07.19.18

Links 19/7/2018: Krita 4.1.1, Qt Creator 4.7.0, and Microsoft-Led Lobby Against Android in EU

Posted in News Roundup at 8:02 am by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

Free Software/Open Source

  • Amid the 20th anniversary of open source, Tim O’Reilly warns that platform companies built on open-source software have lost their way

    It’s rare to hear Chinese philosophy quoted on stage at a software-development conference. But O’Reilly Media founder and CEO Tim O’Reilly invoked the words of Lao Tzu Wednesday morning during the opening keynotes at OSCON 2018 in hopes of convincing those in attendance — many of whom work for the big internet platform companies of our time — that the tech industry needs to return to the spirit of openness and collaboration that drove the early days of the open-source community before it is too late.

    “We have an opportunity with these next generation of systems, to rebuild, to rethink the future, to discover what does it mean to get these systems right,” O’Reilly said. If the first era of the internet was dominated by open protocols, and the second era was dominated by the rise of huge platform companies like Amazon, Google, and Facebook, the third era we’re about to enter presents a chance to get it right again.

  • A 4-step plan for creating teams that aren't afraid to fail
  • 3 big steps toward building authentic developer communities

    As more software businesses are selling open source products, we’ve seen a corresponding rise in the emphasis of building out developer communities around these products as a key metric for success. Happy users are passionate advocates, and these passionate advocates raise overall awareness of a company’s product offerings. Attract the right vocal influencers into your community, and customers become more interested in forming a relationship with your company.

    Doing community building the right way, however, is a delicate balance. Undercut the needs of your user community in favor of driving sales, and your company will face a decrease in adoption and unfavorable brand awareness. Meanwhile, too little focus on the bottom line isn’t good for the company. So how can this tension be balanced effectively, especially in a world in which developers are the “new kingmakers” and meeting their sensibilities is a cornerstone of driving corporate purchasing decisions?

    Over the past year, I’ve thought a lot about how to do effective community building while building the business bottom line. In this article, I’ll outline three big steps to take toward building authentic, productive, sustainable developer communities.

  • Four top open source SIEM tools you should know

    With open source SIEM tools, organizations can test out certain capabilities and reduce cost barriers before expanding their product investments. Depending on what functions you’re interested in, there is a variety of software to choose from.

    [...]

    Another choice for open source SIEM tools is Apache Metron. ELK Stack is a general purpose log and data parsing tool; Apache Metron focuses squarely on security.

    Apache Metron provides four main capabilities. First, it offers long-term, cost-effective storage of telemetry data through its security data lake feature. Second, it features an extensible framework that collects data from a variety of sources and supports any future endpoints. Third, Metron performs normal SIEM tasks, such as data ingest and threat alerts. The fourth capability is threat intelligence driven by machine learning-based anomaly detection.

  • Web Browsers

    • Mozilla

      • Biggest Mistakes with CSS Grid

        It’s easy to make lots of mistakes with a new technology, especially something that’s as big of a change from the past as CSS Grid. In this video, I explain the 9 Biggest Mistakes people are making, with advice and tips for avoiding these pitfalls and breaking old habits.

      • In loving memory of Abbackar DIOMANDE

        It brings us great sadness to share with you the recent news about one of our dear Rep we will so fondly remember. Abbackar DIOMANDE from Ivory Coast is unfortunately no longer with us.

        Diomande, was a Mozillian from Bouake, Ivory Coast and was contributing in various Mozilla projects including SUMO and L10n.
        He was a local community builder, that helped to build a healthy local community in his country while lately he had also taken the role of a Resources Rep, helping his fellow Mozillians on organizing local initiatives.

      • Mozilla Partners with Women Who Tech to Offer Startup Challenge Europe Award for Privacy, Transparency & Accountability

        The Women Startup Challenge Europe will connect women technology innovators from cities across Europe to compete for $60,000 in cash grants. In addition to the funding, all finalists will also receive: pitch coaching, one on one meetings with investors the day after the Women Startup Challenge, and other crucial startup friendly services. The Startup Challenge, co-hosted by the Office of Paris Mayor Anne Hidalgo, will feature 10 finalists pitching their ventures before a panel of judges on October 25, 2018 at Paris Hôtel de Ville.

        Women Who Tech is a nonprofit organization on a mission to close the funding gap and disrupt a culture and economy that has made it incredibly difficult for women entrepreneurs to raise capital. At Mozilla, we are committed to an internet that catalyzes collaboration among diverse communities working together for the common good. Promoting diversity and inclusion is core to our mission, so working with organizations like Women Who Tech furthers our commitment to create more diversity in innovation.

      • Open Your Own Front Page Using Firefox New Tab

        Did you know Firefox has a unique page full of great links and ideas curated just for you? In one simple click, we’ve made it faster and easier for you to find things that are important to you whenever you open a new tab in Firefox.

  • Pseudo-Open Source (Openwashing)

  • BSD

  • FSF/FSFE/GNU/SFLC

    • Public money, public code? FSFE spearheads open-source initiative

      Last September, the non-profit Free Software Foundation Europe (FSFE) launched a new campaign that calls for EU-wide legislation that requires publicly financed software developed for the public sector to be made publicly available under a free and open-source software license.

      According to the ‘Public Money, Public Code’ open letter, free and open-source software in the public sector would enable anyone to “use, study, share, and improve applications used on a daily basis”.

