding. Arnault has denied all accusations, and Frostenson has refused to comment.

    The academy is paralysed by the scandal, which was followed by a slew of resignations and expulsions. Six of The Eighteen have withdrawn from any part in its deliberations; another two were compelled to do so. The statutes say that 12 members must be present to elect any new ones, so with only 10, no important decisions can be taken and no new members elected. The vacuum has been filled with invective.

  • Explosive Report on Abuse of Women Photographers Stirs Both Anger and Pride

    An investigation published this week was painful reading for many. For one advocate, it was also inspiring.

    On Monday, the Columbia Journalism Review published a nearly 10,000-word investigation of sexual harassment and abuse in the world of photojournalism. The investigation took five months and involved interviews with 50 people.

    The findings were dark.

    “Photojournalists described behavior from editors and colleagues that ranged from assault to unwanted advances to comments on their appearance or bodies when they were trying to work,” the article said.

    “Many women in the industry say the behavior is so common that they have long considered it simply one of the realities of working as a woman in the profession,” the investigation found. “They say the problem is rooted in a number of factors: The field has historically been male-dominated with a culture that glorifies macho, hyper-masculine behavior; there is an increasing reliance on freelancers, which affects accountability; workshops and other events for young photographers are often exploited by older, established photojournalists.”

  • Brett Kavanaugh’s One Abortion Case

    I am the only lawyer who has argued an abortion case before Trump’s Supreme Court nominee. Here’s why we should be worried.

    In October 2017, I went to court to stop the Trump administration from blocking a young immigrant from obtaining an abortion. She had crossed into the United States the month before and discovered she was pregnant soon after. She never had any doubt about what she wanted to do. But the Trump administration had other plans for her.

    Her plea, which I relayed to a three-judge appeals panel, was: “Please stop delaying my decision any longer.” That panel included Judge Brett Kavanaugh, and her plea went unheeded.

    In the only abortion case heard by President Trump’s nominee to the Supreme Court, Judge Kavanaugh issued a decision that would have forced Jane to further delay her abortion, almost a full month after she first sought it. Ultimately, the full appeals court reversed his decision, ending the government’s obstruction in the dramatic case.

    While Judge Kavanaugh’s decision was cause for concern when it was issued last year, it’s taken on far more importance now, given his nomination to the high court and the clues it provides about how he might shift the course of reproductive rights in this country. Although the ACLU neither endorses nor opposes Supreme Court nominees, we do have an obligation to analyze Kavanaugh’s judicial record on areas that impact core civil liberties and civil rights.

• Internet Policy/Net Neutrality

  • Netflix CEO Proclaims The Death Of Net Neutrality Is No Big Deal

    We’ve noted repeatedly that while Silicon Valley giants like Facebook and Google are portrayed as net neutrality supporters, that hasn’t been true for many years now. Google stopped giving a damn about the idea back in 2010 or so when it started eyeing the broadband (Google Fiber) and wireless (Android, Project Fi) markets. Similarly, Facebook has never really been much of a genuine supporter, and has actively undermined the concept of net neutrality overseas in developing nations. Once they became powerful and wealthy enough, they stopped seriously worrying about the threat posed by broadband monopolies.

    For a while there, Netflix jumped in to supplant Google as a major net neutrality supporter, frequently highlighting how usage caps can be used anti-competitively or how ISPs were abusing interconnection points and their broadband monopolies to drive up prices for competitors.

  • Neutral Net critical for India: R.S. Sharma

    In his first interview since the government approved TRAI’s net neutrality recommendations, the outgoing Chairman of the Telecom Regulatory Authority of India, R.S. Sharma, talks about its importance for India. He also counters allegations of bias against himself as well as objections raised against TRAI’s recommendations for public Wi-Fi hotspots.

  • Bill to save net neutrality gets first Republican vote in US House

    The congressional bill to reinstate net neutrality rules has finally received support from a House Republican.