      The initiative, says the non-profit, would provide safeguards against public sector organizations being locked into services from specific companies that use “restrictive licenses” to hinder competition.

      The FSFE also says the open-source model would help improve security in the public sector, as it would allow backdoors and other vulnerabilities to fixed quickly, without depending on one single service provider.

      Since its launch, the Public Money, Public Code initiative has gained the support of 150 organizations, including WordPress Foundation, Wikimedia Foundation, and Tor, along with nearly 18,000 individuals.

      With the initiative now approaching its first anniversary, The Daily Swig caught up with FSFE spokesperson Paul Brown, who discussed the campaign’s progress.

    • Emacs & TLS

      A recent query about the status of network security (TLS settings in particular) in Emacs led to a long thread in the emacs-devel mailing list. That thread touched on a number of different areas, including using OpenSSL (or other TLS libraries) rather than GnuTLS, what kinds of problems should lead to complaints out of the box, what settings should be the default, and when those settings could change for Emacs so as not to discombobulate users. The latter issue is one that lots of projects struggle with: what kinds of changes are appropriate for a bug-fix release versus a feature release. For Emacs, its lengthy development cycle, coupled with the perceived urgency of security changes, makes that question even more difficult.

  • Programming/Development

    • This Week in Rust 243

      Always wanted to contribute to open-source projects but didn’t know where to start? Every week we highlight some tasks from the Rust community for you to pick and get started!

    • Qt Creator 4.7.0 released

      We are happy to announce the release of Qt Creator 4.7.0!

    • Qt Creator 4.7 Released With Clang Code Model Turned On By Default

      The Qt Company has officially released Qt Creator 4.7 as the newest feature release to this open-source, cross-platform Qt/C++ focused integrated development environment.

      Today’s Qt Creator 4.7 IDE release is quite significant in that it finally turns on the Clang code model by default. The Clang code model provides significantly better C++ support over what was offered by their in-house code model and will stay better up-to-date with newer C/C++ standards, etc. The Clang code model in Qt Creator 4.7 is based on LLVM/Clang 6.0.

    • Working with UE4 on Linux using Qt Creator

      I’ll start by pointing out that Epic already has a guide to using Qt Creator for UE4. However, I found a few things lacking in that guide. This is my attempt to improve upon it.

      This guide assumes you’re able to build and run UE4 outside of Qt Creator. For this guide, we’re going to be using a game project, MyGame, located under UnrealEngine/Projects. If you’re looking to just build base Unreal Engine for now, you can check out Epic’s guide at the above link for the proper build/run settings.

      This guide will not cover things like downloading source or resolving dependency issues specific to your Linux distribution. For that, I recommend looking over Epic’s documentation on building and running on Linux.

    • nanotime 0.2.2

      A new maintenance release of the nanotime package for working with nanosecond timestamps just arrived on CRAN.

Leftovers

  • Science

  • Security

    • Security updates for Wednesday
    • At Rest Encryption

      There are many steps you can take to harden a computer, and a common recommendation you’ll see in hardening guides is to enable disk encryption. Disk encryption also often is referred to as “at rest encryption”, especially in security compliance guides, and many compliance regimes, such as PCI, mandate the use of at rest encryption. This term refers to the fact that data is encrypted “at rest” or when the disk is unmounted and not in use. At rest encryption can be an important part of system-hardening, yet many administrators who enable it, whether on workstations or servers, may end up with a false sense of security if they don’t understand not only what disk encryption protects you from, but also, and more important, what it doesn’t.

    • Why Does Google Chrome Say Websites Are “Not Secure”?

      Starting with Chrome 68, Google Chrome labels all non-HTTPS websites as “Not Secure.” Nothing else has changed—HTTP websites are just as secure as they’ve always been—but Google is giving the entire web a shove towards secure, encrypted connections.

    • Biggest Voting Machine Maker Admits — Ooops — That It Installed Remote Access Software After First Denying It [Ed: Microsoft Windows TCO]

      We’ve been covering the mess that is electronic voting machines for nearly two decades on Techdirt, and the one thing that still flummoxes me is how are they so bad at this after all these years? And I don’t mean “bad at security” — though, that’s part of it — but I really mean “bad at understanding how insecure their machines really are.” For a while everyone focused on Diebold, but Election Systems and Software (ES&S) has long been a bigger player in the space, and had just as many issues. It just got less attention. There was even a brief period of time where ES&S bought what remained of Diebold’s flailing e-voting business before having to sell off the assets to deal with an antitrust lawsuit by the DOJ.

      What’s incredible, though, is that every credible computer security person has said that it is literally impossible to build a secure fully electronic voting system — and if you must have one at all, it must have a printed paper audit trail and not be accessible from the internet. Now, as Kim Zetter at Motherboard has reported, ES&S — under questioning from Senator Ron Wyden — has now admitted that it installed remote access software on its voting machines, something the company had vehemently denied to the same reporter just a few months ago.

    • Bringing cybersecurity to the DNC [Ed: Microsoft Windows TCO. Microsoft Exchange was used.]

      When Raffi Krikorian joined the Democratic National Committee (DNC) as chief technology officer, the party was still reeling from its devastating loss in 2016 — and the stunning cyberattacks that resulted in high-level officials’ emails being embarrassingly leaked online.

    • Getting Started with Successful Security Breach Detection

      Organizations historically believed that security software and tools were effective at protecting them from hackers. Today, this is no longer the case, as modern businesses are now connected in a digital global supply ecosystem with a web of connections to customers and suppliers. Often, organizations are attacked as part of a larger attack on one of their customers or suppliers. They represent low hanging fruit for hackers, as many organizations have not invested in operationalizing security breach detection.

      As this new reality takes hold in the marketplace, many will be tempted to invest in new technology tools to plug the perceived security hole and move on with their current activities. However, this approach is doomed to fail. Security is not a “set it and forget it” type of thing. Defending an organization from a breach requires a careful balance of tools and operational practices — operational practices being the more important element.

    • The SIM Hijackers

      By hijacking Rachel’s phone number, the hackers were able to seize not only Rachel’s Instagram, but her Amazon, Ebay, Paypal, Netflix, and Hulu accounts too. None of the security measures Rachel took to secure some of those accounts, including two-factor authentication, mattered once the hackers took control of her phone number.

    • Spectre V1 defense in GCC
    • Signing and distributing Gentoo

      The compromise of the Gentoo’s GitHub mirror was certainly embarrassing, but its overall impact on Gentoo users was likely fairly limited. Gentoo and GitHub responded quickly and forcefully to the breach, which greatly limited the damage that could be done; the fact that it was a mirror and not the master copy of Gentoo’s repositories made it relatively straightforward to recover from. But the black eye that it gave the project has led some to consider ways to make it even harder for an attacker to add malicious content to Gentoo—even if the distribution’s own infrastructure were to be compromised.

      Unlike other distributions, Gentoo is focused on each user building the software packages they want using the Portage software-management tool. This is done by using the emerge tool, which is the usual interface to Portage. Software “packages” are stored as ebuilds, which are sets of files that contain the information and code needed by Portage to build the software. The GitHub compromise altered the ebuilds for three packages to add malicious content so that users who pulled from those repositories would get it.

      Ebuilds are stored in the /usr/portage directory on each system. That local repository is updated using emerge –sync (which uses rsync under the hood), either from Gentoo’s infrastructure or one of its mirrors. Alternatively, users can use emerge-webrsync to get snapshots of the Gentoo repository, which are updated daily. Snapshots are individually signed by the Gentoo infrastructure OpenPGP keys, while the /usr/portage tree is signed by way of Manifest files that list the hash of each file in a directory. The top-level Manifest is signed by the infrastructure team, so following and verifying the chain of hashes down to a particular file (while also making sure there are no unlisted files) ensures that the right files are present in the tree.

    • Here’s How Hackers Are Using Google’s Servers To Host Malware For Free
  • Defence/Aggression

    • In recording, Netanyahu boasts Israel convinced Trump to quit Iran nuclear deal

      In a video clip aired Tuesday by Israeli television, Prime Minister Benjamin Netanyahu boasted that Israel was responsible for US President Donald Trump’s decision to quit the Iran nuclear deal.

      In the video, which the Kan public broadcaster said was filmed two weeks ago, Netanyahu can be seen speaking to activists and senior members from his Likud party.

    • Crony Kleptocracy

      When President Dwight Eisenhower warned against the “unwarranted influence” of the “military-industrial complex,” he was concerned that certain firms selling to the government might obtain untoward privilege, twisting public resources to serve private ends. It is telling that one of those contractors, Lockheed Aircraft, would become the first company to be bailed out by Congress in 1971.

      For many observers, the George W. Bush administration’s “no-bid” contracts to Halliburton and Blackwater appeared to exemplify the sort of deals that Eisenhower had warned of. It is true that federal regulations explicitly permit contracts without open bidding in certain circumstances, such as when only one firm is capable of providing a certain service or when there is an unusual or compelling emergency. In any case, a report issued by the bipartisan Commission on Wartime Contracting in 2011 estimated that contractor fraud and abuse during operations in Afghanistan and Iraq cost taxpayers an estimated $31 to $60 billion.

    • Noam Chomsky calmly explains why Trump and allies are a threat to organized human life
    • When the US Invaded Russia

      Amid the bi-partisan mania over the Trump-Putin Summit in Helsinki, fevered, anti-Russian rhetoric in the United States makes conceivable what until recently seemed inconcievable: that dangerous tensions between Russia and the U.S. could lead to military conflict. It has happened before.

      [...]

      In July 1918, U.S. President Woodrow Wilson had personally typed the “Aide Memoire” on American military action in Russia that was hand-delivered by the Secretary of War at the beginning of August to General William Graves, the designated commander of the U.S. troops en route to Siberia. Wilson’s document was curiously ambivalent and contradictory. It began by asserting that foreign interference in Russia’s internal affairs was “impermissible,” and eventually concluded that the dispatch of U.S. troops to Siberia was not to be considered a “military intervention.”

      The Non-Intervention Intervention

      But the American intervention began when U.S. soldiers disembarked at Vladivostok on August 16, 1918. These were the 27th and 31st infantry regiments, regular army units that had been involved in pacification of U.S.-occupied Philippines. Eventually there were to be about 8,000 U.S. troops in Siberia.

      Judging from his memoires, General Graves was puzzled by how different things looked on the ground in Siberia than his vague instructions seemed to suggest. For one thing, the Czechs hardly needed rescuing. By the Summer of 1918 they had easily taken control of Vladivostok and a thousand miles of the Trans-Siberian Railway.