    US Rep. Mike Coffman (R-Colo.) today announced his support for the bill. Coffman is signing a discharge petition that would force the House to vote on a Congressional Review Act (CRA) resolution; the resolution would reverse the Federal Communications Commission’s repeal of its net neutrality rules.

• DRM

  • Pirates Punish Denuvo-Protected Games With Poor Ratings

    Denuvo’s anti-piracy technology is a thorn in the side of game pirates. While it has been defeated on several occasions recently, the strict anti-piracy measures have not been without consequence. According to new research, Denuvo has frustrated pirates to a point where they sabotage reviews on Metacritic, leading to significantly lower ratings for protected games.

• Intellectual Monopolies

  • Actual Use vs Inherent Disclosure: Endo v. Custopharm

    The claimed invention here requires the use of testosterone undecanoate (TU) at a concentration of 250 mg/ml in a vehicle containing a mixture of about 40% castor oil and 60% benzyl benzoate. (Claim 1 of the ‘640 patent). Three key prior art references are all research articles that report using the same concentration of TU and also the castor oil. The prior-art articles do not, however, actually report that benzyl benzoate was used — it turns out though that the researchers (including one overlapping listed inventor here) used the same 40/60 split of castor oil and benzyl benzoate. The asserted claim 2 adds a limitation that 750 mg TU is injected — the articles describe the use of 1000 mg.

    A primary question on appeal was whether the prior art articles inherently taught the benzyl benzoate concentration. “Custopharm contends that the Articles inherently describe the vehicle formulation (40% castor oil and 60% benzyl benzoate).”

  • Trade Secret Litigation in Federal Court

    The basics: Federal Trade Secret litigation is up about 30% following enactment of the Defend Trade Secrets Act (DTSA) in 2016. (1134 cases filed in 2017). The DTSA created a federal cause of action for trade secret litigation and resulting original jurisdiction in federal court for the federal claims. Prior to the DTSA, state-law trade secret claims found their way into federal court either via supplemental jurisdiction (typically linked to an a federal IP claim) or via diversity jurisdiction (parties from different states).

  • Upping the Trade War with China

    Earlier in 2018, the Office of the US Trade Representative (USTR) imposed a 25% added-value tariff on a set of particular Chinese-made products expected to valued at about $34 billion per year. A prior notice indicated a plan to increase the 25% tariff to $50 billion worth of goods (an additional $16 billion on Chinese goods ). Doing the math here – the US is planning here to collect $12.5 billion in tax revenue from the Chinese goods entering into the US. Although a tariff already applied to most Chinese imports, the rate is usually less than 5%.

  • China IP Office released major IP statistics of the first half of 2018

    By the end of June 2018, the cumulative number of invention patents held by the Chinese mainland is 1,475,000, namely 10.6 invention patents for every 10,000 head of population.

  • House Subcommittees Hold Hearing on China’s Predatory Trade, Investment Strategy

    On the afternoon of Wednesday, July 11th, the House Subcommittee on Terrorism, Nonproliferation, and Trade and the House Subcommittee on Asia and the Pacific held a joint hearing titled China’s Predatory Trade and Investment Strategy. The day’s hearing featured discussion of actions the U.S. government should be taking in order to counter deceptive trade practices pursued by the Chinese government, a topic which has become a main theme of the administration of President Donald Trump.

  • Fractus sues Oppo in China, setting up a big test for both sides

    Barcelona-based antenna technology developer Fractus yesterday announced in a press release that it has filed patent litigation in China against mobile manufacturer Oppo. In doing so it has become one of relatively few foreign licensors to assert Chinese patents against a local company. Oppo has been rapidly buying up overseas patents, but its second major international litigation dispute will play out at home. Fractus has not named the specific patent being asserted in its campaign before the Shanghai IP Court, but it is aimed at securing a licence to the firm’s broader portfolio of geometry based antenna technologies.