      For the next year and a half, General Graves, by all appearances an honest and non-political professional soldier, struggled to understand and carry out his mandate in Siberia. He seems to have driven the U.S. State Department and his fellow allied commanders to distraction by clinging stubbornly to a literal interpretation of Wilson’s Aide Memoire as mandating strict non-intervention in Russian affairs. The general seemed incapable of noticing the broad “wink” with which everyone else understood these instructions.

  • AstroTurf/Lobbying/Politics

    • News media paid Melania Trump thousands for use of photos in ‘positive stories only’

      It’s not unheard of for celebrities to earn royalties from photos of themselves, but it’s very unusual for the wife of a currently serving elected official. More problematic for the many news organizations that have published or broadcast the images, however, is that Getty’s licensing agreement stipulates the pictures can be used in “positive stories only.”

      According to the revenue statement in President Trump’s May financial disclosure, Melania Trump earned between $100,000 and $1,000,000 in photo royalties in 2017 from the Getty deal.

    • Media Paid Melania Trump Up to $1M for ‘Positive Stories Only’ Photos

      When contacted by NBC News for comment, several of the news outlets (e.g. Yahoo News, SFGate, Houston Chronicle) immediately removed the photos from their websites.

    • Defending InfoWars, Facebook declines to stop fake news

      Facebook held an expensive shrimp-cocktail-and-overproduced-trailer press event Wednesday in New York selling the company’s big serious fight against the scourge of misinformation. After its pitch on Facebook’s new efforts to fight fake news, CNN’s Oliver Darcy asked John Hegeman, the head of Facebook’s News Feed, “how the company could claim it was serious about tackling the problem of misinformation online while simultaneously allowing InfoWars to maintain a page with nearly 1 million followers on its website.”

    • Mark Zuckerberg says Holocaust deniers are making an honest mistake

      Last week, CNN’s Oliver Darcy questioned how Facebook could be sincere in its stated efforts to reduce the spread of false news stories while it also offered sites like Infowars a place to develop a large following and routinely distribute hoaxes.

    • Why is InfoWars allowed on Facebook? Zuckerberg: Because it doesn’t cause “harm”

      But Swisher challenged Zuckerberg by noting that InfoWars’ repeated claims that the Sandy Hook shooting was staged are lies and “not a debate.” Zuckerberg agreed that “it is false.” However, if one Facebook user is going to attack a Sandy Hook victim or their family member, “that is harassment, and we actually will take that down.”

  • Censorship/Free Speech

    • Experts divided over SC verdict on mob lynching, vigilantism

      Most of these incidents took place because of WhatsApp messages and some responsibilities have to be attached with those using these platforms. Though there were provisions under the IPC, the focus has to be given to the specific problems,” Rohatgi said.

    • Israel Set to Approve ‘Facebook Law’ Against Web Incitement

      The bill would allow the government to ask courts for an order removing content within 48 hours. No other country has provisions as broad as the proposed Israeli law, and none allows the state to ask the courts to rule on an order to remove content without needing to present evidence, Shwartz Altshuler wrote in a report.

    • Grandstanding Idiots In Congress Attack Social Media For Censoring Too Much And Too Little Without Understanding Anything

      So, yesterday the House Judiciary Committee did what the House Judiciary Committee seems to do best: hold a stupid, nonsensical, nearly fact-free “hearing” that serves as nothing more than an opportunity for elected members of Congress to demonstrate their ignorance of an important topic, while attempting to play to their base. This time, the topic was on the content filtering practices of Facebook, Twitter and Google. Back in May there was actually a whole one day conference in Washington DC on this topic. The Judiciary Committee would have been a lot better served attending that than holding this hearing.

      [...]

      But, never let facts get in the way of a narrative. Since that seems to be the way many hyperpartisan sites (at either end of the spectrum) deal with these things, Congress is helping out. The only bit of sanity, perhaps bizarrely, came from Rep. Ted Lieu, who reminded everyone of the importance of free markets, free speech and the fact that private platforms get to decide how they manage their own services. Considering that Republicans often like to claim the mantle of being the “small, limited government” party who wants the government’s hands out of business regulation, the fact that most of the hearing involved Republicans screaming for regulating internet platforms and a Democrat reminding everyone about the importance of a free market, capitalism and free speech, it really was quite a hearing. Lieu’s remarks were some of the rare moments of sanity during the hearing — including defending Facebook leaving Alex Jones’ conspiracy theories on its site. Let’s start with that high point before we dive into the awfulness.

  • Privacy/Surveillance

    • Facebook Messenger Now Wants To Sync Your Instagram Contacts As Well

      To increase the usage of Messenger and to link all their services, Facebook has added a new feature to the Messenger app. Now users can sync their Instagram contacts into the Messenger App.

      This new option is available in the ‘People’ section of the Messenger app. Earlier, there was an option to sync phone contacts, and now Instagram has also been added to it.

    • Like Chicago Police, Cook County and Illinois Officials Track Thousands of People in Gang Databases

      Over the last 25 years, Illinois State Police have built a database of more than 90,000 people they deem to be gang members — but won’t say what gangs they’re in or where they live.

      The Cook County sheriff’s office has a gang database, too. It includes 25,000 people, including hundreds whose gangs aren’t known and hundreds who are dead.

      And the Illinois Department of Corrections says the only information it can provide about its gang database is that it can’t provide any information.

      The Chicago Police Department’s massive gang database has received considerable scrutiny in recent months. But it’s not the only gang tracking system used by area law enforcement. Police and other authorities have been keeping files of alleged gang members for decades now. A Chicago officer recently told me that when he first joined the force in the 1980s, police bought high school yearbooks to help them keep track of names and faces in their districts.

    • ‘Smart’ TVs Remain The Poster Child For Dismal Privacy, Transparency & Security Standards

      The dumpster fire that passes for security and privacy standards in the internet of things space is by now pretty well understood. It’s also pretty clear that in this sector, “smart TV” vendors have been among the laziest sectors around in terms of making sure private consumer data is adequately encrypted, and that consumers understand that their viewing habits and even some in-room conversations are being hoovered up and monetized, usually sloppily.

      Recent studies have found that upwards of 90% of smart TVs can be compromised remotely, and leaked documents have made it clear that intelligence agencies have been having a field day with the lack of security in such sets, easily exploiting paper-mache grade protections in order to use TV microphones to monitor targets without anybody being the wiser.

      Meanwhile, set vendors and viewing tracking firms continue to do a pretty dismal job clearly explaining to the end user what data is being collected and monetized. The New York Times, for example, recently did a profile piece on a company named SambaTV, whose viewer-tracking software is now collects viewing data from 13.5 million smart TVs in the United States.

    • Cambridge Analytica’s Facebook data was accessed from Russia, MP says

      Damian Collins, the Conservative MP leading a British parliamentary investigation into online disinformation, told CNN that a British investigation found evidence that the data, collected by Professor Aleksandr Kogan on behalf of Cambridge Analytica, had been accessed from Russia and other countries. The discovery was made by the Information Commissioner’s Office (ICO), Britain’s data protection authority, Collins said.

    • Guy jailed for refusing to unlock phones

      It’s a minor infraction, but it was the first step on what’s turned into a Fifth Amendment meltdown: one that earlier this month led to Montanez being jailed for failing to unlock his cell phones.

      [...]

      Regardless of what “it” was, Montanez declined to agree to another police request: this time to search his phone. That led to police getting a warrant, and that’s how Montanez wound up in court, in front of Judge Gregory Holder, on 5 July.

  • Civil Rights/Policing

    • I Came as a Journalist to Ask Important Questions

      Here’s what I would have asked, had I been given the chance.

      [...]

      I was taken to a small room downstairs where I was told that Finnish law allows for police to detain me for 24 hours without charge. They did not allow me access to my phone or other possessions, and they forced me to give up my press badge, which I later got back. I was then taken to a detention facility. As I was moved outside, I hollered to onlookers, “This is freedom of press in Finland!” At that point, officers started tackling me to the ground, and my legs and hands were cuffed. At the detention facility, I was asked more questions and laid out the facts of what had happened. I was released around midnight.

    • Obtained Documents Show The DEA Sold Compromised Phones To Suspected Drug Dealers

      Human Rights Watch — which delivered info on law enforcement’s “parallel construction” habit earlier this year — is back with a bombshell. Court documents obtained by the group show the DEA sold compromised devices to drug dealers during an investigation into a Mexico-to-Canada trafficking operation.

    • The ugly scandal that cancelled the Nobel prize

      But this year there will be no prize and no ceremony. In November 2017, it was revealed in the Swedish press that the husband of one of the academy members had been accused of serial sexual abuse, in assaults alleged to have taken place over more than 20 years. Jean-Claude Arnault, a French photographer and cultural entrepreneur, is married to the poet and academician Katarina Frostenson. In addition to assault accusations against him, the pair are accused of misusing academy funding. Arnault has denied all accusations, and Frostenson has refused to comment.

      The academy is paralysed by the scandal, which was followed by a slew of resignations and expulsions. Six of The Eighteen have withdrawn from any part in its deliberations; another two were compelled to do so. The statutes say that 12 members must be present to elect any new ones, so with only 10, no important decisions can be taken and no new members elected. The vacuum has been filled with invective.

    • Explosive Report on Abuse of Women Photographers Stirs Both Anger and Pride

      An investigation published this week was painful reading for many. For one advocate, it was also inspiring.

      On Monday, the Columbia Journalism Review published a nearly 10,000-word investigation of sexual harassment and abuse in the world of photojournalism. The investigation took five months and involved interviews with 50 people.

      The findings were dark.

      “Photojournalists described behavior from editors and colleagues that ranged from assault to unwanted advances to comments on their appearance or bodies when they were trying to work,” the article said.

      “Many women in the industry say the behavior is so common that they have long considered it simply one of the realities of working as a woman in the profession,” the investigation found. “They say the problem is rooted in a number of factors: The field has historically been male-dominated with a culture that glorifies macho, hyper-masculine behavior; there is an increasing reliance on freelancers, which affects accountability; workshops and other events for young photographers are often exploited by older, established photojournalists.”

    • Brett Kavanaugh’s One Abortion Case

      I am the only lawyer who has argued an abortion case before Trump’s Supreme Court nominee. Here’s why we should be worried.

      In October 2017, I went to court to stop the Trump administration from blocking a young immigrant from obtaining an abortion. She had crossed into the United States the month before and discovered she was pregnant soon after. She never had any doubt about what she wanted to do. But the Trump administration had other plans for her.

      Her plea, which I relayed to a three-judge appeals panel, was: “Please stop delaying my decision any longer.” That panel included Judge Brett Kavanaugh, and her plea went unheeded.