  • Copyrights

    • Research Confirms The Anecdotal Evidence: Internet Content Filters Are A Waste Of Money

      Internet filtering — whether it’s for copyright reasons or “for the children” [INSERT FAVORED OFFENSIVE CONTENT HERE] — doesn’t work. It certainly never works as well as advertised. And when those ads are being paid for with your tax dollars to push filters that make the internet worse for the sake of making the internet “safer,” you’d probably like to ask for a refund.

      The UK is implementing porn filters and adding in fun stuff that’s less definable like “extremist content. ” Governments all over Europe want the biggest service providers to filter out whatever happened to be offending them this legislative session. Most recently, it was copyright infringement. Fortunately, the EU’s proposed filtering legislation died before it could ruin the internet, but its unwieldy corpse is bound to be reanimated by seething publishers and performance rights groups.

      But, hey, maybe a metric ton of anecdotal evidence isn’t enough to convince you filtering doesn’t work. Maybe you need more than failure after spectacular failure to erase your faith in harder nerding/legislative busywork. Maybe you’re cool with overblocking and will simply close your eyes (and your browser) when the filter doesn’t do any filtering at all.

    • EPIC Bravely Defeats 14 Year Old’s Mom In Court To Continue Lawsuit Against Her Son For Cheating In Fortnite

      Earlier this year, we wrote about EPIC, makers of the popular Fortnite game, picking up the baton from Blizzard to pretzel copyright law such that it believes it can sue those that cheat in its game for copyright infringement. This belief centers on the claim that these cheaters break the EULA, despite the fact that no actual copying occurs when breaking a EULA. To make PR matters worse for EPIC, the company managed to sweep up a fourteen year old in its lawsuit-blitz. Despite the teenager supposedly being quite brazen in his use of cheats, and in his communications to others about how to cheat in Fortnite, I had assumed that EPIC would find a way to quietly back away from this particular suit, given how shitty the optics would be. It did the opposite, pursuing the case and seeking a summary judgement after the teenager failed to respond. The court refused, however, citing a letter to the court from the teen’s mother, who argued that the suit against her son was overkill and, critically, that the argument over the EULA was null because her minor son couldn’t legally enter into such an agreement without her input.

      Rather than again trying to salvage some PR positivity from any of this, EPIC then decided instead to take on the mother’s letter as a legal matter, with its lawyers countering it as a legal argument. EPIC argued that caselaw is clear that such contracts aren’t void, even if one party is a minor, so long as that minor enjoyed the benefits of the contract. Unfortunately, the judge in the case has decided that he will not dismiss and will allow this lawsuit to move forward.

    • Pirates Are Increasingly ‘Going Legal’ in France

      While the French Government mulls how to counter streaming piracy, local pirates are increasingly going legal. Not only are there less French pirates, the remaining ones are also consuming less and are increasingly signing up with legal streaming services such as Netflix.

    • French Pirates Are Increasingly Buying Through Legal Options

      Do you guys remember Hadopi? This French version of a law designed to kick copyright infringers off of the internet essentially ended in 2016, after all kinds of reports showed the program to be an inefficient, unreasonably harsh failure that actually resulted in more infringement rather than less. Well, this travesty probably seems altogether silly here in 2018, given that Hadopi largely targeted filesharing infringement, while the majority of “piracy” these days takes the form of streaming content online rather than downloading it. Those enforcing Hadopi have no real way to track that kind of “piracy”, making the whole thing useless.

      But the French government appears to want to see if it can repeat its mistakes all over again, with reports that it will institute a streaming site blacklist, which will be every bit as effective as Hadopi. Making all of this especially odd is that it comes at a time when so-called pirates in France are increasingly turning to legal offerings and spending gobs of money on them.

    • Movie & TV Giants Apply For Broadest Ever Piracy Blocking Injunction

      A large coalition of movie and TV show companies has filed for a record-setting site-blocking injunction Down Under. Village Roadshow and several Hollywood companies have teamed up with Hong Kong-based Television Broadcasts and local distributor Madman Entertainment Pty. If successful, the application will force Australian ISPs to block 151 domains linked to 77 ‘pirate’ sites.