      In the only abortion case heard by President Trump’s nominee to the Supreme Court, Judge Kavanaugh issued a decision that would have forced Jane to further delay her abortion, almost a full month after she first sought it. Ultimately, the full appeals court reversed his decision, ending the government’s obstruction in the dramatic case.

      While Judge Kavanaugh’s decision was cause for concern when it was issued last year, it’s taken on far more importance now, given his nomination to the high court and the clues it provides about how he might shift the course of reproductive rights in this country. Although the ACLU neither endorses nor opposes Supreme Court nominees, we do have an obligation to analyze Kavanaugh’s judicial record on areas that impact core civil liberties and civil rights.

  • Internet Policy/Net Neutrality

    • Netflix CEO Proclaims The Death Of Net Neutrality Is No Big Deal

      We’ve noted repeatedly that while Silicon Valley giants like Facebook and Google are portrayed as net neutrality supporters, that hasn’t been true for many years now. Google stopped giving a damn about the idea back in 2010 or so when it started eyeing the broadband (Google Fiber) and wireless (Android, Project Fi) markets. Similarly, Facebook has never really been much of a genuine supporter, and has actively undermined the concept of net neutrality overseas in developing nations. Once they became powerful and wealthy enough, they stopped seriously worrying about the threat posed by broadband monopolies.

      For a while there, Netflix jumped in to supplant Google as a major net neutrality supporter, frequently highlighting how usage caps can be used anti-competitively or how ISPs were abusing interconnection points and their broadband monopolies to drive up prices for competitors.

    • Neutral Net critical for India: R.S. Sharma

      In his first interview since the government approved TRAI’s net neutrality recommendations, the outgoing Chairman of the Telecom Regulatory Authority of India, R.S. Sharma, talks about its importance for India. He also counters allegations of bias against himself as well as objections raised against TRAI’s recommendations for public Wi-Fi hotspots.

    • Bill to save net neutrality gets first Republican vote in US House

      The congressional bill to reinstate net neutrality rules has finally received support from a House Republican.

      US Rep. Mike Coffman (R-Colo.) today announced his support for the bill. Coffman is signing a discharge petition that would force the House to vote on a Congressional Review Act (CRA) resolution; the resolution would reverse the Federal Communications Commission’s repeal of its net neutrality rules.

  • DRM

    • Pirates Punish Denuvo-Protected Games With Poor Ratings

      Denuvo’s anti-piracy technology is a thorn in the side of game pirates. While it has been defeated on several occasions recently, the strict anti-piracy measures have not been without consequence. According to new research, Denuvo has frustrated pirates to a point where they sabotage reviews on Metacritic, leading to significantly lower ratings for protected games.

  • Intellectual Monopolies

    • Actual Use vs Inherent Disclosure: Endo v. Custopharm

      The claimed invention here requires the use of testosterone undecanoate (TU) at a concentration of 250 mg/ml in a vehicle containing a mixture of about 40% castor oil and 60% benzyl benzoate. (Claim 1 of the ‘640 patent). Three key prior art references are all research articles that report using the same concentration of TU and also the castor oil. The prior-art articles do not, however, actually report that benzyl benzoate was used — it turns out though that the researchers (including one overlapping listed inventor here) used the same 40/60 split of castor oil and benzyl benzoate. The asserted claim 2 adds a limitation that 750 mg TU is injected — the articles describe the use of 1000 mg.

      A primary question on appeal was whether the prior art articles inherently taught the benzyl benzoate concentration. “Custopharm contends that the Articles inherently describe the vehicle formulation (40% castor oil and 60% benzyl benzoate).”

    • Trade Secret Litigation in Federal Court

      The basics: Federal Trade Secret litigation is up about 30% following enactment of the Defend Trade Secrets Act (DTSA) in 2016. (1134 cases filed in 2017). The DTSA created a federal cause of action for trade secret litigation and resulting original jurisdiction in federal court for the federal claims. Prior to the DTSA, state-law trade secret claims found their way into federal court either via supplemental jurisdiction (typically linked to an a federal IP claim) or via diversity jurisdiction (parties from different states).

    • Upping the Trade War with China

      Earlier in 2018, the Office of the US Trade Representative (USTR) imposed a 25% added-value tariff on a set of particular Chinese-made products expected to valued at about $34 billion per year. A prior notice indicated a plan to increase the 25% tariff to $50 billion worth of goods (an additional $16 billion on Chinese goods ). Doing the math here – the US is planning here to collect $12.5 billion in tax revenue from the Chinese goods entering into the US. Although a tariff already applied to most Chinese imports, the rate is usually less than 5%.

    • China IP Office released major IP statistics of the first half of 2018

      By the end of June 2018, the cumulative number of invention patents held by the Chinese mainland is 1,475,000, namely 10.6 invention patents for every 10,000 head of population.

    • House Subcommittees Hold Hearing on China’s Predatory Trade, Investment Strategy

      On the afternoon of Wednesday, July 11th, the House Subcommittee on Terrorism, Nonproliferation, and Trade and the House Subcommittee on Asia and the Pacific held a joint hearing titled China’s Predatory Trade and Investment Strategy. The day’s hearing featured discussion of actions the U.S. government should be taking in order to counter deceptive trade practices pursued by the Chinese government, a topic which has become a main theme of the administration of President Donald Trump.

    • Fractus sues Oppo in China, setting up a big test for both sides

      Barcelona-based antenna technology developer Fractus yesterday announced in a press release that it has filed patent litigation in China against mobile manufacturer Oppo. In doing so it has become one of relatively few foreign licensors to assert Chinese patents against a local company. Oppo has been rapidly buying up overseas patents, but its second major international litigation dispute will play out at home. Fractus has not named the specific patent being asserted in its campaign before the Shanghai IP Court, but it is aimed at securing a licence to the firm’s broader portfolio of geometry based antenna technologies.

    • Copyrights

      • Research Confirms The Anecdotal Evidence: Internet Content Filters Are A Waste Of Money

        Internet filtering — whether it’s for copyright reasons or “for the children” [INSERT FAVORED OFFENSIVE CONTENT HERE] — doesn’t work. It certainly never works as well as advertised. And when those ads are being paid for with your tax dollars to push filters that make the internet worse for the sake of making the internet “safer,” you’d probably like to ask for a refund.

        The UK is implementing porn filters and adding in fun stuff that’s less definable like “extremist content. ” Governments all over Europe want the biggest service providers to filter out whatever happened to be offending them this legislative session. Most recently, it was copyright infringement. Fortunately, the EU’s proposed filtering legislation died before it could ruin the internet, but its unwieldy corpse is bound to be reanimated by seething publishers and performance rights groups.

        But, hey, maybe a metric ton of anecdotal evidence isn’t enough to convince you filtering doesn’t work. Maybe you need more than failure after spectacular failure to erase your faith in harder nerding/legislative busywork. Maybe you’re cool with overblocking and will simply close your eyes (and your browser) when the filter doesn’t do any filtering at all.

      • EPIC Bravely Defeats 14 Year Old’s Mom In Court To Continue Lawsuit Against Her Son For Cheating In Fortnite

        Earlier this year, we wrote about EPIC, makers of the popular Fortnite game, picking up the baton from Blizzard to pretzel copyright law such that it believes it can sue those that cheat in its game for copyright infringement. This belief centers on the claim that these cheaters break the EULA, despite the fact that no actual copying occurs when breaking a EULA. To make PR matters worse for EPIC, the company managed to sweep up a fourteen year old in its lawsuit-blitz. Despite the teenager supposedly being quite brazen in his use of cheats, and in his communications to others about how to cheat in Fortnite, I had assumed that EPIC would find a way to quietly back away from this particular suit, given how shitty the optics would be. It did the opposite, pursuing the case and seeking a summary judgement after the teenager failed to respond. The court refused, however, citing a letter to the court from the teen’s mother, who argued that the suit against her son was overkill and, critically, that the argument over the EULA was null because her minor son couldn’t legally enter into such an agreement without her input.

        Rather than again trying to salvage some PR positivity from any of this, EPIC then decided instead to take on the mother’s letter as a legal matter, with its lawyers countering it as a legal argument. EPIC argued that caselaw is clear that such contracts aren’t void, even if one party is a minor, so long as that minor enjoyed the benefits of the contract. Unfortunately, the judge in the case has decided that he will not dismiss and will allow this lawsuit to move forward.

      • Pirates Are Increasingly ‘Going Legal’ in France

        While the French Government mulls how to counter streaming piracy, local pirates are increasingly going legal. Not only are there less French pirates, the remaining ones are also consuming less and are increasingly signing up with legal streaming services such as Netflix.

      • French Pirates Are Increasingly Buying Through Legal Options

        Do you guys remember Hadopi? This French version of a law designed to kick copyright infringers off of the internet essentially ended in 2016, after all kinds of reports showed the program to be an inefficient, unreasonably harsh failure that actually resulted in more infringement rather than less. Well, this travesty probably seems altogether silly here in 2018, given that Hadopi largely targeted filesharing infringement, while the majority of “piracy” these days takes the form of streaming content online rather than downloading it. Those enforcing Hadopi have no real way to track that kind of “piracy”, making the whole thing useless.

        But the French government appears to want to see if it can repeat its mistakes all over again, with reports that it will institute a streaming site blacklist, which will be every bit as effective as Hadopi. Making all of this especially odd is that it comes at a time when so-called pirates in France are increasingly turning to legal offerings and spending gobs of money on them.

      • Movie & TV Giants Apply For Broadest Ever Piracy Blocking Injunction

        A large coalition of movie and TV show companies has filed for a record-setting site-blocking injunction Down Under. Village Roadshow and several Hollywood companies have teamed up with Hong Kong-based Television Broadcasts and local distributor Madman Entertainment Pty. If successful, the application will force Australian ISPs to block 151 domains linked to 77 ‘pirate’ sites.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

This post is also available in Gemini over at:

gemini://gemini.techrights.org/2018/07/19/krita-4-1-1/

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. Links 10/5/2021: Huawei's GNU/Linux Laptops and Kotlin 1.5.0

    Links for the day



  2. Richard Stallman on Writing rm, ls, and cp (Also Working on Bison)

    Dr. Richard Stallman, the Free Software Foundation's founder, explains what programs he developed in the eighties



  3. Raise the Roof

    Out comes the taxpayers’ subsidy, assured; with military the sky is the limit (and bailout guaranteed)



  4. Richard Stallman Replatformed 10 Hours From Now

    Link to the talk (when it goes live)



  5. [Meme] Bill Says, Bill Saves

    Bill Gates seems more likely to be indicted than to win a presidential election/term



  6. IRC Proceedings: Sunday, May 09, 2021

    IRC logs for Sunday, May 09, 2021



  7. According to the Wall Street Journal, Bill Gates’s Relationship with Jeffrey Epstein Caused the Bill-Melinda Divorce (While the Media Deflected to Dr. Stallman, Using a Phony 'Scandal')

    It’s becoming rather obvious that there’s real substance to accusations that Mr. Gates was in some sense enabling Jeffrey Epstein; while Gates-funded media told us that he was saving us from climate change and a pandemic (PR stunts for empathy and sympathy) Melinda worked really hard to distance herself from him, the father of her kids



  8. [Meme] Bill, What's Your Opinion?

    While it's ludicrous to insinuate that Mr. Gates somehow "started" COVID-19 he certainly "rode the wave" for reputation laundering purposes, profit, and distraction from scandals that precede the epidemic in China (and caused his marriage to break down)



  9. Links 10/5/2021: SystemRescueCD 8.03, KeePass 2.48 Released

    Links for the day



  10. How We Process and Upload Videos Hosted in Techrights

    With ffmpeg as the Swiss army knife (and various other utilities/programs ‘in between’) it’s possible to automate much of the pipeline associated with video production and self-hosting



  11. Richard Stallman's Free Software Speech in 2020 (FSF Turning 35)

    We've re-encoded (as WebM) the likely sole/only speech Richard Stallman gave about his movement last year; today seems like a suitable time to republish it because tomorrow a British university/group will replatform him (to use their term)



  12. The Chaos Theory

    Making GNU/Linux less stable and less predictable isn't good for GNU/Linux users; but it certainly helps sell Red Hat support contracts and vexation inside the community weakens Red Hat's competitors



  13. Gemini and Techrights: Still Growing in Gemini Space and Always Supporting/Loving the Protocol

    As we continue to expand in Gemini space (where our very large site became a very large and likely the largest capsule) it's worth explaining some of the overlooked merits of the protocol; unlike the World Wide Web (WWW) it does not impose things on the user/visitor, who is more or less in charge



  14. Links 9/5/2021: KDE Frameworks 5.82.0 Release and Patents Related to COVID Subjected to Waivers

    Links for the day



  15. Act More 'Professional' to Appease Mobs

    We should all think alike, dress alike, and like everybody (especially the business overlords)



  16. IRC Proceedings: Saturday, May 08, 2021

    IRC logs for Saturday, May 08, 2021



  17. Some Background on the Free Speech Society at the University of Buckingham, Where Richard Stallman is Being 'Replatformed'

    A private British university, the University of Buckingham, will 'host' (virtually) the most-defamed person in the Free software world; the Free Speech Society is only two years old and rationality for its existence is explained by its co-founder James Oliver



  18. Web Sites or News Sites Perish When Their Arguments Are Weak and/or Invalid

    "Just be honest!" is a simple motto for any site; but some sites sell out in pursuit of money or grandiosity, unlike us (we turned 14.5 years old on Friday)



  19. GNU/Linux Turns 38 (in 4 Months From Now)

    Contrary to what the Linux Foundation wants you to think, the operating system turns 38 later this year



  20. Richard Stallman: Steve Jobs Did Some Very Bad Things

    Dr. Richard Stallman told me about Steve Jobs that he had helped digitally imprison computer users



  21. GNU/Linux Founder Richard Stallman to Give a Talk at the University of Buckingham Tomorrow (Live Stream)

    Tomorrow it will be possible to watch this new talk live using Free software



  22. Then We Take Berlin...

    Homage to EPO, based in Munich and Berlin (and defended by the government in Berlin)



  23. The Right to Assemble, Fundamental Rights of Ownership, and Many Other Rights Are Under Attack

    Techrights will be dealing a lot more with erosion of what people have come to assume were “rights” (real rights, such as human rights, labour rights, not copy “rights” or patent “rights”); when rights are reduced to rubble the long-term consequences are severe, shows history



  24. TechBytes Episode 91: End of Privacy and End of Windows 10X

    Tim and Roy produce their 2nd audiocast since TechBytes returned



  25. The Cancel Song

    People who work for (or receive funding from) Nazi-associated IBM are still trying to turn the work/legacy of Richard Stallman (RMS) into dust/ashes



  26. Pro-Software Freedom Advocates and Free/Libre Software Supporters Face Barriers Due to Domination of Communication Channels (Beyond the Media)

    A carefully-checked assessment of an overlooked aspect surrounding the 'cancel mob', which incites and brainwashes people based on lies; there's an attempt to control channels of communication (e.g. Open and Free Technology Community and Freenode) and to generally suppress people who support the founder of GNU/Linux



  27. Bashing Free Software and GNU/Linux is a Terrible Business Model for Publishers

    Contrary to unflattering portrayals by hostile media that's sponsored by foes of Free software, the usage of Free software grows, even if things such as DRM and surveillance stand in the way of software freedom (which was wrongly assumed to be ushered in by Free software, irrespective of malicious features like 'telemetry')



  28. Links 8/5/2021: GIMP 2.99.6, Wine 6.8 Released

    Links for the day



  29. IRC Proceedings: Friday, May 07, 2021

    IRC logs for Friday, May 07, 2021



  30. [Meme] Outsourcing Audacity Development to Microsoft Proprietary Software and Then Copying Microsoft Tactics (and 'Telemetry')

    They've had the audacity to call it "telemetry" and pretend that surveillance companies (spying giants) cannot figure out who you are based on IP addresses


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts