• Distributions
• Devices/Embedded

Server

• Open source hypervisor technical support, update considerations

  Even though open source software itself is completely free to obtain and use, effective hypervisor technical support options for production environments might cost money.

  [...]

  Ultimately, an open source hypervisor might lack a meaningful development roadmap. Features, compatibilities and optimizations might take years to arrive, if ever, depending on the skills and objectives of the developer community. And effective technical support options might cost money, even though the open source software itself is completely free to obtain and use. This means it’s extremely important for potential adopters to perform extensive due diligence testing before adopting an open source hypervisor.

Kernel Space

• The Performance Cost Of Spectre / Meltdown / Foreshadow Mitigations On Linux 4.19

  One of the most frequent test requests recently has been to look at the overall performance cost of Meltdown/Spectre mitigations on the latest Linux kernel and now with L1TF/Foreshadow work tossed into the mix. With the Linux 4.19 kernel that just kicked off development this month has been continued churn in the Spectre/Meltdown space, just not for x86_64 but also for POWER/s390/ARM where applicable. For getting an overall look at the performance impact of these mitigation techniques I tested three Intel Xeon systems and two AMD EPYC systems as well as a virtual machine on each side for seeing how the default Linux 4.19 kernel performance — with relevant mitigations applied — to that of an unmitigated kernel.

• Linux Foundation on Track for Best Year Ever as Open Source Dominates

  Zemlin noted that Linux now represents 100 percent of the supercomputer market, 90 percent of the cloud, 82 percent of the smartphone market and 62 percent of the embedded systems market. He added that in every market Linux has entered, it eventually dominates.

  The Linux Foundation in 2018 is about much more than Linux and is home to the world’s largest SSL/TLS certificate authority with Let’s Encrypt. It is also home to the Cloud Native Computing Foundation (CNCF), which runs the Kubernetes container orchestration project.

  Zemlin noted the Linux Foundation’s Automotive Grade Linux project is now backed by 12 major auto vendors and is slated for production in millions of vehicles worldwide. The Hyperledger project is another Linux Foundation led effort, which is developing enterprise blockchain technologies.

• Linux Kernel Developer Criticizes Intel for Meltdown, Spectre Response

  At the Open Source Summit North America here on Aug. 29, Greg Kroah-Hartman warned attendees about the severe impact the Meltdown and Spectre CPU vulnerabilities could have on them, as well as detailed how Linux kernel developers are dealing with the flaws.

  Kroah-Hartman is one of the world’s leading Linux kernel developers, with responsibility for maintaining the stable Linux kernel, and is employed by the Linux Foundation as a Fellow. During his talk, Kroah-Hartman detailed the root impact and the response of Linux kernel developers for seven variants of Meltdown and Spectre, though he saved his strongest criticism for Intel’s initial disclosure.

  “Jann Horn discovered the first issues in July of 2017, but it wasn’t until Oct. 25 of last year that some of us in the kernel community heard rumors of the flaw,” he said. “That’s a long time, and we only heard rumors because another very large operating system vendor told Intel to get off their tails and tell us about it.”

• Supporting the NDS32 Architecture

  It looks like there’s no controversy over this port, and it should fly into the main tree. One reason for the easy adoption is that it doesn’t touch any other part of the kernel—if the patch breaks anything, it’ll break only that one architecture, so there’s very little risk in letting Green make his own choices about what to include and what to leave out. Linus’s main threshold will probably be, does it compile? If yes, then it’s okay to go in.

  The situation may start to become interesting if other parts of the kernel begin offering special behaviors for the NDS32 architecture, and if those behaviors start deviating too far from other architectures. For example, some architectures have special memory managing features that the kernel proper can take advantage of. Once NDS32 starts influencing code in other parts of the kernel, that likely would be the time Green’s patches start to get a lot more scrutiny.

• Linux kernel 4.18: Better security, leaner code

  The recent release of Linux kernel 4.18 followed closely by the releases of 4.18.1, 4.18.2, 4.18.3, 4.18.4, and 4.18.5 brings some important changes to the Linux landscape along with a boatload of tweaks, fixes, and improvements.

  While many of the more significant changes might knock the socks off developers who have been aiming at these advancements for quite some time, the bulk of them are likely to go unnoticed by the broad expanse of Linux users. Here we take a look at some of the things this new kernel brings to our systems that might just make your something-to-get-a-little-excited-about list.

• Linux Foundation

  • Solving License Compliance at the Source: Adding SPDX License IDs

    Accurately identifying the license for open source software is important for license compliance. However, determining the license can sometimes be difficult due to a lack of information or ambiguous information. Even when there is some licensing information present, a lack of consistent ways of expressing the license can make automating the task of license detection very difficult, thus requiring significant amounts of manual human effort. There are some commercial tools applying machine learning to this problem to reduce the false positives, and train the license scanners, but a better solution is to fix the problem at the upstream source.

    In 2013, the U-boot project decided to use the SPDX license identifiers in each source file instead of the GPL v2.0 or later header boilerplate that had been used up to that point. The initial commit message had an eloquent explanation of reasons behind this transition.

  • Yocto Project Welcomes New Members, Advances Open Source Embedded Systems Through Momentum

    The Yocto Project, an open source collaboration project that helps developers create custom Linux-based systems for embedded products, today announces continued growth with two new platinum members, an upcoming project release and ongoing community engagement.

    The Yocto Project provides a flexible set of tools and a space where embedded developers worldwide can share technologies, software stacks, configurations, and best practices to create tailored Linux images for embedded and Internet of Things (IOT) devices. The Yocto Project launched in 2011 and currently has over 22 active members.

  • Arm and Facebook join Yocto Project

    Arm and Facebook have joined Intel and TI as Platinum members of the Yocto Project for embedded Linux development. Meanwhile, the Linux Foundation announced 47 new Silver members.

    The Linux Foundation’s seven-year old Yocto Project was originally an Intel project, and the chipmaker has continued to nurture it over the years. Yet, the Yocto Project’s collection of open source templates, tools, and methods for creating custom embedded Linux-based systems was quickly embraced by the Arm world as well as x86. Now, the technology’s presence in Arm Linux has been reinforced at the membership level with Arm and Facebook joining Intel and Texas Instruments as Platinum members. In other news, the Linux Foundation announced 51 new Silver and Associate members (see farther below).

  • Google Hands Off Kubernetes to the Cloud Native Computing Foundation, Kinetica Joins Automotive Grade Linux, NordVPN Releases NordVPN Linux App, Storj Labs Announces The Open Source Partner Program and Update on Librem 5 Phone

    Google is handing over control of the Kubernetes project to the Cloud Native Computing Foundation. According to the TechCrunch post, Google is providing the foundation $9 million in Google Cloud credits to help cover the costs of building, testing and distributing the software.

  • Going Deeper and More Distributed, Linux Introduces Two New Projects

    There seems to be no stopping the Linux Foundation these days, as their support of open source code and positively disrupting entire industries continues, this week with the announcement of two new projects: Angel and Elastic Deep Learning (EDL).

    This comes at a time when the world’s largest telecom and technology companies are joining the Foundation and contributing substantial projects and source code; in the case of these latest projects, they surfaced as part of the LF Deep Learning Foundation, introduced in March of this year. LF Deep Learning is an umbrella organization to support open source innovation in AI, ML and deep learning.

    AT&T and Tech Mahindra were among the founding members of Deep Learning and donated their Acumos AI project to get a big and growing party started. Acumos is a platform for the development, discovery and sharing of AI models and AI workflows, and is being leveraged by heavyweight co-founders Amdocs, Huawei, Nokia, ZTE, Tencent and Baidu.

  • Corporate Open Source Programs are on the Rise as Shared Software Development Becomes Mainstream for Businesses

    “Almost every organization today uses open source code and it has become table stakes for most businesses, even though it’s not always fully understood at the executive or strategic level,” said Chris Aniszczyk, CTO of the Cloud Native Computing Foundation and Co-Founder of the TODO Group at The Linux Foundation. “The results of the Open Source Program Management Survey point to a growing awareness by decision makers of the need for formal open source programs and policies to manage how open source code is used and produced, as well as an increasing understanding of how it can be strategically integrated into a company’s business plans.”

• Graphics Stack

  • AMD ROCm 1.8.3 Released To Fix Breakage With Latest Ubuntu 18.04 Kernel

    While still waiting on the ROCm 1.9 release to happen, version 1.8.3 of the Radeon Open Compute stack was released for Linux systems.

    This latest point release to ROCm 1.8 comes just to fix a build regression against the latest Ubuntu 18.04 kernel update.

  • mesa 18.2.0-rc5

    The fifth release candidate for the Mesa 18.2.0 is now available.

  • Mesa 18.2-RC5 Released With Another

    Mesa 18.2 will be slipping into September with two open Intel driver bugs still blocking the official release.

    Andres Gomez of Igalia announced the fifth release candidate of Mesa 18.2 on Thursday. There are 23 bugs part of the RC5 release. But a SynMark performance regression and OpenGL Piglit test case failure both with the Intel driver stack are blocking the official 18.2.0 release, which was originally talked about for last week.

  • Introducing freedesktop.org GitLab

    This is quite a long post. The executive summary is that freedesktop.org now hosts an instance of GitLab, which is generally available and now our preferred platform for hosting going forward. We think it offers a vastly better service, and we needed to do it in order to offer the projects we host the modern workflows they have been asking for.

    In parallel, we’re working on making our governance, including policies, processes and decision making, much more transparent.

• Benchmarks

  • pvmove speed

    The left part is with pvmove. The right part, two and a half times as fast, is with… tar piping to tar.

    Oh well, I remember the days when pvmove was 1–2 MB/sec. But it’s still not very impressive

Applications

• Top 10 Linux applications for entertainment and leisure

  As the summer vacation season comes to a close in the northern hemisphere I reflect on 10 applications my family and I used during the summer to keep ourselves entertained. All of the following applications are available as Snaps that work on all major Linux distros once snapd is installed.

  The Snapcraft team share 3 new and interesting applications each week via the Snapcraft Twitter account, so give us a follow to stay informed.

• VLC Saw A Lot Of Exciting Work Thanks To Google Summer of Code 2018

  The VLC media player was one of the big recipients of this year’s Google Summer of Code with seeing several students work on some pretty interesting projects.

  Some of the work carried out this summer in the name of VLC via GSoC 2018 were:

  - Reworking of the VLC Qt interface bits. The work accomplished here was primarily rewriting the player’s control bar in QML to replace the previous Qt/C++ code. The control bar was reworked into using QML but several outstanding items remain.

• Instructionals/Technical

  • Five nines with Dnsmasq

  • Beginner’s Guide: How To Install Ubuntu Linux

  • Which basic Linux file management commands should I know?

  • Linux Fu: Modernize Your Command Line

  • How to change language of interface in VLC player

  • [Old] Hands On Tutorial on Compiling Source Tarballs and create *.deb executable

    This simple tutorial would show how to compile source tarballs (*.tar.gz, *.tar.bz2) and create a *.deb installer in Ubuntu.

  • How To Reset MySQL Or MariaDB Root Password

  • How to Install Omeka Classic CMS on Ubuntu 18.04 LTS

  • How to Install Invoice Ninja on Debian 9

  • How to Change Login/Lock screen background in Ubuntu 18.04

  • Linux colrm Command Tutorial for Beginners (with Examples)

  • 8 Ways to Customize your Ubuntu 18.04 Desktop

  • Display Extensive Media Information In Nautilus, Nemo Or Caja Using MediaInfo Tab Extension

  • File Timestamps in Linux: atime, mtime, ctime Explained

  • How to Update Firmware on Ubuntu 18.04 [Quick Tip]

• Wine or Emulation

  • Dual boot issues and the Black Screen of Death

    As is the case for many open source enthusiasts, I am the go-to person in my family for solving PC issues. I enjoy messing with computers and solving technical challenges. Over the last few weeks, I had a lot of Windows encounters.

    [...]

    There are a lot of (older) discussions on the internet about Linux driver issues. From my experience over the last few years, I only encountered such issues in the area of Broadcom WiFi and Bluetooth drivers. Everything else was always detected without a problem. This recent experience showed me that on the Windows side, these issues are still around. People who buy a PC with Windows 10 pre-installed, will never encounter these issues, as they are handled by the OEMs. But if you upgrade such a PC to a newer version of Windows, you might run into them. For people that are less technical (and scared of the Windows Command prompt), this is something they simply will not be able to resolve themselves. On openSUSE Leap, there are no Intel HD Graphics issues (and I tested 13.2, 42.1, 42.2, 42.3 and 15). So the grass is definitely greener on the openSUSE side.

  • 4 Ways to Run Linux Commands and Software on Windows

    So, all the times we have written about platform applications for another platform, it was with regards to the availability of Windows software for the Linux platform.

    What if you want to run Linux software on Windows? Afterall, there are certain features that are peculiar to Linux and sometimes, Unix-like platforms.

  • How to install Linux Mint 19 alongside Windows

    Windows can stay on your computer, when you install Linux Mint 19! It’s handy to turn your computer into a dual boot machine. That way you can choose each time you turn on your computer, what operating system you want to boot: Mint or Windows.

• Games

  • Valve’s Steam for Linux compatibility tool already has 1,000 perfectly playable games

    Last week, Valve brought Windows game compatibility to Linux in the form of an official tool for Steam. The team had been working on this new compatibility tool for around two years and now that it is in public beta, the community has been quick to test it. While Valve’s initial wave of officially approved games was fairly small, community testers have figured out that close to 1,000 games are already perfectly playable on Linux now.

  • Two Point Hospital released with same-day Linux support

    The comedy building sim Two Point Hospital from Two Point Studios and SEGA is now out with official Linux support.

    Note: Copy personally purchased as they did not provide a review code. Due to this, any actual review will be delayed.

  • SPLASH BLAST PANIC, another local co-op party game available for Linux

    If you’re in the mood for another local party game for your Linux box, SPLASH BLAST PANIC [Official Site] released this week with Linux support.

  • The latest Sunless Skies update overhauls the combat and AI behaviours

    Failbetter Games have just put out a fresh update for Sunless Skies to improve many parts of the combat. Their main aim, is to make the combat feel more satisfying as well as improved AI behaviours.

  • MeatPossible: Chapter 1.5 is a frantic side-scrolling action game following a comic that’s coming to Linux

    I found the idea of MeatPossible: Chapter 1.5 quite cool, a frantic side-scrolling action game that acts as a side-story from a free web comic.

    The comic can actually be viewed online here, although I’ve not really any idea what’s going on in it as the comic seems to explain nothing. From what I can gather, it looks like this side-story follows a character trying to reach the Princess to save her who arrives at Chapter 1.5 in the actual comic strip.

  • The excellent and tricky platformer Slime-san is to get a level editor

    Slime-san is an excellent example of how to do a simple-looking platformer, filled full of awesome content and some quite difficult levels. After getting a few free expansions it’s now getting a level editor.

  • MMO tactical shooter Mavericks still planned for Linux, will have a one thousand player Battle Royale

    The developers of the exciting tactical shooter Mavericks [Official Site] have confirmed again that a Linux version will come. They’ve now announced that it will launch for Windows on September 20th for their special Founders (later for everyone else), which isn’t exciting for us obviously.

Desktop Environments/WMs

• K Desktop Environment/KDE SC/Qt

  • My experience in Akademy.

    And there I was: Flying the longest flight I’ve ever flown. The journey had started two years ago, when I joined Nitrux. I was a very excited about it! After lots of lines of code (and days, too), I was traveling to Guatemala City, expectant about how would Akademy was going to be like. After landing on Alajuela, again on Madrid, and finally on Vienna, I found myself amazed. I was there! I was there!

    Akademy started for me on august 14, because of a delay on my flight. That day I assisted to the Maui Project BoF, which was lead by my friend Camilo, and to the Kirigami BoF. Both of them were great, as I met awesome people in there and I learnt a bunch of interesting things about Kirigami. After that, I walked by the streets of Vienna with my good friend Uri.

  • Improve your C++ code in KDevelop with Clang-Tidy

    You might be aware of Clang-Tidy, the clang-based C++ “linter” tool which allows static analysis of your code, including fixing it automatically where possible.
    And you remember the introduction of the “Analyzer run mode” with version 5.1 of KDevelop, the extensible cross-platform IDE for C, C++, Python, PHP and other languages.

    [...]

    Learn more about the kdev-clang-tidy plugin from its README.md file, e.g. how to build it, how to package it, how to use it, where to report issues, and what the planned roadmap is.

    The latest released kdev-clang-tidy version is currently also included in the Nightly AppImage builds of the current stable KDevelop code version (which already switched to the 5.3 branch).

• GNOME Desktop/GTK

  • Work Started This Summer On Adding System Power Information To GNOME-Usage

    GNOME’s Usage application that allows visualizing processor, memory, disk, and network usage may soon be able to report your system’s power consumption data.

    Student developer Aditya Manglik spent the summer participating in Google Summer of Code 2018 where he had been working on implementing a power panel within the GNOME-Usage program. The goal was to provide power metrics backed by UPower for being able to report per-application power usage (percentage), hardware devices consuming the most power, and displaying this all nicely inside gnome-usage.

    The concept is akin to Intel’s PowerTop but for nicely displaying all available system power consumption data — based upon what’s supported by the system hardware, etc — via the GNOME-Usage utility.

Distributions

• Reviews

  • Zorin OS 12.4 Core and Ultimate – The Biggest Release Yet

    Zorin OS is a material-inspired, Ubuntu 16.04 LTS-based GNU/Linux distro that offers users the ability to customize their desktop in any way they like.

    It is powered by the long-term supported Linux 4.4 kernel, and ships with the Zorin Desktop 2.0 desktop environment which is a major revamp given that it comes with an advanced universal search functionality, richer notifications, and support for advanced display features on modern PCs, among others.

    According to the release statement, this release is the biggest the OS has ever seen. This version 12 comes in two variants, Core and Ultimate, and according to its release announcement, it is “the biggest release in the history of Zorin OS” with over a year of planning and development.

    It has 4 editions that you can pick according to your needs and they are Core, Lite, Ultimate, and Business.

• OpenSUSE/SUSE

  • SUSE builds momentum with innovative open source offerings

    Jay Lyman, principal analyst for 451 Research, said, “Over the past few years, SUSE has expanded its portfolio into new areas, such as storage, cloud, containers and application delivery. With new independence and backing from Swedish private equity (PE) firm EQT Partners, SUSE is answering market demand for a neutral, yet comprehensive hybrid cloud platform that supports multiple public and private clouds as well as on-premises infrastructure integration with software such as its SUSE Linux Enterprise 15.”

  • SUSE Builds Momentum with Innovative Open Source Offerings, Revenue Growth and Commitment to Enterprise Customers

    SUSE® is an open source pioneer that has provided enterprise-grade software to tens of thousands of organizations for more than 25 years. As SUSE prepares to embark upon its next phase of corporate development as a stand-alone company*, it continues to grow and build momentum with its core products, emerging solutions, communities and partners while expanding its presence in new market segments. SUSE is better positioned than ever before to shepherd enterprises through the demands of digital transformation with open source innovation and expertise in software-defined infrastructure, application delivery and cloud technologies.

• Red Hat Family

  • Red Hat offers infrastructure migration service

    Red Hat is offering an infrastructure migration service designed to help enterprises modernise digitally. It provides a route to cloud-native application development via Linux containers, Kubernetes, automation and other open source technologies.

    Using capabilities based on Red Hat’s management technologies, including Red Hat Ansible Automation, new workloads can be delivered in an automated fashion with self-service. These capabilities enable IT to recreate such workloads quickly in hybrid and multi-cloud environments. Existing workloads are analysed and transferred in a controlled manner using enterprise-grade tooling to satisfy workload-specific business requirements.

  • Finance

    • What You Must Know?: Red Hat, Inc., (NYSE: RHT)

    • Are These Stocks Back Into Fair-Value Territory? Red Hat, Inc. (RHT), WPX Energy, Inc. (WPX)

    • Outshines Stocks with Rosy Performance Scores: Red Hat, Inc. (NYSE:RHT)

• Debian Family

  • Derivatives

    • Canonical/Ubuntu

      • Ubuntu Podcast from the UK LoCo: S11E25 – The Wrong Side of Twenty-Five – Ubuntu Podcast

        This week we’ve been upgrading a Steam box. We discuss Steam Play beta and Proton, Google’s salty disclosure of security issue in the Android installer for Fortnite, and Windows 95 being available for all the things. We also round up the community news.

      • Recommended GNOME Shell Extensions for Ubuntu 18.04

        Continuing tradition, here’s my list of nice GNOME Shell Extensions for Ubuntu 18.04 LTS. They are Extensions (handy extensions enable/disable switcher), AlternateTab (remove grouping in Alt+Tab), NetSpeed (show internet speed) Focusli (innovative focus-while-working tool), and 7 more. Happy installing and be more productive!

      • The enterprise deployment game-plan: why multi-cloud is the future

        It wasn’t too long ago that hybrid cloud was the go-to strategy for enterprises, garnering the attention of CIOs and CTOs around the world.

        And it’s clearly here to stay. Analyst firm 451 Research estimates that 69% of enterprises will be running hybrid IT environments by 2019, while Gartner predicts that 90% of organisations will adopt hybrid infrastructure management capabilities by 2020.

        But the world of cloud is changing. In recent months, hybrid cloud has been overtaken by its close relative ‘multi-cloud’, with 79% of businesses already admitting to working with more than one cloud provider. For those who are prepared to embrace a mix of providers across both public and private platforms, multi-cloud is now widely considered to be the future of cloud computing.

      • Ubuntu Guide: How To Install Nvidia Drivers And Play Windows Games On Linux

      • Flavours and Variants

        • Enlightenment Has Limits in Bodhi Linux

          Bodhi Linux is elegant and lightweight. It is worth putting this distro through its paces. It will not please every power user, but it offers a nice change of pace.

          This distro can be a productive and efficient computing platform. Bodhi is very easy to use. It has a low learning curve. New Linux users can get acquainted right away.

          Bodhi’s minimum system requirements are a 500mhz processor with 256 MB of RAM and 5 GB of drive space. You will get better performance from a computer with a 1.0ghz processor powered by 512 MB of RAM and 10 GB of drive space.

          The installation routine is driven by the Ubiquity Installer. No surprise there since Bodhi is based on Ubuntu Linux.

Devices/Embedded

• Raspberry Pi-based ZeroPhone promises ‘an open-source, Linux-powered’ handset

  If you’re looking for a smartphone that doesn’t harvest data 24/7, then the ZeroPhone may be the device for you.

  A project to build the $50 phone has been launched on Crowd Supply, promising to deliver “an open-source, Linux-powered” handset with “no carrier locks, bloated apps, or data mining” and that “doesn’t depend on big companies”.

  Android smartphones have hit the headlines recently, firstly for Google tracking users who had switched location tracking off and for sending data to Google’s servers 50 times more often than an iPhone.

• Android

  • Latest Oxygen OS Update Brings Front Portrait And Gaming Mode 3.0 To OnePlus 5/5T

  • Wear OS gets a makeover: Everything you need to know

  • Samsung Might Finally Start Taking Android Updates Seriously

  • Sony Xperia XZ3 Unveiled with OLED Screen and Android Pie

  • Which phone manufacturer makes the worst Android skin?

  • The best Android widgets for busy professionals

  • Android ‘API breaking’ vulnerability leaks device data, allows user tracking

  • Spotify for Android tests new ‘Friends Weekly’ feature, revamped Now Playing UI

  • Android phones to have 85% global market share in 2018: IDC

  • Android Smartphones Can Finally Use Olloclip’s Adjustable Lenses

  • The LG G7 One is an Android One flagship without the LG software

Pixvana VR Video Streaming Tech Is Now Open Source

Pixvana today announced that it’s no longer keeping a tight grip on it’s high-resolution VR video streaming technology. The company believes that releasing an open-sourced version of its SPIN Play SDK should spur app developers to adopt its technology and push adoption of immersive video formats.

Pixvana’s video streaming technology is a cloud-based system with a drag and drop interface that allows developers to import 360-degree and 180-degree video content in both mono and stereo configurations at up to 16K resolution. The open-source SPIN Play SDK and Apache 2.0 library is compatible with the Unity engine, which should enable developers to adopt the platform rapidly and with ease.

The SPIN Play SDK offers support for VR-native playback projections and Field of View Adaptive Streaming, which reduces the bandwidth requirements by delivering only the image within the user’s current field of view.

Pixvana Open-Sources SDK to Advance VR Video Streaming Apps

Pixvana, a company that powers the future of XR storytelling and immersive media, today announced that it is open-sourcing its software development kit (SDK), allowing third-parties to incorporate Pixvana’s cloud-services and VR video streaming technology with their own publishing infrastructure to create high-quality branded VR video applications.

Pixvana Open-Sources its VR Video Streaming SDK

Pixvana is a company focused on immersive media and XR storytelling by way of its SPIN Play platform. Today, it has announced the open-sourcing of its software development kit (SDK) for third-parties to use.

Why Open Source Works for the Renewable Energy Sector

EPFL’s Blue Brain Project open sources interactive visualization tool — RTNeuron

The aim of the Blue Brain Project is to build accurate, biologically-detailed, digital reconstructions and simulations of the rodent brain. The supercomputer-based reconstructions and simulations built by the project offer a radically new approach for understanding the multi-level structure and function of the brain.

Airbnb Open-sources MvRx for Android App Development in Kotlin

MvRx (pronounced “mavericks”) help Android developers implement common features and integrating their apps properly with the OS. MvRx is written in Kotlin and powers all Android development at Airbnb, writes Airbnb engineer Gabriel Peal.

Release notes for the Genode OS Framework 18.08

With Genode 18.08, we enter the third episode of the story of Sculpt, which is our endeavor to shape Genode into a general-purpose operating system. In the first two episodes, we addressed early adopters and curious technology enthusiasts. Our current ambition is to gradually widen the audience beyond those groups. The release reflects this by addressing four concerns that are crucial for general-purpose computing.

First and foremost, the system must support current-generation hardware. Section Device drivers describes the substantial update of Genode’s arsenal of device drivers. This line of work ranges from updated 3rd-party drivers, over architectural changes like the split of the USB subsystem into multiple components, to experimental undertakings like running Zircon drivers of Google’s Fuchsia project as Genode components.

Genode OS 18.08 Brings Support For Intel CPU Microcode Updating, Newer Linux Drivers

The Genode Operating System Framework is out with its latest release as well as an updated SculptOS that they are forging as their general purpose operating system.

Web Browsers

• Mozilla

  • Changing Our Approach to Anti-tracking

    Anyone who isn’t an expert on the internet would be hard-pressed to explain how tracking on the internet actually works. Some of the negative effects of unchecked tracking are easy to notice, namely eerily-specific targeted advertising and a loss of performance on the web. However, many of the harms of unchecked data collection are completely opaque to users and experts alike, only to be revealed piecemeal by major data breaches. In the near future, Firefox will — by default — protect users by blocking tracking while also offering a clear set of controls to give our users more choice over what information they share with sites.

  • Lunchtime brown bags

    Over the Summer I’ve come to organise quite a number of events in Mozilla’s London office. Early Summer we started doing lunchtime brown bags, where staff give a 10 ~ 15 minute informal talk about what they are currently working on or a topic of their interest.

Pseudo-Open Source (Openwashing)

• The Commons Clause – For Good or Bad

  The current debate about the Commons Clause, and other attempts to place restrictions on open source licences, is dividing opinion. But before taking sides first we need to understand what the Commons Clause does and why it is necessary.

  According to the README.md on its GitHub repo the Commons Clause is a Licence Condition contributed by FOSSA, a company which offers open-source licence management and drafted by Heather Meeker, a lawyer specializing in open source software licensing, including IP strategy, compliance, transactions, and disputes.

  The Commons Clause can be added as a commercial restriction on top of an open source licence to transition an existing open source project to a source availability licensing scheme, which means that while the source can be viewed, and in some cases modified, it is no longer fully open source. The restriction it imposes is that it denies the right to sell the software.

FSF/FSFE/GNU/SFLC

• Challenges in Maintaining A Big Tent for Software Freedom

  In recent weeks, I’ve been involved with a complex internal discussion by a major software freedom project about a desire to take a stance on social justice issues other than software freedom. In the discussion, many different people came forward with various issues that matter to them, including vegetarianism, diversity, and speech censorship, wondering how that software freedom project should handle other social justices causes that are not software freedom. This week, (separate and fully unrelated) another project, called Lerna, publicly had a similar debate. The issues involved are challenging, and it deserves careful consideration regardless of how the issue is raised.

  One of the first licensing discussions that I was ever involved in the mid 1990s was with a developer, who was a lifelong global peace activist, objecting to the GPL because it allowed the USA Department of Defense and the wider military industrial complex to incorporate software into their destructive killing machines. As a lifelong pacifist myself, I sympathized with his objection, and since then, I have regularly considered the question of “do those who perpetrate other social injustices deserve software freedom?”

  I ultimately drew much of my conclusion about this from activists for free speech, who have a longer history and have therefore had longer time to consider the philosophical question. I remember in the late 1980s when I first learned of the ACLU, and hearing that they assisted the Klu-Klux Klan in their right to march. I was flabbergasted; the Klan is historically well-documented as an organization that was party to horrific murder. Why would the ACLU defend their free speech rights? Recently, many people had a similar reaction when, in defense of the freedom of association and free speech of the National Rifle Association (NRA), the ACLU filed an amicus brief in a case involving the NRA, an organization that I and many others oppose politically. Again, we’re left wondering: why should we act to defend the free speech and association rights of political causes we oppose — particularly for those like the NRA and big software companies who have adequate resources to defend themselves?

Licensing/Legal

• Software created using taxpayers’ money should be Free Software

  It might seem obvious that software created using tax money should be available for everyone to use and improve. Free Software Foundation Europe recentlystarted a campaign to help get more people to understand this, and I just signed the petition on Public Money, Public Code to help them. I hope you too will do the same.

• Major Open Source Project Revokes Access to Companies That Work with ICE [iophk: "former open source now ... however, it is their code and they can change the license"]

  On Tuesday, the developers behind a widely used open source code-management software called Lerna modified the terms and conditions of its use to prohibit any organization that collaborates with ICE from using the software. Among the companies and organizations that were specifically banned were Palantir, Microsoft, Amazon, Northeastern University, Motorola, Dell, UPS, and Johns Hopkins University.

Openness/Sharing/Collaboration

• Open Access/Content

  • California Bill Is a Win for Access to Scientific Research

    The California legislature just scored a huge win in the fight for open access to scientific research. Now it’s up to Governor Jerry Brown to sign it.

    Under A.B. 2192—which passed both houses unanimously—all peer-reviewed, scientific research funded by the state of California would be made available to the public no later than one year after publication. There’s a similar law on the books in California right now, but it only applies to research funded by the Department of Public Health, and it’s set to expire in 2020. A.B. 2192 would extend it indefinitely and expand it to cover research funded by any state agency. EFF applauds the legislature for passing the bill, and especially Assemblymember Mark Stone for introducing it and championing it at every step.

    A.B. 2192’s fate was much less certain a few weeks ago. Lawmakers briefly put the bill in the Suspense File, a docket of bills to be put on the back burner because of their potential impact on the California budget. Fortunately, the Senate Appropriations Committee removed A.B. 2192 from the file after EFF explained that its fiscal impact would be negligible.

• Open Hardware/Modding

  • Lulzbot hints at SLA 3D printer addition to open source FFF portfolio

    Lulzbot, the open-source brand of the FDM 3D printers from Colorado-based manufacturer Aleph Objects, has hinted the development of an stereolithography (SLA) 3D printer in its latest newsletter.

    The newsletter heading states: “Wash Away Your 3D Printing Preconceptions: We’ve got the cure for the common printer—our newest solution will be released this September! We’re laser focused on the fine details, get on our wavelength to get the info first.”

  • LulzBot Teases New Open Source SLA 3D Printer, Coming September

    Hot on the heels of the release of its LulzBot Mini 2 desktop FDM 3D printer this summer (check out our full review here), LulzBot appears to be readying some new hardware.

    Teased in a fun email newsletter that packs more stereolithography puns than you could shake a resin-covered stick at, LulzBot posits a “cure for your high-resolution 3D printing needs.“.

    Such a system would mark a whole new direction for a company which, to date, has focused solely on fused deposition modeling (FDM) 3D printers.

  • Open source RISC-V implemented from scratch in one night

    Developed in a magic night of 19 Aug, 2018 between 2am and 8am, the darkriscv is a very experimental implementation of the opensource RISC-V instruction set.

Programming/Development

• Federated CI

  In the modern world, a lot of computing happens on other people’s computers. We use a lot of services provided by various parties. This is a problem for user freedom and software freedom. For example, when I use Twitter, the software runs on Twitter’s servers, and it’s entirely proprietary. Even if it were free software, even if it were using the Affero GPL license (AGPL), my freedom would be limited by the fact that I can’t change the software running on Twitter’s servers.

  If I could, it would be a fairly large security problem. If I could, then anyone could, and they might not be good people like I am.

  If the software were free, instead of proprietary, I could run it on my own server, or find someone else to run the software for me. This would make me more free.

  That still leaves the data. My calendars would still be on Twitter’s servers: all my tweets, direct messages, the lists of people I follow, or who follow me. Probably other things as well.

  For true freedom in this context, I would need to have a way to migrate my data from Twitter to another service. For practical freedom, the migration should not be excessively much work, or be excessively expensive, not just possible in principle.

  For Twitter specifically, there’s free-er alternatives, such as Mastodon.

Science

• Indian Government Aims to Take Down Predatory Journals

  Universities in India have until August 30 to present a “white list” of recognized journals to the University Grants Commission, a government body that provides funding and maintains higher-education standards in the country. In previously submitted recommendations, universities have included predatory journals, publishers that charge high fees for low-quality or no peer review.

Security

• Security updates for Thursday

• How to Roll a Strong Password with 20-Sided Dice and Fandom-Inspired Wordlists

  Here’s the not-so-secret recipe for strong passphrases: a random element like dice, a long list of words, and math. And as long as you have the first two, the third takes care of itself. All together, this adds up to diceware, a simple but powerful method to create a passphrase that even the most sophisticated computer could take at least thousands of years to guess.

  In short, diceware involves rolling a series of dice to get a number, and then matching that number to a corresponding word on a wordlist. You then repeat the process a few times to create a passphrase consisting of multiple words.

Defence/Aggression

• ‘We Were Guinea Pigs’: Soldiers Explain What Nuclear Bomb Blasts Feel Like

  After World War II, the UK, USSR, and US detonated more than 2,000 atomic bombs. In Britain, 20,000 soldiers witnessed atomic blasts conducted by their own government. Only a few of them are still alive today and the nuclear glow of the mushroom cloud they witnessed still haunts them. “Nuclear detonations, that was the defining point in my life,” Douglas Hern, a British soldier who experienced five nuclear bomb tests, told Motherboard.

Transparency/Investigative Reporting

• Julian Assange’s supporters reveal his health is failing, he’s not allowed visitors and has no internet or telephone access – and Ecuador plans to revoke asylum ‘imminently’

  Julian Assange is living a life of almost total isolation inside the Ecuadorian embassy in London amid failing health and fears he could soon be forced out, friends say.

  Vaughan Smith, a journalist and supporter of Assange, says he is worried for his well-being after he was banned from using the internet, phones or having visitors.

  Meanwhile there are rumors that Ecuador is being pressured to rescind Assange’s asylum so he can be arrested by British police and potentially extradited to the US.

• ‘She poses no threat’: Chelsea Manning tour promoters ask for discretion

  The organisers of whistleblower Chelsea Manning’s upcoming Australian speaking tour are calling on Home Affairs Minister Peter Dutton and newly sworn-in Immigration Minister David Coleman to use their discretion to grant entry to their client, after it was revealed the government has threatened to deny her a visa.

• US leaker Chelsea Manning to be barred from Australia

  Convicted classified document leaker Chelsea Manning will not be allowed to enter Australia for a speaking tour scheduled to start Sunday, her event organizer said on Thursday.

  Think Inc. said it had received on Wednesday a notice of intention from the government to deny Manning entry. The group is calling on her supporters to lobby new Immigration Minister David Coleman to allow her into Australia. While she can appeal, past precedent suggests the decision has already been made.

• Australia to bar WikiLeaks whistle-blower Chelsea Manning from entering country during speaking tour

Environment/Energy/Wildlife/Nature

• Natural Gas Industry Again Beats a Tiny West Virginia County That Wanted to Control Its Destiny

  A West Virginia county, whose elected leaders have vocally resisted natural gas industry operations, has again been told by a federal judge that it must allow the work to proceed.

  U.S. District Judge John Copenhaver ruled Wednesday that Fayette County commissioners can’t use their county’s local zoning ordinance to block a compressor station proposed as part of a huge natural gas transmission pipeline. The federal Natural Gas Act, he said, trumps any local zoning rules when it comes to regulating pipelines and associated compressor stations.

  It’s the second time in two years that Copenhaver has overruled efforts by Fayette leaders to protect their county from what they view as negative effects of the ongoing boom in West Virginia’s natural gas industry.

  “I am disappointed in the decision, but I’m not surprised,” Fayette County Commission President Matt Wender said. “It’s very unfortunate that local governance is being ignored to the preference of the natural gas industry.”

Finance

• India replaced its currency to wipe out illegal money stashes. The central bank says it didn’t work.

  Now, newly released data from the Reserve Bank of India (RBI) shows that 99.3 per cent of high-value notes in circulation – worth around US$216 billion (S$295 billion)) – came back to the banks. That means that those illicit hoards that the government was hoping to flush out of the system were not in the form of cash and are still out there.

• Vox Sentences: A NAFTA by any other name

• Senators Seek Answers From HUD About Public Housing Crisis in East St. Louis

  Illinois’ Democratic senators are asking the U.S. Department of Housing and Urban Development to detail what steps the agency is taking to address problems plaguing public housing apartments in East St. Louis, including mice, mold, leaky ceilings and security concerns.

  In a letter to HUD Secretary Ben Carson, Sens. Dick Durbin and Tammy Duckworth said they were “concerned HUD is failing to use its oversight authority” to ensure decent, safe conditions for residents living in properties owned and managed by the East St. Louis Housing Authority.

  The letter, sent last week, cites findings from an investigative report published by The Southern Illinoisan and ProPublica this month that detailed ongoing problems a year after HUD gave the housing authority back to local control after a 32-year federal receivership.

  At a ceremony in the city last September, Carson praised HUD’s work to improve the local agency, which houses nearly 4,000 residents, more than half of them children. At the time, he declared that residents “and the future of our children” were no longer at risk in East St. Louis.

AstroTurf/Lobbying/Politics

• Trump’s latest misleading attack on Google, explained

  In a statement given to The Verge, a Google spokesperson clarifies that the company promoted neither former President Barack Obama nor Trump’s inaugural SOTU addresses in 2009 and 2017, respectively. That’s because they were not technically State of the Union addresses, but “addresses to a joint session” of Congress, a tradition set back in 1993 so that new presidents didn’t have to immediately deliver SOTU addresses after holding office for just a few weeks. Google resumed promoting Obama’s SOTU address in 2010 and continued to do so through 2016, as he held office for all six of those years.

• FBI refutes Trump claim that Clinton’s private email server was hacked by China

  A June report from the Department of Justice Office of the Inspector General noted that the FBI had found no evidence of any compromise of Clinton’s mail servers—though full forensic analysis of the servers wasn’t possible, because one (an Apple server) had been disposed of by the time of the investigation.

• Senate Intel invites Alphabet CEO to testify, rejecting company offer of VP instead

  The panel said it had invited executives from Facebook, Twitter and Google to testify, and that only Google has failed to confirm.

• Imagine if the BBC Were Honest

  The BBC refuses to answer my Skripal questions to Mark Urban on the grounds they have no legal obligation, instead giving a “statement”. That correspondence follows below. But I want you first to imagine a World in which the BBC and Mark Urban were honest and independent, and imagine these were the answers to my questions:

  1) When the Skripals were first poisoned, it was the largest news story in the entire World and you were uniquely positioned having held several meetings with Sergei Skripal the previous year. Yet faced with what should have been a massive career break, you withheld that unique information on a major story from the public for four months. Why? My interviews with Sergei Skripal were on a strictly off the record basis and I felt honour bound not to mention them until I could obtain his permission.

Censorship/Free Speech

• Mapping The Countries Shutting Down The Internet The Most

  Across the world, as Statista’s Niall McCarthy notes, internet shutdowns and deliberate slowdowns are becoming more common and they generally occur when someone (usually a government) intentionally disrupts the internet or mobile apps to control what people do or say.

• Google’s Leadership Still Needs To Give Details About Project Dragonfly: Googlers Can Still Help

  Earlier this week, we joined with Human Rights Watch, Amnesty International, Article 19, and 10 other international human rights groups in a letter to Google’s senior leadership, calling on the company to come clean on its intentions in China – both to the public, and within the company.

  A little background: it’s been almost a month since The Intercept first broke the story that Google was planning to release a censored version of its search service inside China. Since that time, very little new information about the effort, known as Project Dragonfly, has come to light. Over 1,400 employees have asked Google to be more transparent about the search giant’s plans, but at an all-hands meeting executives only responded with generalities before the conversation was cut short. Google certainly hasn’t provided the public with any details, leaving many in the human rights community to continue wondering how Google plans to avoid becoming complicit in human rights abuses by the Chinese government.

  Google still owes both audiences—Google employees and the public—an explanation.

• Why People Named “Wiener,” “Butts,” and “Dikshit” Have Trouble Creating Accounts Online

  Trolls delight in making up “hilarious” fake names, so websites try to filter certain words for new accounts. What if your real name contains one of those words?

  Natalie Weiner, a writer for SB Nation, was recently filtered by just such a system.

Privacy/Surveillance

• Australian Gov’t Likes Intrusive Border Device Searches Just As Much As The US Does

  Hague had no reason to be treated with extra suspicion, but extra suspicion was there all the same, simply because the random selection process told border officers to be as intrusive as possible. He asked officers a reasonable question — if you search my other belongings in public because I’m a randomly selected “threat,” why can’t you search my devices out in the open. There was, of course, no response.

  Other questions about the Border Force’s handling of the contents of Hague’s devices also went unanswered. Officers refused to say whether data would be copied and/or retained, as well as refusing to explain what they were looking for.

  Why did the Border Force perform this intrusive search? Because it can.

• Facebook Watch rolls out globally in bid to take on YouTube

  Facebook will take a healthy 55 per cent share of ad revenue, leaving 45 per cent for creators. That might seem a little stingy at first, but Facebook Watch potentially gives them access to an audience some 1.5 billion-strong.

• Data Backed Up from WhatsApp to Google Drive Will Be ‘plaintext’

  According to a recent announcement by Google, Android and iOS users will now be able to backup their Whatsapp data on Google Drive without worrying about storage space. This feature would help save storage space on your Google Drive and will secure your data.

  But secure will it be? Because Google confirmed earlier that your Whatsapp data won’t be encrypted on Google Drive. Yes, the data will be stored without any form of encryption that Whatsapp users have grown accustomed to.

  From November 12 onward, Whatsapp data stored on Google Drive won’t be counted toward your allocated storage quote, Google confirmed. Google isn’t doing this out of the goodness of its heart, in fact, Facebook and Google have come to an agreement regarding Whatsapp data storage on Google Drive.

• Extension enhances privacy of all embedded YouTube videos

  Get better privacy for embedded YouTube videos with the Privacy Enhanced Mode for Embedded YouTube Videos extension for Firefox.

  Websites like to embed YouTube videos in marketing materials, blog posts, and news stories. It’s much cheaper to offload the bandwidth costs required for hosting high-quality video on a large company like YouTube, and most users get a good experience on most devices most places in the world. It’s a win–win situation, right?

  The elephant in the room is the data collection that happens through embedded content. When embedding a video, you also invite third-parties to track and record information about the interests and movements of people who visit the page. I urged people to stop embedding content over privacy concerns back in 2014. The European Parliament made websites responsible for the data harvesting that happens on their sites (even by third-parties) with the introduction of the General Data Protection Regulation (GDPR).

• Open Rights Group and the3million launch judicial review challenging the Data Protection Act’s immigration exemption

  Human rights organisations have launched a judicial review challenging the UK Government over the inclusion of a specific clause in the Data Protection Act 2018 which, they argue, would unnecessarily restrict the rights of millions of people across the country for the purpose of ‘effective immigration control’.

  [...]

  Jim Killock, executive director of Open Rights Group said:

  “The Government’s hostile environment may have been renamed, but its policies are clearly still here. Restricting the rights of millions to their personal data in immigration processes risks inaccurate data being used to make life altering decisions. Open Rights Group can’t allow that to pass without challenge.

  The Government is trying to avoid necessary accountability, and remove responsibilities to treat people fairly. This challenge aims to keep fairness and accountability in the immigration system.”

• 300,000 Finns have stopped using Facebook since April, says social media blogger

  Facebook has lost users particularly in the 30–39 age group, but its popularity seems to be on the decline in all age groups, according to data collected from the advertising tools of Facebook by Pönkä.

  He stresses that he is referring specifically to users who no longer seem to use the service actively, rather than users who have deleted their account altogether.

• Facebook ‘founder’ claims social media site has caused ‘countless deaths’ by failing to protect users

  Aaron Greenspan, who won a confidential pay-out from Facebook after claiming he came up with the concept for the social network first, has reopened his feud with Mark Zuckerberg by claiming the social media boss sacrificed safeguards on cyberbullying, extremists and data security to pursue growth at all costs.

  In an interview with The Daily Telegraph, Mr Greenspan said Mr Zuckerberg had ignored his warnings and instead designed the platform to be as addictive as tobacco in order to recruit and keep users.

Civil Rights/Policing

• Indian Police Adding Pre-Crime Software To Their Long List Of Snooping Tools

  Lots of tech is being deployed by law enforcement around the world — often far in advance of thorough testing, privacy impact assessments, or public input. Biometric scanning, facial recognition software, cell site simulators, social media monitoring tools, and, of course, “predictive policing.”

  The last one on the list brings together a bunch of data and tells cops where to go to stop crime before it happens. Pre-crime is no longer relegated to sci-fi movies providing chilling glimpses of a totalitarian future. It’s here now and it’s converting certain neighborhoods into instant probable cause.

  The Chicago PD is only one of several agencies using the software to generate “heat lists” of citizens in need of arresting. There may be no criminal activity occurring when patrols begin, but the algos say it’s inevitable, so off the cops go to round up people who may be likely to commit crimes.

• Marines Move to Tackle Racial Extremists in the Corps

  The United States Marine Corps has taken steps to combat racial extremists in its ranks, issuing an updated order emphasizing that participation in white supremacist and other groups is prohibited and encouraging service members to report fellow Marines involved with such groups.

  The actions come after an active-duty Marine was documented taking part in last year’s deadly white supremacist rally in Charlottesville, Virginia, and two others were arrested after hanging a racist banner off a building in North Carolina.

  [...]

  Like every branch of service, the Marine Corps has regulations that bar its members from participating in racial extremist groups, but the updated policy clarifies language on prohibited conduct, chiefly by explicitly identifying “supremacist” activity as forbidden. It also consolidates many previous orders, a large number of which haven’t been updated in years, and aims to tighten accountability when rules of conduct are violated. The updated policy encourages service members who see their peers engaging in prohibited behavior to report them through various channels.

• Federal Data Shows Public Schools Nationwide Are a Hotbed of Racial Injustice

  A new series of reports from the ACLU and UCLA Civil Rights Project reveal glaring racial disparities in school discipline

  Many students heading back to school are being greeted by more police and metal detectors, but few, if any, counselors — this is especially true for students of color. Beyond having more police officers who could be armed, Education Secretary Betsy DeVos is reportedly considering a plan to allow states to buy guns for teachers using federal funds.

  Despite the research demonstrating that harsh “school safety” and disciplinary measures are detrimental to students of color, public schools across the country are enhancing efforts to lockdown classrooms, partly in response to the Parkland school shooting that shook the nation.

  As state legislatures take up the Trump administration’s call for increasing “law and order” with more school police, and as DeVos considers whether to undo the Obama administration’s reforms to curb racial bias in school discipline, it’s important to take a close look at what’s happening in schools. A series of reports produced by the ACLU with UCLA (Center for Civil Rights Remedies, Civil Rights Project) analyzes new data from the U.S. Department of Education, collected from all 96,000 public schools in the country. Part I of our publication focuses on the 11 million days of school students lost to suspension in the 2015-16 school year.

  Dramatic disparities exist at the school, district, state, and national level. Black students were just 15 percent of students nationally, but they accounted for 45 percent of all of the days lost due to suspension. This discipline gap contributes to the achievement gap. The 11 million days of lost instruction translates to over 60,000 school years, over 60 million hours of lost education, and billions of dollars wasted in a single school year.

Internet Policy/Net Neutrality

• FCC can define markets with only one ISP as “competitive,” court rules

  The FCC voted last year to eliminate price caps imposed on some business broadband providers such as AT&T and Verizon. The FCC decision eliminated caps in any given county if 50 percent of potential customers “are within a half mile of a location served by a competitive provider.”

• What To Expect During the Root KSK Rollover

  After the root KSK rollover begins (currently planned for 11 October 2018), a very small percentage of Internet users are expected to see problems in resolving some domain names. There are currently a small number of Domain Name System Security Extensions (DNSSEC) validating recursive resolvers that are misconfigured, and some of the users relying on these resolvers will experience problems. This document describes which users will see problems and, among them, what kinds of issues they will see at various times.

• Comcast Is Trying To Ban States From Protecting Broadband & TV Consumers

  The shorter version: the FCC’s Restoring Internet Freedom order effectively cripples the FCC’s ability to protect consumers, then shovels any remaining enforcement authority over to the FTC, which is ill-equipped to actually police the telecom market. Predicting that states would then try to jump in and fill the oversight accountability vacuum (which is precisely what started happening on both net neutrality and privacy), ISPs have also been urging both the FCC and the FTC to ban states from doing so.

  This is all being done under the pretense that blind deregulation of the telecom sector magically results in greater industry investment and broader deployment. But as we’ve explained countless times, that’s not how the U.S. telecom sector works. With neither competition nor reasonable government oversight to constrain it, natural monopolies like Comcast are simply free to double down on all their worst behaviors.

• That Time Telco Lobbyists Sent Me All Their Talking Points About Trying To Shift The Blame To Internet Companies

  It’s not every day that big telco lobbyists email me their internal documents about how they’re going to try to shift all the negative press about themselves and try to flip it onto internet companies. But it did happen yesterday. In what was clearly a mistake a top exec at the telco’s largest lobbying organization, USTelecom, emailed a 12 page document of talking points yesterday, asking the recipients to “review the document for accuracy and other thoughts” in order to help USTelecom President Jonathan Spalter for when he goes on C-SPAN next week. I found it a bit odd that I would be on the distribution list for such an email — especially when 13 of the 15 recipients of the email were US Telecom employees. And me. The one other non-US Telecom person works at a firm that provides “subject matter experts” and “in-depth legal analysis.”

  The talking points are not all that surprising, if you’re at all familiar with the telco industry, so there aren’t really any huge smoking guns here, but they do cover a huge range of issues, from net neutrality, competition, privacy, cybersecurity, and more. Amusingly, on the net neutrality front, there’s a section on “Verizon Throttling Fire Responders.” Tragically, that appears to be one of the few sections in the document that they hadn’t yet filled in yet — perhaps because the industry still doesn’t have a good response to Verizon throttling fire fighters in California as they were battling wildfires.

• The lang= attribute in HTML

  Non-native english speaking blind people have their default speech language typically set to their native language. When they end up browsing to a site in english (or any language other than their native one for that matter) the screen reader starts to read english with pronounciation from their native language. While some people start to understand such speech output after a while, it is really a pain to work with. Of course, you can switch to a different speech language manually, but that takes time, and people end up not doing it in a lot of situations.

  Some screen readers have automatic language detection implemented, but it fails to work correctly in many cases, which is why most users have autodetection actually turned off.

Intellectual Monopolies

• New Document On Traditional Knowledge, Folklore At WIPO; Chair Calls For New Conceptual Approach

  The protection of traditional knowledge and folklore against misappropriation is a topic that has been occupying World Intellectual Property Organization delegates for close to two decades. This week a new draft document, presenting a proposed revision of a set of draft articles of potential treaties, was released by a drafting team. As some countries are keen on preserving their original language and ideas, the committee chair called for delegates to move on with their work, and lift themselves above how the patent and copyright system works.

• How Not To Freak Out When Someone Copies Your Product

  One of the things we’ve talked about for decades at Techdirt is that companies need to not freak out so much when someone copies their product — whether physical or digital. There are some who believe you need to stop copying at any cost. That always seemed silly for multiple reasons. First, if you have something people want, it’s going to get copied. At some point you have to do something of a cost benefit analysis of whether or not it’s truly worth it to go crazy stopping every copy. Second, if you truly created the original, then you have a leg up on any copycat, in that you have a much better understanding of just about everything: you understand the customers better, you’ve built up brand loyalty and you understand the hidden reasons why people like your product. So you’ll almost certainly continue to innovate above and beyond any copycats. Third, many efforts to stop copycats end up punishing your actual customers, saddling them with a worse product because you’re so overly concerned about copying. This is a story of a company that has gone in the other direction.

  For the last year or so, I’ve been telling a bunch of people about my exercise regime (my coworkers are sick of hearing about it). It began two years ago when I saw a Kickstarter project for Monkii Bars 2 — a suspension training system not unlike TRX (if you’re familiar with that), but a lot more portable. If you spend time on Kickstarter, there are a ton of exercise equipment products there, but nearly all of it looks like most late night infomercial crap (also, I noticed that most of them are based in LA, which perhaps isn’t too surprising). Most of them look snazzy, but also are likely to be the kinds of things that no one ever uses for more than a week. The Monkii bars didn’t look like that at all, though. First, it was from a Colorado company, and the team who made it seemed more like the kind of people I’d actually hang out with, rather than the folks who pitch most exercise equipment. More importantly, though, something about the way the Monkii Bars worked just seemed like a perfect way to get a workout. For whatever reason, I knew that they wouldn’t be a “use it for a week and forget about it” kind of thing (though, I did still at least worry a little bit they would turn out that way).

• Trademarks

  • Unpacking the S-shape Benelux mark invalidation

    A Netherlands court has invalidated a shape mark for packing peanuts registered in 1994, once again illustrating the difficulty in obtaining and maintaining such registrations in Europe – even those that are old and well-established

• Copyrights

  • The Mystery Of Columbia Pictures DMCAing Its Own Leaked Promotional Posters For Its ‘Holmes And Watson’ Movie

    It’s no secret that the DMCA process is often abused. Typically, this abuse takes the form of one entity issuing a takedown notice not over true copyright concerns, but rather to either silence speech it doesn’t like or to harm a competitor. It’s a very real problem. But sometimes the misuse of the DMCA takedown process takes a turn towards the bizarre.

    [...]

    That explanation makes more sense than any other out there, including the idea that Columbia Pictures would want to nuke its own advertising material that had begun to go viral. The company isn’t talking, which is unhelpful. But if that is the explanation, it should be clear that this sort of thing is not what the DMCA process is for and there can be consequences for innocent internet users that are suddenly having DMCA strikes against them, including on social media.

  • ‘Perma.cc’: is the fight against “link rot” copyright compliant?

    From news outlets to academic writing, publishing online is now part of the mainstream amongst publishers. It is relatively inexpensive, instantaneous and reaches readers worldwide. But the dynamism of internet publications does have one inconvenient– “link rot”.

    ‘Link rot’ refers to the decoupling of the hyperlink (or URL) with the webpage with which it was originally associated, rendering the link useless. While you may not be familiar with the phrase link rot itself, undoubtedly you will have experienced some of its most irritating symptoms: ‘page error 404’, ‘The URL you requested was not found’ or ‘Oops! Something wrong happened’. Research shows that, on average, a staggering 50% of links will be decoupled from their original content, i.e. turned to rot, two years following publication (see here and here).

  • Yandex Has Less Than 48 Hours to Tackle Piracy or Get Blocked

    Russian search giant Yandex is facing a copyright crisis. Late last week the Moscow City Court handed down a ruling that required Yandex to remove links to pirated content owned by Gazprom-Media. On Monday, that instruction was reiterated by telecoms watchdog Roscomnadzor. If Yandex does not take action by Thursday, its video platform will be blocked by the country’s ISPs.

  • US and Mexico Modernize Copyright Protection in New Trade Deal

    The US Government has reached a new trade agreement with Mexico. The preliminary deal provides strong and effective copyright protection and enforcement, including criminal sanctions against movie cammers. It will also “extend” the minimum copyright term to 75 years, an issue that triggered quite a bit of confusion.

  • Public Knowledge Responds to President Trump’s Outrageous Copyright Giveaway

    “The inclusion of a copyright term extension in the trade agreement announced today is a staggeringly brazen attempt by the entertainment industries to launder unpopular policies through international agreements. Not only would a copyright term extension never survive domestic debate, but it also violates the instructions Congress gave in trade promotion authority, which directed the U.S. Trade Representative to negotiate intellectual property provisions consistent with existing law. This is a slap in the face to the public interest, to consumers, and to Congress.

  • Google and Oracle’s $8.8 Billion Copyright Clash to Go to Supreme Court [iophk: "incorrect: Java has a license and the API is part of that"]

    The case revolves around Google’s use of Java APIs (without a licence) to enable Java programmers to build Android apps. When Oracle bought the rights to Java in 2009, it fired the starting gun on the case. Those who have taken similar steps – which are common – could face a wave of litigation if Oracle wins.

  • EU Copyright Directive – who pays the bill for the upload filter?

    Social media companies and content sharing apps could have to foot the bill for a vast automated copyright protection scheme under the most recent EU proposal to update copyright law. For those who remember, this is Hadopi on steroids. It’s a proposal that, history tells us, is unlikely to be workable.

  • Lending Emulations?

    Video games are an important cultural artifact. Unlike books, movies, and even music, national libraries and other archives typically don’t have organized programs to collect and preserve them, much less make them available to scholars. AFAIK the Internet Archive’s accessible collections of console and arcade games are unique among established archives, but they lack Nintendo’s catalog. Figuring out a way for institutions to preserve this history without undue legal risk is important.

• Distributions
• Devices/Embedded

Desktop

• The Slimbook is coming

  Now, this is not a reactionary decision. It is one based on curiosity. I am not trying to wean myself off the evil corporations or anything of that sort. I am quite happy using Windows and Linux in parallel, but then, I also want to see the Linux desktop succeed, in a real-life, pragmatic sort of way, without compromising or any sweet illusions. So I am now going to take my Linux experience to another level, and that means using a Linux machine for some really really serious stuff. After me.

• Dell Unveils its Cheapest XPS 13 Yet

  So, as a cost-conscious consumer, I’m pleased to see Dell introduce a newer, lower-priced Dell XPS 13 model that, on paper, sounds like a great all round machine.

  Unveiled at IFA 2018, a tech show taking place in Berlin, Germany, the cheaper Dell XPS 13 9370 starts at under $899, which makes it one of the lowest priced XPS models released to date.

  Naturally there are some compromises, specifically in the processor.

Server

• Kubernetes Development Infrastructure Moving Out of Google Control

  Google helped to create the Linux Foundation’s Cloud Native Computing Foundation in July 2015 with the contribution of the Kubernetes container orchestration system. Although Google contributed Kubernetes, it was still running the core infrastructure for building, developing and testing Kubernetes—until now.

  On Aug. 29 at the Linux Foundation’s Open Source Summit here, the CNCF and Google announced that Kubernetes development will be moving to the CNCF’s control in an effort to further enable multicloud development. Alongside the move, Google announced that it is donating $9 million in Google Cloud Platform credits to enable the CNCF to run Kubernetes developments for the next three years.

• The shutdown of the project Hummingbird at Rackspace

  On reflection, I suspect their chances would be better if they were serious about interoperating with Swift. The performance gains that they demonstrated were quite impressive. But their paymasters at RAX weren’t into this community development and open-source toys (not that RAX went through the change of ownership while Hummingbird was going on).

• The container future is here. It’s just not evenly distributed

  Science fiction writer William Gibson once said, “The future is already here — it’s just not evenly distributed.” He was explaining that things we once thought of as futuristic already were a reality for some people, but not everyone.

  He may as well have been talking about adoption of Linux containers within the federal government.

  While evidence suggests that the public sector’s interest in Linux containers continues to grow, many agencies remain on the fence. Whether due to budget, lack of information or other constraints, government adoption of Linux containers has been slower than it has been in the commercial space. Many agencies continue to view containers as exclusively for the cool kids in Silicon Valley.

Kernel Space

• Power Management and Energy-awareness Microconference Accepted into 2018 Linux Plumbers Conference

  Use of Linux on battery-powered systems continues to grow, and general energy-efficiency concerns are not going away any time soon. The Power Management and Energy-awareness micro-conference therefore continues a Linux Plumbers Conference tradition of looking into ways to improve energy efficiency.

  In spite of significant progress made over the last year on multiple fronts, including but not limited to the enhancements of the scheduler’s load-tracking facility with an improved awareness of the amount of time taken by realtime processes, deadline processes, and interrupt handling in order to improve CPU performance scaling, the work on implementing energy-aware scheduling on asymmetric systems in the kernel (https://lwn.net/Articles/749900/), and the process utilization clamping patch series (https://lwn.net/Articles/762043/), there still are open issues to be discussed and new ideas to consider. This year, the focus is on energy-optimized task scheduling, user space interfaces for passing power/performance hints to the kernel, platform power management mechanisms and power management frameworks.

• Linux 4.18.6 Kernel To Properly Report AMD Threadripper 2 CPU Temperature

  The soon-to-be-released Linux 4.18.6 stable kernel will correctly report the CPU core temperatures of the new AMD Threadripper 2950X and 2990WX processors.

  With the new high-core-count AMD processors that launched earlier this month, the 16-core / 32-thread Threadripper 2950X and 32-core / 64-thread Threadripper 2990WX, the only real Linux shortcoming to report had been the lack of correct temperature reporting on the stock Linux kernel at the time… With the kernels up to this point, the reported CPU core temperature on these Threadripper 2 CPUs has been +27 degrees (Celsius) higher than it should be due to a missing Tctl offset.

• The first half of the 4.19 merge window

  As of this writing, Linus Torvalds has pulled just over 7,600 non-merge changesets into the mainline repository for the 4.19 development cycle. 4.19 thus seems to be off to a faster-than-usual start, perhaps because the one-week delay in the opening of the merge window gave subsystem maintainers a bit more time to get ready. There is, as usual, a lot of interesting new code finding its way into the kernel, along with the usual stream of fixes and cleanups.

• Batch processing of network packets

  It has been understood for years that kernel performance can be improved by doing things in batches. Whether the task is freeing memory pages, initializing data structures, or performing I/O, things go faster if the work is done on many objects at once; many kernel subsystems have been reworked to take advantage of the efficiency of batching. It turns out, though, that there was a piece of relatively low-hanging fruit at the core of the kernel’s network stack. The 4.19 kernel will feature some work increasing the batching of packet processing, resulting in some impressive performance improvements.

  Once upon a time, network interfaces would interrupt the processor every time a packet was received. That may have worked well with the kind of network interfaces we had in the 1990s, but an interface that worked that way now would be generating many thousands of interrupts per second. That, in turn, would swamp the CPU and prevent any work from getting done. The response to this problem in network circles was the adoption of an API called “NAPI” (for “new API”) during the long 2.5 development series.

• The sidechannel LSM

  Side-channel attacks are a reasonably well-known technique to exfiltrate information across security boundaries. Until relatively recently, concerns about these types of attacks were mostly confined to cryptographic operations, where the target was to extract secrets by observing some side channel. But with the advent of Spectre, speculative execution provides a new way to exploit side channels. A new Linux Security Module (LSM) is meant to help determine where a side channel might provide secrets to an attacker, so that a speculative-execution barrier operation can be performed.

  In current kernels, a context switch from one process to another often necessitates a flush of the translation lookaside buffer (TLB) contents, which is done in switch_mm_irqs_off(). For x86, after the Spectre v2 mitigations, that function calls indirect_branch_prediction_barrier() when switching away from a process that is not allowed to core dump (i.e. does not have SUID_DUMP_USER set). The barrier (which is known as IBPB) is an expensive operation, so it is only done for “sensitive” processes that have turned off core dumps (e.g. GPG). Core dumps of a process can contain secrets of various sorts, such as keys or passwords.

• Incorrect AMD Threadripper Temperatures on Linux 4.18 to be Fixed Soon

  As we near the release of the Linux 4.18.6 stable kernel, more goodies just keep coming for Linux users – its now been reported that the Linux 4.18.6 stable kernel will be able to properly report CPU core temperatures of the new AMD Threadripper 2950X and AMD Threadripper 2990WX processors –

• Linux Foundation

  • Linux Foundation Continues Growing at More Than a Member a Day With Addition of Fifty-One Silver and Associate Members in One Month

    With the support of its members, The Linux Foundation hosts open source projects across technologies including networking, security, cloud, blockchain, and more. This collaborative development model is helping technology advance at a rapid pace in a way that benefits individuals and organizations around the world.

  • Windmill Enterprise Joins The Linux Foundation

    Leading Enterprise Blockchain Company Will Participate in the EdgeX Foundry and Linux Foundation Networking Communities

  • ​Storj Labs forges open-source vendors and cloud services alliance

    At the Linux Foundation’s Open Source Summit in Vancouver, Storj Labs a decentralized cloud storage company, announced a partnership that will enable open-source projects to generate revenue when their users store data in the cloud: The Open Source Partner Program.

    Why? Ben Golub, Storj’s executive chairman and long time open-source executive, explained there’s a “major economic disconnect between the 24-million total open-source developers and the $180 billion cloud market.” That’s why, for example, Redis Labs recently added the controversial Commons Clause license to its Redis program.

  • Storj Labs Announces New Partner Program to Create Revenue Opportunities for Open Source Projects and Companies

  • Google takes a step back from running the Kubernetes development infrastructure

    Google today announced that it is providing the Cloud Native Computing Foundation (CNCF) with $9 million in Google Cloud credits to help further its work on the Kubernetes container orchestrator and that it is handing over operational control of the project to the community. These credits will be split over three years and are meant to cover the infrastructure costs of building, testing and distributing the Kubernetes software.

  • Google Cloud grants $9M to continued development of Kubernetes

    Kubernetes, a system designed to assist developers with management of containerized applications, including deployment, scaling, and updating, was developed originally by Google. Kubernetes is written in the Go programming language, another Google product, and was made open source in 2014.

  • Cloud Native Computing Foundation Welcomes 38 New Members at Open Source Summit North America

    Open Source Summit North America – The Cloud Native Computing Foundation® (CNCF®), which sustains and integrates open source technologies like Kubernetes® and Prometheus™, today announced that 38 new members have joined the Foundation – growing from 28 members at the Foundation’s launch in 2015 to 284 today.

• Graphics Stack

  • RadeonSI Compatibility Profile Now Supports OpenGL 4.5 On Mesa 18.3

    The work done by Valve open-source Linux GPU driver Timothy Arceri to implement OpenGL 4.5 compatibility profile has been merged into Git master for next quarter’s Mesa 18.3 release.

    As of Mesa 18.3 tonight in Git, the RadeonSI Gallium3D driver is able to expose OpenGL 4.5 under the compatibility context rather than GL 4.4. Even that GL 4.4 level for the compatibility profile is a big milestone with just in the past few months having gone from OpenGL 3.2 compatibility support, thanks to the work done by AMD and Valve, which we now know is part of their Steam Play for Windows games on Linux. That OpenGL 4.4 compatibility profile support is just squared away for the Mesa 18.2.0 release happening in the next few days.

• Benchmarks

  • Benchmarks Of The 24-Core ARM Socionext 96Boards Developerbox

    Announced last October was a 24-core ARM developer box being worked on by Linaro/96Boards, Socionext, and Gigabyte. The specifications are appealing with twenty-four ARM 64-bit cores with the SoC on a micro-ATX sized motherboard, support for a PCI Express graphics slot, and onboard Gigabit Ethernet. Here are our first benchmarks of this Socionext 96Boards Developerbox.

  • The NVIDIA Jetson TX2 Performance Has Evolved Nicely Since Launch

    Word this week of the NVIDIA Jetson Xavier Development Kit being up for pre-order reminded me of some benchmarks I had been meaning to do of seeing how the NVIDIA Jetson TX2 developer kit’s performance has evolved since its launch a year and a half ago. There’s actually a quite measurable improvement in performance with the latest software/drivers compared to it was at launch.

Applications

• Terminus A Modern Terminal App For Linux

  A couple of years of using various Linux distros have shown me a lot of new stuff. Some interesting user interfaces, some new package managers but one place where I haven’t seen many inventions is the terminal. It has always been the same old shell that comes by default. Even though it is one of the most used things, I haven’t seen much of a variation with it.​
  But recently I came across Terminus – A terminal for the modern age. So I decided to give it a try. First of all, let us look at its installation and availability on various systems.

• ADAMANT – An Anonymous, Open Source, Secure Blockchain-based Messenger

  The issue of security of correspondence and the personal data protection has always been relevant, attracting more and more groups of people from a wide range of different IT activities. In order to create the highest possible level of security, they make a variety of solutions for products offering the most interesting options for protection.

  One of such unusual examples can serve the ADAMANT Messenger, the team of which involved Blockchain technology for the transmission of messages. It is an anonymous, open source and secure Blockchain-based Messenger. The main purpose of the ADAMANT Messenger is to provide anonymity, privacy and security. As you may know already, many instant free messaging applications (like WhatsApp, Telegram, Viber) requires some form of verification (usually a phone number or email address), but ADAMANT requires none. No emails, no phone numbers and no need to register or enter any information about you.

• FFmpeg Received Support For Performing More Operations In OpenCL

  Thanks to Google Summer of Code 2018, student developer Danil Iashchenko devoted the past several months to writing more filters within FFmpeg’s Libavfilter library in OpenCL.

  Iashchenko spent the summer writing more libavfilter coverage for OpenCL to allow more of these video operations to be offloaded to the GPU and thereby freeing up more CPU resources.

• Instructionals/Technical

  • How to install the Sentrifugo HRM Solution on Ubuntu Server 18.04

  • Installing Dropbox in Gentoo Linux following the recent restrictions introduced for Dropbox for Linux

  • How to Install Splunk Log Analyzer on CentOS 7

  • How to Kill a Process in Linux

  • How to Limit File Upload Size in Nginx

  • How to Connect Xiaomi Yeelight Devices to Android Without a Home Router

  • Debugging an Rc<T> reference leak in Rust

  • Convert libreoffice files : .odt .odg and other to .pdf

  • Creating And Managing Git Repository – Git Series Part 2

  • Linux cut Command Explained for Beginners (with Examples)

  • How to Install KVM and Manage Virtual Machines in Ubuntu 18.04

  • 11.5 Factor apps

  • How to Install Invoice Ninja on CentOS 7

  • How to Install Netdata Monitoring Tool on Ubuntu 18.04 LTS

  • How To Use A Swap File Instead Of A Swap Partition On Linux

  • How to Install Gentoo Linux CLI and KDE Plasma (Also for VirtualBox and VMware)

  • Setting up your own name service (DNS) with ISPConfig

  • How to Create Aliases for Customizing Commands in Ubuntu

  • Free eBook from Packt – Kali Linux Wireless Penetration Testing Beginner’s Guide – Third Edition

  • Fix Battle.net “Blizzard Agent Went To Sleep” And “Waiting On Another Installation Or Update” Issues

  • Display two calendar months side by side

  • Creating the Concentration Game PAIRS with Bash

• Games

  • The End of the Sun is a first-person adventure game inspired by Slavic mythology and legends

    From the press email we got sent (thanks Xpander) Linux is a confirmed platform for the game.

  • The Rocket League ‘Progression Update’ is out allowing you to form a special club

    The addictive game Rocket League that has you sat in rocket-powered cars smashing balls around a court has been updated with some fun goodies. In addition to the patch, they’ve announced their “Rocket Pass” is going to go live next week, which has a free and paid option to allow you several ways to earn new content.

  • BlazeRush is another completely awesome co-op game available for Linux

    You will be forgiven for not knowing about BlazeRush, since it’s an oldie released back in 2014. Taking another look at it recently with the help of my trusty side-kick I’ve found it to be an exceptionally fun co-op experience on Linux.

    It’s an action-racing game filled with ridiculous power-ups like boosters, rockets, chainguns and so on which makes it so ridiculous. It’s basically Micro Machines covered in awesome sauce. For those who don’t have people to play with locally, it also has online play and some pretty menacing bots that will waste no time in completely annihilating you off the track.

  • Battle Chef Brigade has been updated to a Deluxe edition for all owners

    Battle Chef Brigade is a rather good mix of cooking and hunting which just got upgraded to a Deluxe edition. You can see my original thoughts on it here. Honestly, the game really is surprisingly good and it’s fantastic to see such a massive update out for free.

    Note: It doesn’t advertise Linux support on Steam, but it does have a Linux version. The developers said it’s simply because they haven’t tested it enough. It does list Linux support on GOG.

  • Casual puzzle game Molecats has you twisting tiles to move the environment around, out now

  • The latest Linux-powered ‘Atari VCS’ update gives a small behind the scenes look at their progress

    The team behind the Linux-powered games console, the Atari VCS, recently had a three-day session together to go over the progress and it seems quite interesting. It’s not exactly going to into a huge amount of depth, really most of it sounds like the obvious things they would be working on but it’s still good to see it progress forward after their successful IndieGoGo campaign.

  • Valve have rolled out Steam Play into the stable Linux Steam Client, along with touch controls for Steam Link

    Valve seem to be moving pretty quickly with Steam Play, as a new stable Steam Client is out which includes preliminary support for the new Steam Play Beta.

  • SCUM, a very exciting sounding open-world survival game should come to Linux

    SCUM [Steam], an open world survival game from developer Gamepires (produced by Croteam and published by Devolver Digital) is shaping up to be one of the most exciting releases this year and it seems Linux is in their plans.

  • An Activision Developer Is Talking At The Open-Source Summit… About Kafka Tuning

    At this week’s Open-Source Summit in Vancouver is a presentation by an Activision developer talking about Call of Duty performance but sadly it’s not what may come to mind.

    Activision sadly isn’t doing a native Linux port of their popular Call of Duty game series but rather is talking about it at the Open-Source Summit in regards to building extendable data pipelines. Yeah, I got excited too when seeing “Activision” and “Call of Duty” at this week’s Linux Foundation event but it’s just in regards to their back-end infrastructure.

Desktop Environments/WMs

• K Desktop Environment/KDE SC/Qt

  • 3D printing with Atelier

    During this year’s Akademy conference, Lays Rodrigues introduced Atelier, a cross-platform, open-source system that allows users to control their 3D printers. As she stated in her talk abstract, it is “a project with a goal to make the 3D printing world a better place”. Akademy is the KDE community’s annual conference. This year it took place in Vienna and the program included a number of hardware-related talks as part of the conference portion held during the weekend of August 11 and 12.

    [...]

    The AtCore library’s function is to provide an abstraction for the serial communication with the printer and control of it. It provides a generic layer that is independent from the user interface. AtCore can thus work with any interface, “including QML”, she added. AtCore uses pure C++ with Qt for performance reasons. Rodrigues gave memory usage when printing as an example: Atelier requires 200MB of memory while other, similar programs may require 2GB. AtCore supports most open-source 3D-printer firmware using a plugin architecture to handle differences between different firmware implementations. Rodrigues showed at one point the list of the supported printer firmware, which corresponds to the list of supported printer models.

    The second part of the team’s work is the “test client”: Atelier. However, it is a full 3D host system, not just a test program. It uses the KDE libraries in addition to Qt — and the AtCore library, of course. Rodrigues ran a demonstration of a number of Atelier features. The configuration she used included a laptop running Atelier and a small embedded system with the printer firmware. The demo included all stages of the printing process.

  • Akademy 2018 in Vienna

    Akademy 2018 was hosted in TU WEIN university, Vienna from 11th to 17th August, 2018.Being part of this Akadmey gave me a chance and opportunity to meet all the fellow KDE contributors in person and socialize with them.

    First two days some contributors gave presentations on their respective projects.
    Rest of the week was BoF (Bird of Feather) sessions, BoF sessions are great way to discuss things with other community members and gather feedback. There were also workshop sessions organized by KDE e.V. for community members.

Distributions

• 10 Best Linux Distros to Install on Your MacBook

  macOS is a Unix-like Operating System so many of the features in Linux distros are similar to those that it offers. That notwithstanding, because it is Unix-like does not mean that it is Linux and for one reason or the other you may want to run a full-fledged OS.

• Red Hat Family

  • Red Hat Blockchain Patent Details Software Usage Tracking

    The cloud computing company Red Hat wants to tap into blockchain for a system to track software usage, according to a recent patent filing.

    The way Red Hat sees it, new marketing models for selling software on a cloud platform require new methods of tracking usage, and a blockchain may be able to efficiently store this information, Coindesk reports. The filing outlines how blockchain would track transactions across a given platform where each transaction represents an instance of a customer using the company’s products. Read more here.

  • Which Linux terminal command do you use the most?

  • A quick guide to DNF for yum users

  • How to scale your website across all mobile devices

  • 6 places to host your git repository

  • Intro to Podman (Red Hat Enterprise Linux 7.6 Beta)

    Red Hat Enterprise Linux (RHEL) 7.6 Beta was released a few days ago and one of the first new features I noticed is Podman. Podman complements Buildah and Skopeo by offering an experience similar to the Docker command line: allowing users to run standalone (non-orchestrated) containers. And Podman doesn’t require a daemon to run containers and pods, so we can easily say goodbye to big fat daemons.

    Podman implements almost all the Docker CLI commands (apart from the ones related to Docker Swarm, of course). For container orchestration, I suggest you take a look at Kubernetes and Red Hat OpenShift.

  • Finance

    • Some expensive stocks to avoid Red Hat, Inc. (RHT), Ship Finance International Limited (SFL)

    • Consensus Analysts Rating is Good For Investors? Red Hat, Inc. (RHT)

    • Trader’s Buzzer – Red Hat (RHT)

    • Carillon Tower Advisers Inc. Has $10.67 Million Holdings in Red Hat Inc (RHT)

    • Red Hat, Inc. (RHT) Set to Fly?

    • Red Hat Inc (RHT) Shares Sold by Sentry Investment Management LLC

    • Red Hat Inc (RHT) Receives $157.79 Average Price Target from Analysts

    • Finding Success By Improving Lives: SeaWorld Entertainment, Inc. (SEAS), Red Hat, Inc. (RHT)

    • Investor Research Report on Red Hat, Inc. (NYSE:RHT)

    • Red Hat (NYSE:RHT) Receives Media Impact Rating of 0.25

    • Red Hat, Inc. (RHT) stock price moves 1.70% up to an average price of last 20 days

    • What is rating of Stock? Red Hat, Inc. (RHT)

    • Red Hat (RHT) look forward to reach average price target of $164.88

    • Red Hat (RHT) projected to achieve earnings growth of 49.20% for this year

    • Red Hat (RHT) Stock’s Essential Chart Information with Volatility and volume Figures

    • Red Hat Inc. (RHT) Rises 2.59% for August 29

    • What is rating of Stock? Red Hat, Inc. (RHT)

    • Is There A Value Opportunity In Teck Resources Limited (TECK), Red Hat, Inc. (RHT)?

    • Red Hat to Webcast Results for Second Quarter Fiscal Year 2019

    • Red Hat Inc.: Red Hat to Webcast Results for Second Quarter Fiscal Year 2019

    • Red Hat to Webcast Results for Second Quarter Fiscal Year 2019

    • Red Hat Inc. (RHT) Moves Higher on Volume Spike for August 29

  • Fedora

    • Flock : Best 4 Days of 2018

• Debian Family

  • Derivatives

    • Canonical/Ubuntu

      • How Canonical Is Improving Ubuntu Linux Security

        Cryptojacking attacks have been increasingly prevalent in 2018, even finding their way into the Ubuntu Linux software center. Mark Shuttleworth, the founder of Canonical and Ubuntu Linux, isn’t too worried, though, as he has multiple technologies in place to mitigate risk.

        In a video interview with eWEEK, Shuttleworth provides insight into the technologies that Ubuntu uses to help secure applications and users from multiple risks, including cryptojacking. In a recent cryptojacking attack in Ubuntu, applications were found to be conducting unauthorized cryptocurrency mining on user desktops. The issue was quickly resolved, serving as a proof point for the resilience of Ubuntu’s Snap application packaging system for helping to keep systems updated.

        “In the architecture of Snaps themselves we put a lot of work into being able to shape the container and define what the container is allowed to do,” Shuttleworth said. “Any application that comes into the Snap Store has to be very explicit about all the things it wants to do.”

      • Moving towards a software defined IoT business model

        The opportunity to capitalise on the internet of things is significant for many companies, but that doesn’t mean that it is a straightforward journey to success. Companies need to analyse their current business practices and evaluate where benefits can be gained – and for some this could be changing their business model in its entirety.

        Device manufacturers are a prime example of this. With hardware commoditisation forcing their margins downwards and low-cost competitors applying increasing pressure, manufacturers need to build a sustainable business that brings in continuous revenue beyond the initial device sale. By devising a software-led strategy, device manufacturers can transition to new business models underpinned by IoT app stores and ecosystems of 3rd party ISVs (independent software vendors).

Devices/Embedded

• Compact, Arm-based mini-PC is toughened up for IIoT

  DFI’s Pico-ITX-based, DIN-rail mountable “EC900-FS6” mini-PC runs Linux or Android on an i.MX6 DualLite, and offers 2x GbE, 2x USB, 2x serial, mini-PCIe, and extensive ruggedization features.

  A reader recently noted our excessive use of the term “rugged,” which is fair enough. In our defense, embedded gear is increasingly tolerant of wide temperature ranges, and to a lesser extent, excessive shock, vibration, and dust and water ingress. From now on, we will no longer use “rugged” to describe a system that has a wide temperature range without also offering other protections. We will, however, continue to apply it to systems like DFI’s i.MX6-based EC900-FS6 mini-PC, which is not only rugged, but quite compact at 143 x 96.4 x 34mm.

• Rugged, in-vehicle touch-panel PCs support camera and wireless expansion

  The VMC touch-panel PCs are designed for in-vehicle use in warehouses, ports, and other logistic and material applications. The systems support -30 to 60°C temperatures with ambient air flow and offer 10% to 90% (non-condensing) humidity tolerance. Vibration resistance is rated at MIL-STD-810G, 514.6 Procedure 1, Category 4, and shock resistance complies with MIL-STD-810G, Method 516.6, Procedure I and V (crash hazard), says Nexcom.

• Let’s get Chatty!

  Today we provide a technical update and demonstration of SMS and end-to-end encrypted XMPP messages on the chat application we’re developing, Chatty. But first, a bit of historical context…

• Purism Developing “Chatty” For SMS Support On The Librem 5

  Purism shared today about the work they are engaged in on supporting SMS messaging with their in-development Librem 5 smartphone.

  For handling SMS messaging, Purism is developing an application they — at least for now — are calling Chatty. This Chatty code will effectively serve as a plug-in for libpurple (of Pidgin instant messaging fame) that interfaces with ModemManager. Libpurple of course supports many different messaging platforms/protocols and is most often associated with Pidgin but could be adapted by other clients.

• Android

  • Skagen Falster 2 fitness smartwatch announced – Runs Wear OS

    The International Consumer Electronics Show (CES), which usually takes places in Las Vegas, is a place that many tech companies showcase their upcoming consumer electronics technologies. Tech breakthroughs have been experienced there since June 1967 (wow). This year at CES 2018, Skagen announced their first smartwatch – called the Falster. It was an admirable watch but did have some drawbacks, such as the poor battery life and some missing features. Now, several months later, the company is in the process of already releasing the Falster 2 and it starts shipping on September 12th. You can expect it soon.

    [...]

    Although this all may sound great, the Falster 2 is still powered by the quite old Snapdragon Wear 2100 chip and will become outdated pretty soon. If you’re still interested in buying the watch regardless, you can buy it at Skagen’s very own site. The silicone and leather band types cost $275 while the steel-mesh ones cost that little more at $295.

  • Xiaomi Poco F1 Launcher Arrives On Google Play Store

  • Android Messages for Web gets its own Material UI overhaul too

  • Android spyware BusyGasper has many features, but few known victims

  • New Samsung Leak Reveals Software For Faster Galaxy S10

  • Xiaomi Mi A2, Nokia 6.1 Plus and Asus ZenFone Max Pro M1: Top phones with stock Android under Rs 20000

  • NVIDIA SHIELD Android TV gets SHIELD Experience 7.1 with NVIDIA Share and 120Hz support

  • Airbnb Open-sources MvRx for Android App Development in Kotlin

  • LG G7 One gives LG’s first Android One phone plenty to boast about

  • The Alcatel 1 is a low-powered Android Go phone for just $80

  • WhatsApp is backing up Android encrypted messages into Google Drive

  • Google plans to fight Oracle’s copyright lawsuit against Android in the Supreme Court

  • Decentralized Internet Platform Skycoin Releases Android Based Wallet

  • Samsung Galaxy S9+ running Android 9.0 Pie shows up on GFXBench

  • Samsung’s first Android Go phone, Galaxy J2 Core goes on sale in India

  • Google’s Wear OS no longer feels like Android on a smartwatch

  • Google’s huge Wear OS revamp makes the OS work more like Android

  • Exploiting Decades-Old Telephone Tech to Break Into Android Devices

  • Android Messages for web updated w/ various Google Material Theme tweaks

  • Samsung Galaxy C7 receives Android 8.0 Oreo update

  • Xiaomi Redmi Note 5/Redmi 5 Plus gets stable Android 8.1 Oreo update

  • Paranoid Android’s Android Oreo ROM is here for the OnePlus 3, OnePlus 3T, OnePlus 5, and OnePlus 5T

  • How Android Pie’s Adaptive Battery and Adaptive Brightness work

  • Apple Music Is Gunning for Dashboard Dominance With Android Auto

389 Directory Server set to replace OpenLDAP as Red Hat and SUSE withdraw support for OpenLDAP in their Enterprise Linux offerings

Red Hat and SUSE have withdrawn their support for OpenLDAP in their Enterprise Linux offers, which will be replaced by Red Hat’s own 389 Directory Server.

The openldap-server packages were deprecated starting from Red Hat Enterprise Linux (RHEL) 7.4, and will not be included in any future major release of RHEL. SUSE, in their release notes, have mentioned that the OpenLDAP server is still available on the Legacy Module for migration purposes, but it will not be maintained for the entire SUSE Linux Enterprise Server (SLE) 15 lifecycle.

Open Source Integration Leader WSO2 Appoints Darin Bartik as New Chief Marketing Officer

Autogrow releases OpenMinder root monitoring system

Global ag-tech innovator Autogrow has unveiled an open-source root zone monitor as part of an “open-collaboration” platform.

“OpenMinder is a product that someone can build themselves, but more than that it represents where this industry is going with open-collaboration, APIs and a focus on water sustainability,” explains CEO Darryn Keiller.

“Governments and local legislators around the world are tightening the rules for growers when it comes to water usage and run-off. Growers need to use any and all tools at their disposal to ensure they are not only growing sustainably but have the data to back it up.”

OpenMinder is an open-source DIY project from Autogrow targeted to technology developers and for application with small growers. Released under a Creative Commons BY-NC-SA license, OpenMinder provides an open-source API used in conjunction with a Raspberry Pi HAT.

Web Browsers

• Brave Open Source Blockchain Web Browser Sees 10 Million Downloads

  A recent tweet shared by Brave Software has uncovered yet another milestone the firm has attained. Since the launch of Brave, a total of 10 million downloads have been made through Google Play. This particular browser is unique as it not only focuses on one’s web surfing experience, but also prevents advertisements from further ruining it. Most importantly, content creators and regular users get compensated for their contributions (i.e. through Basic Attention Token or BAT).

• Brave Browser Surpasses 10 Million Downloads on Android

  The user-privacy oriented web browser has passed ten million downloads, a huge milestone for both Brave and the BAT team

• BAT-Enabled Brave Browser Hits 10 Million Downloads

• Mozilla

  • Nebulet: A Rust Microkernel Running WebAssembly In Ring 0

    You should likely be familiar with WebAssembly as the binary format for executing code within web pages that can be nearly as fast as running native machine code — and certainly much faster than JavaScript. A new research project has been exploring running WebAssembly in the CPU’s Ring 0 — yes, the highest privileged state of the processor — in the name of better performance.

  • Dweb: Building Cooperation and Trust into the Web with IPFS

    In this series we are covering projects that explore what is possible when the web becomes decentralized or distributed. These projects aren’t affiliated with Mozilla, and some of them rewrite the rules of how we think about a web browser. What they have in common: These projects are open source, and open for participation, and share Mozilla’s mission to keep the web open and accessible for all.

    [...]

    We’re a team of people all over the world working on IPFS, an implementation of the distributed web that seeks to replace HTTP with a new protocol that is powered by individuals on the internet. The goal of IPFS is to “re-decentralize” the web by replacing the location-oriented HTTP with a content-oriented protocol that does not require trust of third parties. This allows for websites and web apps to be “served” by any computer on the internet with IPFS support, without requiring servers to be run by the original content creator. IPFS and the distributed web unmoor information from physical location and singular distribution, ultimately creating a more affordable, equal, available, faster, and less censorable web.

    IPFS aims for a “distributed” or “logically decentralized” design. IPFS consists of a network of nodes, which help each other find data using a content hash via a Distributed Hash Table (DHT). The result is that all nodes help find and serve web sites, and even if the original provider of the site goes down, you can still load it as long as one other computer in the network has a copy of it. The web becomes empowered by individuals, rather than depending on the large organizations that can afford to build large content delivery networks and serve a lot of traffic.

  • Data Science is Hard: Counting Users

    These cars all count if you’re interested in usage. It’s all well and good to know the number of cars using your parking lot right now… but is it lower on weekends? Holidays? Are you measuring on a rainy day when fewer people take bicycles, or in the Summer when more people are on vacation? Do you need better signs or more amenities to get more drivers to stop? Are you going to have expand capacity this year, or next?

    Yesterday we released the Firefox Public Data Report. Go take a look! It is the culmination of months of work of many mozillians (not me, I only contributed some early bug reports). In it you can find out how many users Firefox has, the most popular addons, and how quickly Firefox users update to the latest version. And you can choose whether to look at how these plots look for the worldwide user base or for one of the top ten (by number of Firefox users) countries individually.

    It’s really cool.

    The first two plots are a little strange, though. They count the number of Firefox users over time… and they don’t agree. They don’t even come close!

  • On leaving Mozilla

    I didn’t want to write one of those “all@” goodbye emails. At best, they generate ambivalence, maybe some sadness. And maybe they generate clutter in the inboxes of people who prefer to their inboxes uncluttered. The point is, they don’t seem to improve things. I’m not sending one.

    But I have taken the decision to leave Mozilla as a full-time employee. I’m leaving the industry, in fact. For the last 10 years, for everything I’ve learned, for the many opportunities and for the shared achievements, I’ve got nothing but gratitude towards my friends and colleagues. I cannot imagine I’ll work anywhere quite like this again.

    Long before I joined Mozilla, it was the organisation that had restored my optimism about the future of tech. From the dark days of the dot-com crash and the failure of platform-independent client-side internet applications to live up to their initial promise (I’m looking at you, Java applets), Firefox showed the world that openness wins. Working here was always more than a job. It has been a privilege.

  • These Weeks in Firefox: Issue 44

  • Siggen (Socorro signature generator) v0.2.0 released!

    Siggen (sig-gen) is a Socorro-style signature generator extracted from Socorro and packaged with pretty bows and wrapping paper in a Python library. Siggen generates Socorro-style signatures from your crash data making it easier for you to bucket your crash data using the same buckets that Socorro uses.

  • Standup report: End of days

    Standup is a system for capturing standup-style posts from individuals making it easier to see what’s going on for teams and projects. It has an associated IRC bot standups for posting messages from IRC.

Databases

• Lab Notes: How We Made Joins 23 Thousand Times Faster, Part Three

  This post is the final part of a three-part miniseries that looks at how we improved join performance in the CrateDB 3.0 release.

  In part one of this miniseries, I went over the reasons we chose to implement the hash join algorithm as an alternative to the nested loop algorithm. With that initial set of changes in place, we were able to make joins up to two thousand times faster.

  In part two, I explained how we addressed the memory limitations of the basic hash join algorithm with a switch to block-based processing. That is, dividing a large dataset up into smaller blocks that can be worked on separately. This change improved our performance gains by another 50%.

  This brings us to the final set of changes.

Pseudo-Open Source (Openwashing)

• VoltDB Advances Open Source Capabilities to Meet Growing Demand for Real-Time Applications

• Open Mainframes Project introduces Zowe: A new open-source framework to simplify development on z/OS, supported by IBM

  IBM with its partners, Rocket Software and CA Technologies, have announced the launch of Zowe at the ongoing Open Source Summit in Vancouver, Canada. It is the first z/OS open source project, which is part of the Linux Foundation’s Open Mainframe Project community.

• Open Mainframe Project Announces the Launch of Zowe – an Open Source Framework that Strengthens Integration with Modern Enterprise Applications

• Industry Leader Q&A with New SHARE President Justin Bastin

• Thanks To Microsoft & LTTng, It’s Becoming Possible To Profile .NET Apps On Linux

• Redis modules and the Commons Clause

  The “Commons Clause”, which is a condition that can be added to an open-source license, has been around for a few months, but its adoption by Redis Labs has some parts of the community in something of an uproar. At its core, using the clause is meant to ensure that those who are “selling” Redis modules (or simply selling access to them in the cloud) are prohibited from doing so—at least without a separate, presumably costly, license from Redis Labs. The clause effectively tries to implement a “no commercial use” restriction, though it is a bit more complicated than that. No commercial use licenses are not new—the “open core” business model is a more recent cousin, for example—but they have generally run aground on a simple question: “what is commercial use?”

  Redis is a popular in-memory database cache that is often used by web applications. Various pieces of it are licensed differently; the “Redis core” is under the BSD license, some modules are under either Apache v2.0 or MIT, and a handful of modules that Redis Labs created are under Apache v2.0, now with Commons Clause attached. Cloud services (e.g. Amazon AWS, Microsoft Azure, Google Compute Engine, and other smaller players) provide Redis and its modules to their customers and, naturally, charge for doing so. The “charge” part is what the adoption of the clause is trying to stamp out—at least without paying Redis Labs.

FSF/FSFE/GNU/SFLC

• Friday Hack Chat: GNU RadioFriday Hack Chat: GNU Radio

  Our guests for this week’s Hack Chat will be Derek Kozel and Nate Temple, officers of the GNU Radio project. They’re also organizers of this year’s GNU Radio Conference. Also joining in on the Hack Chat will be Martin Braun, community manager, PyBOMBS maintainer, and GNU Radio Foundation officer.

• bison-3.1 released

Openness/Sharing/Collaboration

• Open Hardware/Modding

  • Video: A Different Linus talks about an Open CPU

    We have had a few discussions about the RISC-V development (at the BozemanLUG meetings). Some Fedora folks have gotten Linux working on some of the RISC-V development boards. There appear to be several layers to the overall design from the low-end moving up. Can RISC-V ever become a viable, mainstream alternative? Time will tell… but at the very least, seeing such developments gives me some hope. Here’s a somewhat mainstream “youtuber” talking about RISC-V and given the number of views so far, maybe the word / information will break through.

  • Essential should open source its accessories platform

    With all these shortcomings, the company has struggled under the father of Android, Andy Rubin. Sales estimations of the PH-1 have come in well below 200,000 units. Subsequently, the rumors have been rampant that the company is up for sale to get out from under its debts. Another struggle has been its proprietary accessory system. That’s the topic I’d like to take on in this post. Essential should open source its plans for mods.

  • 3D-Printed Firearms Are Blowing Up

    If you follow 3D printing at all, and even if you don’t, you’ve likely seen some of the recent controversy surrounding Defense Distributed and its 3D-printed firearm designs. If you haven’t, here’s a brief summary: Defense Distributed has created 3D firearm models and initially published them for free on its DEFCAD website a number of years ago. Some of those 3D models were designed to be printed with a traditional home hobbyist 3D printer (at least in theory), and other designs were for Defense Distributed’s “Ghost Gunner”—a computer-controlled CNC mill aimed at milling firearm parts out of metal stock. The controversy that ensued was tied up in the general public debate about firearms, but in particular, a few models got the most attention: a model of an AR-15 lower receiver (the part of the rifle that carries the serial number) and “the Liberator”, which was a fully 3D-printed handgun designed to fire a single bullet. The end result was that the DEFCAD site was forced to go offline (but as with all website take-downs, it was mirrored a million times first), and Defense Distributed has since been fighting the order in court.

    The political issues raised in this debate are complicated, controversial and have very little to do with Linux outside the “information wants to be free” ethos in the community, so I leave those debates for the many other articles on this issue that already have been published. Instead, in this article, I want to use my background as a hobbyist 3D printer and combine it with my background in security to build a basic risk assessment that cuts through a lot of the hype and political arguments on all sides. I want to consider the real, practical risks with the 3D models and the current Ghost Gunner CNC mill that Defense Distributed provides today. I focus my risk assessment on three main items: the 3D-printed AR-15 lower receiver, the Liberator 3D-printed handgun and the Ghost Gunner CNC mill.

Programming/Development

• HHVM 3.28.0

  HHVM 3.28 is released! This release contains new language features, bugfixes, performance improvements, and improvements to the debugger and editor/IDE support.

• Mozilla’s Firefox Nightly Experiment Results, EFF’s Back to School Tips, HHVM 3.28 Released, Oracle Solaris 11.4 Now Available and Dropbox Vulnerability Discovered

  HHVM 3.28 was released yesterday. This new release of the open-source virtual machine for executing programs written in Hack and PHP “contains new language features, bugfixes, performance improvements, and improvements to the debugger and editor/IDE support.”

• HHVM 3.28 Released With More Performance Improvements, Language Features

  Facebook developers maintaining the HHVM interpreter for running PHP and Hack code have announced the HHVM 3.28.0 update.

  HHVM 3.28 continues their theme of introducing minor language additions, various performance improvements, better debugging support, and different bug-fixes.

• MIT Releases A Free and Open Source Computer Programming Language to the Public

  The MIT-developed programming language, Julia 1.0 has been officially released to the public. Julia has been in development by MIT for almost a decade and made its official public debut during JuliaCon, an annual conference of Julia users.

  Julia 1.0 is a free open source programming language available worldwide. “Julia has been revolutionizing scientific and technical computing since 2009,” says MIT Professor Alan Edelman.

• rlife : a cellular automata library written in Rust

  So rlife is a life library written in Rust. It aims at allowing to do manipulations on cellular automata, like computing the next generation of a CA, loading/saving a CA from/to a file, do various analysis on it (like locating the coordinates of a pattern, counting the number of living cells) and other manipulations. The main object of this library is the Gridthat represents the grid of the CA and it also stores all its properties (the file format used, the rulesets, the current size of the grid, etc…). This library could allow some developers to use CAs with a high level of abstraction and have the possibility to do many (in the future…) operations on it.

• cmocka version 1.1.2 released

  I’m happy to announce version 1.1.2 of cmocka, a unit testing framework for C with mocking support.

Hardware

• Working Apple-1 computer could sell for price of a supercar

  Steve Jobs and Steve Wozniak produced about 200 Apple-1 computers in the mid-1970s and around 60 of those are known to still exist today. Every so often one pops up at auction and manages to sell for a price that could easily purchase a home in most locations.

• For Sale: 1976 Apple 1. Still Works, Asking $300,000 OBO

  An original Apple 1, hand-built by Steve Wozniak in 1976, is up for auction in September. It’s expected to sell for $300,000 or more.

  Steve Jobs and Wozniak only made 200 Apple 1 devices, making this an extremely rare piece of computer history. It was one of the first home computers that didn’t require soldering.

Security

• Security updates for Wednesday

• Password managers: Please make sure AutoFill is secure!

  Dear developers of password managers, we communicate quite regularly, typically within the context of security bug bounty programs. Don’t get me wrong, I don’t mind being paid for finding vulnerabilities in your products. But shouldn’t you do your homework before setting up a bug bounty program? Why is it the same basic mistakes that I find in almost all password managers? Why is it that so few password managers get AutoFill functionality right?

  Of course you want AutoFill to be part of your product, because from the user’s point of view it’s the single most important feature of a password manager. Take it away and users will consider your product unusable. But from the security point of view, filling in passwords on the wrong website is almost the worst thing that could happen. So why isn’t this part getting more scrutiny? There is a lot you can do, here are seven recommendations for you.

• Kali Linux’s New Version 2018.3, Open-Source License War, Lenovo Announces Five New Android Tablets, Google Releases Open-Source Reinforcement Learning Framework and KD Chart Update

  Kali Linux recently announced its third release of 2018. Version 2018.3 features several new tools: idb, an iOS research/penetration-testing tool; gdb-peda, Python Exploit Development Assistance for GDB; datasploit, OSINT Framework to perform various recon techniques; and kerberoast, Kerberos assessment tools. See the Change Log for more information on all the changes, and download Kali from here.

• The Difference Between Sandboxing, Honeypots & Security Deception

  A deep dive into the unique requirements and ideal use cases of three important prevention and analysis technologies.

  Networks, cyberattacks, and the strategies used to stop them are continuously evolving. Security deception is an emerging cyber-defense tactic that allows researchers and information security professionals to observe the behavior of attackers once they’ve gained access to what they think is a business network.

  The term “security deception” only came into wide usage in the last year, so it can be difficult to tell how exactly these solutions are different from other tools that try to trick attackers, such as sandboxing and honeypots. Like these other tactics, security deception fools attackers and malicious applications into revealing themselves so that researchers can devise effective defenses against them, but it relies more on automation and scale, and requires less expertise to set up and manage. Each of these technologies has unique requirements and ideal use cases. To understand what those are, we’ll need to look at each of them in more detail.

• Windows Task Scheduler Zero-Day Exposed; No Patch Available

  A zero-day flaw has been revealed by a Twitter user SandboxEscaper, for the Windows Task Scheduler in 64-bit Windows 10 and Windows Server 2016 systems. Apparently, this vulnerability is out in the wild, and there are no known patches or specific workarounds at present.

  US-CERT has confirmed that the exploit works on 64-bit Windows 10 and Windows Server 2016 systems and is rooted in the Windows task scheduler.

• Task Scheduler ALPC exploit high level analysis

  Yesterday SandboxEscaper tweeted an local privilege escalation exploit for Windows, which currently has no patch. It’s a really neat flaw, in particular how it is exploited.

• OpenSSH Versions Since 2011 Vulnerable to Oracle Attack [Ed: Bleeping Computer is not a security news site but alarmist site that hypes up pretty ordinary bugs; Catalin is a lot worse]

  Security researchers from Qualys discovered a new username enumeration problem in the latest version of OpenSSH. It allows an attacker to try out various usernames on the server and determine which ones are valid. The vulnerability received tracking number CVE-2018-15919.

• ATtention Spanned: Comprehensive Vulnerability Analysis of AT Commands Within the Android Ecosystem

  AT commands, originally designed in the early 80s for controlling modems, are still in use in most modern smartphones to support telephony functions. The role of AT commands in these devices has vastly expanded through vendor-specific customizations, yet the extent of their functionality is unclear and poorly documented. In this paper, we systematically retrieve and extract 3,500 AT commands from over 2,000 Android smartphone firmware images across 11 vendors. We methodically test our corpus of AT commands against eight Android devices from four different vendors through their USB interface and characterize the powerful functionality exposed, including the ability to rewrite device firmware, bypass Android security mechanisms, exfiltrate sensitive device information, perform screen unlocks, and inject touch events solely through the use of AT commands. We demonstrate that the AT command interface contains an alarming amount of unconstrained functionality and represents a broad attack surface on Android devices.

• How These Android Smartphone Can Be Hacked With Simple AT commands

  According to a research, millions of Android devices from 11 OEMs are vulnerable to attacks from simple AT commands.

  These AT commands or Attention commands are a short collection of strings which were designed to transmit via phone line and modems, back in the 1980s. Earlier, these commands were used for a modem dial-up, hang up, and change specific connection settings.

• Slackware Releases L1TF Mitigation Updates for v14.2

  The Slackware Linux Project team has just released kernel updates for its Slackware version 14.2 which was initially released on the first of July this year. According to the advisory released with the updates, the new kernel packages made available are specifically drafted to mitigate several imminent and emerging security concerns in the operating system.

Defence/Aggression

• Ex-CIA officer responded to reports of informants in Russia

  The American intelligence service, which claimed to have informants in Russia was bluffing, RIA “Novosti” the statement of former CIA officer, Executive Director of the American Council for the national interest Philip Giraldi.

  “Senior intelligence officials never so simple and openly admit that they have sources rank high in the Kremlin,” said Giraldi.

• Using the CIA to Extricate Us From Endless Cycle of Wars

  War in the Middle East is every U.S. president’s own ice cream challenge. It seems as if they all declare at the outset of their term that they want to focus on a domestic agenda to grow economic prosperity at home. Americans and much of the world breathe a sigh of relief over the idea of break from war. Unfortunately, it never pans out because some kind of pretext for re-engagement inevitably materializes.

  But what if an American president decided that even if the freezer conked out, melting all the ice cream, he still wasn’t going to rationalize the need to touch it?

  No recent president has been able to do that. Instead, the melted ice cream — now basically a milkshake — beckons to them. Suddenly, they’re having nightmares about another country stealing and drinking their disgustingly warm milkshake, so they raid the broken freezer and gorge themselves.

  Soon they discover that they’re in too deep and will never purge all those calories at the gym, so they double down by camping out in case more freezer items just happen to end up defrosting. Camp Leatherneck in Afghanistan’s Helmand Province didn’t come about much differently than Camp Busted Freezer.

• WaPo Uses Photo of John McCain Next to Nazi to Praise His ‘Human Rights’ Work

  The Washington Post (8/27/18) published an op-ed by conservative staff opinion columnist Jennifer Rubin praising the late Sen. John McCain for his supposed commitment to “human rights.”

  Rubin waxed poetic on the ostensible “lost champion” of human rights, who “model[ed] for others the behavior of a free society.” She declared, quite paradoxically, “With the possible exception of the US military…no group was more indebted to Sen. John McCain (R-Ariz.) than the human rights community.”

  There was an, er, optical problem, however: For the header image on this column, the Washington Post used a photo of McCain speaking next to the notorious Ukrainian neo-Nazi leader Oleh Tyahnybok.

  Tyahnybok, a longtime fascist, has called for a war on the so-called “Muscovite-Jewish mafia” (BBC, 12/26/12). The far-right leader has attacked the role of “Jews-Bolsheviks” in his country’s history, and claims that there is still today a cabal of “Jewish oligarchs who control Ukraine” (JTA, 3/25/09).

  John McCain met with Tyahnybok and stood next to him as the senator gave a speech in Ukraine in late 2013, as Business Insider (12/16/13) reported at the time. The Washington Post indicated in the caption on its header image that McCain was “wav[ing] to protesters during a mass rally of the opposition in Kiev, Ukraine, on December 15, 2013.” But it failed to identify the man standing next to the Arizona senator—or his extremist politics, which are the antithesis of human rights.

  McCain was in the Eastern European nation—along with Democratic Senator Chris Murphy — to cheer on the ongoing right-wing protest movement. In February 2014, this movement was successful: Ukraine’s democratically elected, pro-Russian government was overthrown in a coup, in which fascist forces played a significant role (FAIR.org, 3/7/14).

  [...]

  Tyahnybok is far from a minor player in Ukraine. And since the US-backed coup, he has become increasingly influential.

  Tyahnybok has been the leader of the fascist, ultra-nationalist Ukrainian political party Svoboda since its founding in 2004. Svoboda has its origins in the explicitly neo-Nazi Social-National Party of Ukraine, which proclaimed, “We are the last hope of the white race, of humankind as such.”

• Flordia AG Somehow Pivots To The Danger Of Video Games After The Latest Florida Shooting

  There is a long tradition in conservative politics for blaming video games whenever a mass shooting is carried out by a relatively young person. It’s a monumentally stupid argument, given the complicated and twisted nature of mass shootings and the motivations behind them. But, since policy and politics are now offered merely in soundbite formats, the end result of a mass shooting is for every person to retreat to their familiar corners and make lots of noises that ultimately accomplish nothing but stagnation.

  The mass shooting that happened in Florida recently could have been a different story. While it indeed happened at a video game tournament, the gamers involved were playing Madden, not some violent shoot ‘em up. If playing a football video game makes people angry enough to shoot people, just wait until those decrying video game violence turn on their TVs on Sunday and realize that there are actual people playing the same game for real. There was no indication anywhere that this shooting was carried out by anything other than an individual that likely had some severe mental problems and access to weapons. And, yet, somehow Florida Attorney General Pam Bondi addressed this latest shooting by pivoting directly to the dangers of kids playing video games and the predators that will harm them.

• Florida’s Attorney General Finds Baffling New Way to Blame Jacksonville Shooting on Video Games

  After a mass shooting, pro-gun activists often reach for ways to explain how it could have happened yet again that isn’t “there too many people have guns and they’re too easy to get.” This weekend’s shooting in Jacksonville, FL, at a Madden video game tournament has proved to be no exception, with Florida Attorney General Pam Bondi supplying the obvious alternate explanation—it’s about video games—but with a fascinating twist.

Transparency/Investigative Reporting

• As his isolation intensifies, WikiLeaks’ Julian Assange faces possible threat of eviction, extradition

  For Julian Assange, the world’s most famous whistleblower, freedom could be dangerous.

  As his residency at the Ecuadorian Embassy in London enters its seventh year, the self-styled cyber revolutionary – WikiLeaks’ founder and controversial publisher of some of the world’s most closely guarded official secrets – is facing a pair of converging crises that have left his allies fearing for his wellbeing and his safety.

  Inside the embassy, he is living an increasingly secluded existence, having been stripped of his phones, computers and visitor privileges after running afoul of the very government that gave him asylum. Outside the embassy, he is embroiled in the global political scandal surrounding Russian efforts to interfere in the 2016 election, with questions about his role in that drama being raised by friends and foes alike.

• Mike Hosking: Chelsea Manning is a crook, keep her out of NZ

• Australia preparing to ban US whistleblower Chelsea Manning

• WikiLeaks whistleblower Chelsea Manning to be banned from entering Australia ahead of speaking tour as government prepares to deny her visa

• Transgender former soldier Chelsea Manning’s speaking tour at risk over ‘character concerns’

• Ban ‘felon’ Chelsea Manning from New Zealand, urge opposition MPs

  The New Zealand opposition has called for US whistleblower Chelsea Manning to be banned from visiting the country to give a series of talks in September.

  Manning was released from prison in May 2017 after being sentenced in 2013 in violation of the US Espionage Act for disclosing classified government documents to WikiLeaks.

  She requires a special direction visa to visit New Zealand, and is subject to character provisions in section 15 of the Immigration Act 2009.

• Criticism over Chelsea Manning’s NZ visit is about condemning whistleblowers

  The National Party’s call to shun Chelsea Manning is particularly callous, given the charges laid against her were all about speaking out, and she has paid a high price for doing so.

  The former United States army intelligence analyst spoke, and continues to speak, backed by proof, about serious crimes committed by those in power.

  What’s more, she has already served seven incredibly hard years, at times in solitary confinement, in prison for this.

Environment/Energy/Wildlife/Nature

• Nuclear Safety Board Slams Energy Department Plan to Weaken Oversight

  A new Department of Energy order that could be used to withhold information from a federal nuclear safety board and prevent the board from overseeing worker safety at nuclear facilities appears to violate longstanding provisions in the U.S. Atomic Energy Act, the board’s members said Tuesday.

  Members of the Defense Nuclear Facilities Safety Board, both Democrats and Republicans, were united in their criticism of the Energy Department’s order, published in mid-May. It prevents the board from accessing sensitive information, imposes additional legal hurdles on board staff, and mandates that Energy Department officials speak “with one voice” when communicating with the board.

  The Santa Fe New Mexican and ProPublica first reported on the order’s existence in July but the board called for a special hearing, saying its members had no formal input before the document was finalized.

  At that hearing in Washington, D.C., Tuesday morning, the first of three on the topic, officials from the Energy Department and its National Nuclear Security Administration, which oversees the nation’s nuclear stockpile, said the changes were largely innocuous and were necessary to update a 17-year-old guidance manual.

Finance

• Google for India: Google Tez renamed as Google Pay, app to now offer pre-approved loans

  Google Tez has been revamped, and its updates were announced at today’s ‘Google for India 2018’ event being held in New Delhi. Among other things, Tez has been renamed Google Pay, and users will also be able to pay instant loans through the service. As part of this service, Google will partner with leading banks.

AstroTurf/Lobbying/Politics

• Elizabeth Warren Has Bold Ideas About How to Drain the Swamp

  Those who support progressive reform have the biggest stake in cleaning the stables, cracking down on the corruption, and making Washington accountable.

• Trump Attacks Google Once Again With A Video Accusing Of Biased Results

  Sit back and relax! Because it seems like Trump vs. Google clash is going to continue a little longer.

  Two days ago, we saw USA President Donald Trump accusing tech giant Google of promoting “bad news” against him in the search results; calling it “RIGGED.”

• Google Calls BS on Trump’s Claim It Blacklisted His 2017 and 2018 ‘State of the Union’ Speeches

  On Wednesday, Donald Trump escalated his war with major U.S. tech companies he and other prominent conservatives have been baselessly accusing of censoring right-wingers. In a video with an ominous soundtrack posted to his Twitter account, the president’s team accused search giant Google of featuring links to live streams of former President Barack Obama’s State of the Union addresses but not his.

Censorship/Free Speech

• Facebook has removed all cross-posted tweets

  Facebook users are complaining the company has removed the cross-posted tweets they had published to their profiles as Facebook updates. The posts’ removal took place following the recent API change that prevented Twitter users from continuing to automatically publish their tweets to Facebook. According to the affected parties, both the Facebook posts themselves, as well as the conversation around those posts that had taken place directly on Facebook, are now gone. Reached for comment, Facebook says it’s aware of the issue and is looking into it.

• Facebook is deleting timeline posts that users cross-published from Twitter

  The changes went into effect starting August 1st. But it now appears that not only did Facebook disable the ability to use cross-posting between Twitter and its own social network on that date, but it also forcibly removed all the posts users had made using that feature. For users that may have been deleting their tweets but keeping a repository of the information on Facebook, where it’s more easily kept hidden from the public, it would seem the posts are gone for good.

• Punjab’s proposed amendment to blasphemy law Section 295 AA: Amarinder’s move arms religious fanatics against free speech

  # https://www.firstpost.com/india/uproar-expected-in-punjab-as-amarinder-govt-moves-to-table-bill-introducing-amends-to-section-295-aa-blasphemy-law-today-5059111.html

  The proposed law inserts Section 295AA to the IPC to provide: “whoever causes injury, damage or sacrilege to Sri Guru Granth Sahib, Srimad Bhagwad Geeta, Holy Quran and Holy Bible with the intention to hurt the religious feelings of the people, shall be punished with imprisonment for life.” For the past few centuries, there has been a movement of ideas worldwide to separate religion from the state. Chief Minister Amarinder is seeking to revert this process of enlightenment.

  [...]

  In India, there has been a long tradition of free speech, which is now under attack from a range of forces who have roots in religion and institutions of the government in India. In 2017, a group of University of Lucknow students, including girls, spent three weeks in jail for showing black flags to Chief Minister Yogi Adityanath. Indian youths are being imprisonment for posting political comments on Facebook and other social media. This is an attack on our democratic tenets.

• Microsoft’s president explains how the Gab shutdown notice went from customer support to his desk

  In a wide-ranging interview on The Vergecast this week, Microsoft president and chief legal officer Brad Smith expanded on why the company nearly shut down Gab.ai, the “free-speech” absolutist platform that’s become an alt-right favorite.

  Earlier this month, Microsoft sent a notice to Gab threatening to end the company’s Azure cloud service if it did not remove two anti-Semitic hate speech posts within 48 hours. The notice, which Gab said would cause the social network to “go down for weeks/months,” sent the social network’s operators into a frenzy. But Smith said Microsoft headquarters in Redmond, Washington, was asleep when the notice was sent.

  [...]

  The posts, which advocated for genocidal violence against Jewish people, were removed by the poster before Microsoft’s takedown deadline. “Whoever made that call while we were sleeping made the right call,” Smith said.

Privacy/Surveillance

• WhatsApp Data Backed Up On Google Drive Won’t Be Encrypted

  WhatsApp had recently announced that Android users will be able to store their chats on Google Drive starting from November 12, 2018.

  Those backups won’t be counted towards Google Drive’s storage quota. But WhatsApp has warned that the free backup service offered by Google will no longer be protected with end-to-end encryption.

• Appeals Court Asks the Right Questions in NSA Surveillance Case

  On Monday, the Second Circuit Court of Appeals in New York held argument in United States v. Hasbajrami, an important case involving surveillance under Section 702 of the FISA Amendments Act. It is only the second time a federal appeals court has been asked to rule on whether the government can collect countless numbers of electronic communications—including those of Americans—and use these communications in criminal investigations, all without a warrant. In a lengthy and engaged argument [.mp3], a three-judge panel of the Second Circuit heard from lawyers for the United States and the defendant Agron Hasbajrami, as well as from ACLU attorney Patrick Toomey representing ACLU and EFF, which filed a joint amicus brief in support of the defendant. As we explained to the court in our amicus brief and at the argument, this surveillance violates Americans’ Fourth Amendment rights on a massive scale.

  Hasbajrami is a U.S. resident who was arrested at JFK airport in 2011 on his way to Pakistan and charged with providing material support to terrorists. Only after his conviction did the government explain that its case was premised in part on emails between Hasbajrami and an unnamed “Individual #1”—a foreigner associated with terrorist groups—obtained using PRISM, one of the government’s Section 702 programs.

  Under Section 702, the government is authorized to warrantlessly intercept private online communications of foreigners located outside the U.S., an authority that the government claims extends to conversations between foreigners and Americans, so long as it doesn’t intentionally target specific Americans.

• German antitrust watchdog plans action on Facebook this year

  The Federal Cartel Office objects in particular to how Facebook acquires data on people from third-party apps – including its own WhatsApp and Instagram services – and its online tracking of people who aren’t even members.

• ‘Digital shackles’: the unexpected cruelty of ankle monitors

  Birts pays $30 per day – that’s $840 per month – for the privilege of wearing the bulky device. It sucks up all his income, leaving him homeless and sleeping in his Ford Escape in Oakland.

  [...]

  Edwards is using the legal system to fight back. He is part of a class-action lawsuit against LCA and Alameda county, filed in early August, which accuses the county of allowing a private company to make profit-driven decisions about people’s freedoms, denying them due process. It accuses LCA of extorting fees from people through the threat of incarceration, in violation of federal racketeering laws.

• Indiana Appeals Court Says Forcing Someone To Unlock Their Phone Violates The 5th Amendment

  Passwords and PINs still beat fingerprints when it comes to the Fifth Amendment. But just barely. Nothing about the issue is settled, but far more cases have been handed down declaring fingerprints to be non-testimonial. Fingerprints are obtained during the booking process — a physical, traceable representation of the suspect. If they can be obtained during booking, they can certainly be obtained again to unlock a device. A physical aspect of a human being can’t be considered “testimonial” as far as courts have interpreted the Fifth Amendment.

  Passwords are a different story, but not by much. In a handful of cases, courts have said the compelled production of passwords and PINs has no Fifth Amendment implications. Defendants, conversely, have argued compelled password production forces them to testify against themselves by facilitating the production of evidence to be used against them.

  This argument hasn’t had much success. Judges have frequently found password production to be just as non-testimonial as a person’s fingerprint. The argument here is that all law enforcement wants is a password, not the production of evidence. Under the “foregone conclusion” theory, all the government has to prove is that the person being asked to unlock a device can unlock the device.

  This decouples password production from its consequences: the production of evidence by defendants that the government will use against them in court. When this theory is applied, the Fifth Amendment is sidelined and replaced with the ultra-low bar of foregone conclusion.

• WhatsApp is storing unencrypted backup data on Google Drive

  However, the company has now confirmed that the act of encrypting the data between WhatsApp and Google is not part of the end-to-end encryption that the company offers for its conversations.

Civil Rights/Policing

• Facebook fugitive fights U.S. request to extradite him from Ecuador: lawyer

  The criminal case arose from Ceglia’s conduct related to a2010 civil lawsuit he had filed against Zuckerberg.

  Ceglia claimed that Zuckerberg had, while a student at Harvard University, signed a 2003 contract giving him half of a planned social networking website that later became Facebook.

• Alleged Facebook scammer arrested in Ecuador, will resist extradition

  In a new court filing submitted last week, federal prosecutors said that a criminal defendant accused of attempting to extort Facebook itself has now been arrested in Ecuador.

   

  That man, Paul Ceglia, has been a fugitive since 2015. At that time, he cut off his ankle monitor and fled with his wife, kids, and dog. The American government is now trying to extradite Ceglia.

• Tech Titans Dish Advice About Phone Addiction

  Your phone is training you to be its servant. Here’s how to fight back.

• FrOSCon 2018

  In her keynote “Blessed by the algorithm – the computer says no!” Lorena detailed the intersection of ethics and technology when it comes to automated decision making systems. As much as humans with a technical training shy away from questions related to ethics, humans trained in ethics often shy away from topics that involve a technical layer. However as technology becomes more and more ingrained in everyday life we need people who understand both – tech and ethical questions.

  Lorena started her talk detailing how one typical property of human decision making involves inconsistency, otherwise known as noise: Where machine made decisions can be either accurate and consistent or biased and consistent, human decisions are either inconsistent but more or less accurate or inconsistent and biased. Experiments that showed this level of inconsistency are plenty, ranging from time estimates for tasks being different depending on weather, mood, time of day, being hungry or not up to judges being influenced by similar factors in court.

• Check Out My Presentation “How To Win A Grassroots Media Rebellion“ At The Ron Paul Institute Conference

  Here’s a speech I gave for the Ron Paul Institute Peace and Prosperity Conference titled “How To Win A Grassroots Media Rebellion“. The audio feed for this recording doesn’t pick up the audience, so when you see me pausing with a delighted look on my face it’s because people are applauding, not because I’m having a stroke.

• Fact-Checking The Prison Strike: Marshall Project Reveals Bias Against Prisoner-Led Resistance

  One of the primary differences between this year’s prison strike for basic human rights and dignity and the one that took place in 2016 is the level of media attention it has attracted.

  Far more journalists are paying attention this year, but rather than examine the message of the strike seriously, several outlets—especially those claiming to specialize in these issues—are more concerned with interrogating the messengers. It is as if the prison strike might be a stunt by conniving prisoners and backed by clueless activists—both which want to see their names splashed all over the internet.

  A quintessential example of this came from the Marshall Project, a nonprofit news organization that was founded by former hedge fund manager Neil Barsky in 2014. The organization prides itself on being a credible and reliable source of information on everything from prisons to police and the courts. According to their website, they “[seek] to create and sustain a sense of national urgency about the U.S. criminal justice system.”

  The Marshall Project managed to get out in front of other mainstream reporting on the prison strike, establishing themselves as an expert source for interviews and insights on the action. Reporting fellow, Nicole Lewis, was invited on popular national media platforms to discuss her piece, “What’s Really Happening With The Prison Strike?”

  But Lewis’s article is littered with prejudice and innuendo that casts doubt on the legitimacy and trustworthiness of strikers and their outside supporters. It includes the perspectives of activists, but plays into biases against incarcerated people by suggesting they might not be telling the truth about their struggle for human rights.

  The article from the Marshall Project appears to be a fact check of the prison strike. “Some outlets simply reported unchecked information put out by the outside strike organizers,” Lewis writes, without naming any particular outlets. But the only “unchecked information” Lewis seems to highlight is the number of prisons participating.

  Lewis clearly believes organizers are exaggerating the extent of the strike. Yet, by focusing on this aspect, she ignores the demands and the conditions that fueled the latest round of resistance.

• On National Security, Kavanaugh Has a History of Extreme Deference to the President

  Trump’s pick for the Supreme Court has a record of extreme deference to the executive on national security cases, including unlawful detention.

  A week before his confirmation hearing, the public record on Judge Brett Kavanaugh’s possible involvement in some of the Bush administration’s most abusive policies and programs is woefully incomplete.

  Kavanaugh, President Trump’s nominee for the Supreme Court, served in the White House soon after 9/11 when the Bush administration launched many of its most infamous programs in the name of national security. Leading senators have said that, during his 2006 confirmation hearing for the D.C. Circuit Court of Appeals, Kavanaugh may have provided misleading or inaccurate information about his involvement in developing those policies. Senators have rightly called for access to and public release of all documents from his White House stint, so we know any role he might have played in developing or reviewing the Bush administration’s torture, detention, and surveillance programs.

  But despite these holes, Kavanaugh does have a well-developed record in cases involving national security, civil liberties, and human rights from his time on the D.C. Circuit. That record shows extreme deference to presidential claims to act unchecked in the name of war or national security. It also demonstrates hostility to international law as a constraint on government action as well as an unwillingness to hold the government to account when it violates the constitutional and human rights of U.S. citizens and noncitizens.

• Amazon Pays Employees To Chirp Happily On Twitter About Wonderful Working Conditions

  For several years now, there have been a parade of articles examining the “churn and burn” culture at Amazon. For example a 2015 New York Times piece profiled the “bruising” culture at the company while noting that employees weeping at their desk was not an uncommon sight. And while the profile was contested by some employees at the company, a substantial number of different reports have also highlighted the poor working conditions in Amazon distribution warehouses, including employees having to pee in garbage cans for fear of missing targets by going to a proper restroom.

  Hoping to correct the “public perception” of poor working conditions at the company’s warehouses, Amazon executives have crafted a new “solution” to the problem. They’ve started paying some warehouse employees to create Twitter accounts and speak positively of not only their working experiences, but CEO Jeff Bezos.

Internet Policy/Net Neutrality

• To protect big telcos, Zambia wants to tax calls made over social media apps

  The new tariff, announced last week, will be collected through mobile phone companies and [I]nternet service providers. The fee will be charged at a daily rate at 30 ngwee (3c) per day, irrespective of how many [I]nternet calls are made, explained minister of information and broadcasting Dora Siliya.

• Zambia to tax internet calls to protect telecoms firms

  Internet has become important for civil society in Zambia, and activists worry the tax will curtail freedom of expression.

   

  “We have noted that it’s part of the systematic attempt by the state to stifle freedom of expression online. This is an assault to freedom of expression and association,” said Richard Mulonga, head of the online rights group Bloggers of Zambia.

• Big Telecom Is Using Robocalls to Fight a Net Neutrality Bill in California

  CJAC’s robocalls ares not the only campaign spreading scary claims about soaring cell phone bills: ads on Facebook and Twitter, as well as physical flyers opposing the net neutrality bill and paid for by AT&T-backed advocacy group CALInnovates have been reported across California.

• Big Telecom Resorts To Lying To Senior Citizens To Scuttle Net Neutrality In California

  With the bipartisan majority of Americans supporting net neutrality, the broadband industry often has to resort to outright falsehoods to try and make its case that we don’t need net neutrality rules (or any meaningful oversight of natural telecom monopolies). From paying civil rights groups to parrot industry positions to hiring fake journalists to deny the obvious, the broadband industry has a long, proud, multi-decade history of using outright bullshit to scare the public, press and regulators away from the idea of net neutrality.

  The latest case in point: after AT&T lobbyists successfully sabotaged initial efforts to pass new net neutrality rules in California, the state this week revisited the effort with a new vote on the state assembly floor. In a bid to try and scuttle the effort, an AT&T-linked group by the name of Civil Justice Association of California (CJAC) has been robocalling senior citizens in the state, informing them that their cell phone bill will jump $30 if the new rules pass.

Intellectual Monopolies

• Data Driven Creativity

  My broader point, then, is that how we consider the effect of data driven works will depend a lot on how we view creativity.

  [...]

  To be clear, Raustiala and Sprigman don’t say anything that contradicts my intuitions here. They make clear that creativity is on a continuum, and that data merely slides to one side. But they do question how viewers will perceive works, and it is there that I disagree with them. I suppose that we could hit that limit where everything is automated, but my gut says that despite having preferences for particular story aspects, viewers will always be able to separate the wheat from the chaff (though not the way I would – as just about every American Idol vote shows) and thus will always look for something new and different within their preferences. At least, I sure hope so.

• Trademarks

  • Mexico expands trade mark protection

    Mexico’s industrial property law has been amended to include more types of trade marks. It also introduces some small changes that bring Mexico’s trade mark system more in line with the US and beyond

• Copyrights

  • Danish ISPs Get Win That Could End Copyright Trolling In Denmark

    We have talked in recent years how the scourge of copyright trolling has hit the nation of Denmark particularly hard. While trolling operations started off about the same as they do elsewhere in the world, their requests to unmask ISP customers soon ramped up to enormous levels. It was enough to turn two ISP rivals into allies, with Telenor and Telia fighting in court for their respective customers’ privacy rights. After an initial loss, the companies appealed up the legal chain and managed to get a win with the court siding with the ISPs’ privacy concerns over the copyright trolls’ nefarious business model. After that, one of the copyright trolls appealed to Denmark’s Supreme Court, hoping to reverse the decision once again.

  • Significant Concerns About The New NAFTA Agreement’s Impact On Innovation And The Internet

    Earlier this week, we wrote about how the USTR itself appeared to be totally confused about its own NAFTA-replacement agreement with Mexico in the “Intellectual Property” section, in that it was reporting that the agreement included copyright in some works for “75 years” in places and “life + 75 years” in other places, and acted as though they were the same thing. The USTR seemed legitimately confused over this issue, which did not give people much confidence that it knew what it was doing in these negotiations on the intellectual property questions. However, since that issue appeared to be one of pure confusion, which should be easily fixed in the final text, we should put our attention more towards the actual problems with what the USTR appears to be doing here.

    We don’t yet have the full text — though that should be available soon — but from the USTR’s fact sheet there are many reasons to be concerned that this agreement is a massive handout to Hollywood and patent trolls, and against innovation.

  • IP Address is Not Enough to Identify Pirate, US Court of Appeals Rules

    The owner of an adult foster care home who operated an open WiFi network has booked a big win against a copyright troll. Thomas Gonzales was accused of downloading the Adam Sandler movie The Cobbler but won $17k last year after being wrongfully targeted. The case went to appeal and in a ruling handed down yesterday by the Ninth Circuit Court of Appeals, Gonzales emerged victorious again.

  • Important Appeals Court Ruling States Clearly That Merely Having An IP Address Is Insufficient For Infringement Claims

    The case involved well known copyright trolling lawyer Carl Crowell representing Cobbler Nevada LLC. As we discussed in our article on the district court decision, the actions in this case were particularly nefarious. Crowell quickly learned that the IP address in question belonged to an adult foster care home, but decided to go after the operator, Thomas Gonzales, even though he was aware that any of the many residents or staff may have actually been responsible for the infringement. Gonzales (reasonably) refused to just cough up the names and details of residents and staff without a court order, and Crowell’s response was just to go after Gonzales directly. But the facts of this case made it especially easy for the lower court to highlight how a mere IP address is not nearly enough to allege infringement.

  • No do-overs! Appeals court won’t hear $8.8bn Oracle v Google rehash

    Over eight years of feuding between Oracle and Google over the use of Java code in Android may be nearing its end following a Tuesday court ruling.

    The US Federal Circuit Court of Appeals has declined [PDF] to re-hear the case in which it found Google to be in violation of Oracle’s copyright on Android API code. The Chocolate Factory faces a demand from Oracle for $8.8bn in damages.

    Tuesday’s ruling means that the only remaining hope for Google to avoid a massive payout to Oracle is a hearing and decision from the US Supreme Court, something Google said it will pursue after today’s verdict.

    “We are disappointed that the Federal Circuit overturned the jury finding that Java is open and free for everyone,” Google told The Register.

  • Federal Circuit denies Oracle v Google en banc rehearing

    Google has already said it will appeal to the Supreme Court in the latest development in the dispute over unauthorised use of 37 packages of Oracle’s Java application programming interface

  • A Link Tax Won’t Bring Back Journalists; It Will Do Even More Harm To Them

    While most of the attention on the upcoming votes around the EU Copyright Directive is on the mandatory filters found in Article 13, we should be just as concerned about the link tax in Article 11. European publishers have been flat out lying about the proposal, which is little more than an attempt to just demand cash from Google and Facebook.

    We’ve already explained why this is a bad idea. And it’s not a theoretical issue either. This very same proposal has been tried in Germany and Spain and it failed miserably in both places, to the point of doing serious damage to traffic to news sites, without increasing revenue.

    Unfortunately, it appears that at least some journalists don’t want to hear about the facts. AFP’s Baghdad Bureau Chief, Sammy Ketz has pieces in the Guardian and La Stampa (and possibly elsewhere) making an impassioned — if somewhat confused — plea in support of Article 11.

    The reasoning is fuzzy, because there is no legitimate basis for Article 11, but Ketz basically says “there are fewer reporters these days, because news orgs are failing, but Google and Facebook have lots of money, so Article 11 is important, because they’ll give us money.” Really.

• Distributions
• Devices/Embedded

Desktop

• 10 Reasons To Replace Windows With Linux

  A lot of people run Windows on their laptop and desktop computers and quite often the reason for that is because it was already installed when they bought the machine.

  What is interesting though is that if you give people a better option then there is every chance they will switch to something else.

  If you don’t believe me look at the rise of Google Chrome. Internet Explorer used to dominate the browser market share but now Chrome controls over 60% compared to Internet Explorer which has under 10%.

  Linux is better than Windows, especially for home use and in this guide I will provide 10 reasons why.

Kernel Space

• The world’s largest open source project, Linux, turned 27

  27 years ago, on the 25th of August in 1991 to be exact, a student from University of Helsinki posted on a newsgroup seeking for feedback for what he called a hobby project.
  That is of course Linux, the hobby project started by Linus Torvals, that has since conquered the world. In the original post Linus was looking for feedback for fellow Minix users. He had been working on his replacement for Minix since April, and was ready to get it out there.

  It obviously still took a while before Linux was ready for a proper spotlight, but the cat was out of the bag.

• Is the Linux 4.18 kernel heading your way?

  In case this URL isn’t familiar, www.kernel.org is the web site of the organization that distributes the Linux kernel and other Open Source software to the public without charge. The site provides kernel archives where anyone can download source. And, yes, even you, can go and download source code for Linux.

  The latest stable version is currently 4.18.5. The kernel.org site provides extensive and easily navigated directories that can shed as much light on the Linux kernel as you might care to absorb. That includes the ability to view individual files that represent portions of the code base or download past or current releases.

  If you go to www.kernel.org, you will see options for downloading kernel tarballs, viewing the verification signatures for the tarballs, and investigating patches. If you have never considered the amount of code that comprises the Linux kernel or imagined how accessible it is, visiting the site and spending a little time wandering around might prove to be quite an exciting experience. Try drilling down to a single script as in this example picked at random and you’ll see how easy it is to probe into code that makes up the core of Linux.

• Linux 4.4.153

• Linux 3.18.120

• Realtek USB3 Hubs Will See Firmware Updates Delivered On Linux Via Fwupd/LVFS

  Linux firmware updating is on a roll with the fwupd updating utility and the Linux Vendor Firmware Service (LVFS) for the distribution of these firmware files recently seeing AKiTiO Thunderbolt device support and NVMe SSD firmware updating being the next big task. Richard Hughes of Red Hat has also revealed he’s been working on USB3 hub firmware support in conjunction with Realtek.

• Linux 4.19 lets you declare your trust in AMD, IBM and Intel

  Linux v4.19-rc1, release candidate code published on Sunday, allows those building their own kernel or Linux distribution to choose whether or not to trust the CPU hardware random number generator, a decision that has become complicated in the wake of the revelations about government surveillance over the past five years.

  When random number generation is insufficiently random, encryption based on such numbers can be broken with less effort. Among the security-minded, there’s concern that hardware makers might offer subpar randomization unknowingly, as a result of espionage, or to accommodate demands from government law enforcement or intelligence agencies.

  The paranoia wasn’t always so palpable. Back in 2013, Linus Torvalds, Lord of the Linux, dismissed calls to ditch Intel’s RDRAND processor instruction, noting that the Linux kernel uses multiple sources of input to generate random numbers.

• Intel’s 13 Patches For SGX Linux Support See Their 13th Revision

  One of the features sadly not making it into the in-development Linux 4.19 kernel is the support for Intel’s SGX — the Software Guard Extensions.

  Intel Software Guard Extensions allow for allocating “enclaves” or private regions of memory for secure computing, DRM, and other purposes. SGX support was introduced to Intel CPUs with Skylake while the Linux support has remained a work-in-progress.

• Bug in Linux 4.18 Kernel Causes CPU Stall and System Freezes on Older Hardware

  If ever you needed a good reason to upgrade your old CPU, it seems a “show-stopping” bug has found its way into the Linux 4.18 stable kernel series – though its only effecting older hardware, mostly the Intel Core 2 Duo era processors. This bug in Linux 4.18 kernel currently has two submitted bug reports on the bugzilla tracker.

• Linux 4.18 Is Appearing To Cause Problems For Those Running Older CPUs

  As a P.S.A. for those tending to quickly upgrade to new major kernel releases but are doing so on older hardware, there appears to be a show-stopping bug that made it into the stable Linux 4.18 series.

  [...]

  Those encountering this problem have bisected it to clocksource: Remove kthread as the problematic commit. If building the Linux 4.18 kernel with that commit reverted, those old CPUs begin to happily run on this latest stable kernel release. Another alternative to workaround this problem is booting with the kernel parameter of clocksource=hpet. Of course, if you are running on a system as old as the Core 2 Duo days (2006~2010), you can choose any number of older stable Linux LTS releases to boot your system until this situation is resolved upstream and back-ported to the 4.18 series.

• Graphics Stack

  • NVIDIA 390.87 Linux Driver Backports That Important Performance Fix

    NVIDIA has today shipped the 390.87 Linux driver as their latest update to the 390 “long-lived” driver series

  • GPUOpen’s Vulkan Memory Allocator 2.1 Being Prepped With Many Additions

    AMD’s GPUOpen group has released their first beta of the Vulkan Memory Allocator 2.1 release after “many months of development” and as such comes with many new features.

    VulkanMemoryAllocator as a refresher is the open-source AMD effort to provide an easy-to-use and integrate Vulkan memory allocation library to ease the process of bringing up new Vulkan code. The VulkanMemoryAllocator is used by the likes of Google’s Filament renderer, vkDoom3, LWJGL, the Anvil framework, and others.

  • Mir’s EGMDE “Edge” Now Has Experimental X11 Support, Static Display Configuration

    Ubuntu’s Mir display server that has been chasing Wayland support and earlier this year introduced EGMDE as the example Mir desktop environment has picked up some extra functionality on its “edge” channel.

    Thanks to Ubuntu’s Snappy, via Snap it’s now possible to have both beta and edge channels of EGMDE with easy installation. Their edge channel of EGMDE will be where they ship their experimental/bleeding-edge features. In making use of this new functionality, to the EGMDE edge channel they have introduced some new capabilities.

  • More Vega 20 Enablement Heading To Linux 4.20~5.0, No Longer Marked Experimental

    While the Linux 4.19 kernel merge window just ended this past weekend and the development cycle for Linux 4.20 (or most likely to be called Linux 5.0) won’t kick off until around the middle of October, AMD has already begun staging a ton of changes for this next kernel version. In particular, it looks like with this next kernel release their Vega 20 enablement will be in order.

  • The DRM GPU Scheduler Got Beefed Up This Summer, More Improvements Possible

    In addition to the VKMS driver for virtual kernel mode-setting, the other successful Google Summer of Code (GSoC) project this summer under the X.Org umbrella was improving the DRM GPU scheduler.

    The DRM GPU scheduler is what was the AMDGPU scheduler before it was punted out into DRM common code so this GPU scheduler could be re-used by other Direct Rendering Manager drivers like Etnaviv and Linux-Lima. As part of GSoC 2018, Nayan Deshmukh worked on improvements to the DRM GPU scheduler with a particular focus on being able to feed one entity into multiple run queues.

  • wineSHOCK: The Automated Direct3D Game Benchmarks On Wine

    Given Valve’s now public Steam Play for Linux using the Wine-derived Proton and their ongoing relationship with Code Weavers to improve the experience for Windows games on Linux, it perhaps adds better context why this summer for GSoC there was the automated Direct3D game benchmarking work with mentorship by a CodeWeavers developer.

    This summer we’ve been covering the work by student developer Dimitris Gounaridis on better Direct3D game benchmarks within Wine. After all, this Google Summer of Code project is facilitated using the Phoronix Test Suite and OpenBenchmarking.org.

  • Vulkan VirGL Ends The Summer Being Able To Execute A Compute Shader

    One of the most interesting projects we’ve seen attempted for Google Summer of Code 2018 was adding Vulkan support to VirGL for allowing Vulkan access within guest virtual machines.

    The VirGL stack has been getting into great shape with its OpenGL 4 support while up until this summer there wasn’t much effort on getting the Vulkan graphics/compute API handled by this stack that leverages Mesa, VirtIO-GPU, and the “virglrenderer” component to make all of this magic happen.

• Benchmarks

  • Benchmarks Of Intel’s Latest Linux Microcode Update

    With all of the confusion last week over Intel’s short-lived CPU microcode license change that forbid benchmarking only for them to change it a short time later — to a much nicer license in that the microcode files can be easily redistributed and don’t curtail it in other manners (and also re-licensing their FSP too), here are some performance benchmarks when trying out this latest Intel microcode on Linux.

    [...]

    In the benchmarks run over the weekend, the latest Intel microcode files for August (taking Xeon Scalable CPUs to 0x200004d appeared to have only minimal impact on the system performance… Mostly in I/O cases were there some slight differences in performance, but nothing overly shocking and not as bad as the L1TF Linux kernel mitigation itself — see those benchmarks for all the details. Going into this microcode comparison I was expecting much more volatile results given their short-lived benchmark restriction, but it looks like it may have just been an overzealous Intel lawyer who thought it would be a good idea to forbid benchmarking and further lock-down their microcode license…

  • Fresh NVIDIA vs. AMD Radeon OpenCL GPU Benchmarks For August 2018

    It has been a while since last delivering some OpenCL GPU compute benchmarks across several different graphics cards on the latest Linux drivers, so here is a fresh look.

    Tests were done using the the NVIDIA 396.54 Linux driver with the GeForce GTX 1070 / 1070 Ti / 1080 / 1080 Ti graphics cards. On the AMD side was the newest AMDGPU-PRO 18.30 driver release with testing a Radeon RX Vega 56 and RX Vega 64.

  • The Tighter NVIDIA GeForce vs. AMD Radeon Linux Gaming Battle With 396.54 + Mesa 18.3-dev Drivers

    Last week NVIDIA released the 396.54 driver that has a significant performance fix for OpenGL/Vulkan Linux performance due to a resource leak regression introduced at the start of the 390 driver series. With that updated driver (also as of yesterday back-ported to 390.87 too), there is a measurable boost in performance after running a few games on NVIDIA Linux systems. But at the same time, the Mesa 18.3-dev open-source graphics driver stack with RadeonSI/RADV continues improving on the open-source AMD front. Here is a fresh look at how the latest AMD Radeon and NVIDIA GeForce graphics cards compare using these latest drivers.

  • Clear Linux Rolling Out KDE Plasma Desktop Support, Plus Some Benchmarks Against GNOME Shell

    The performance-optimized Clear Linux distribution out of Intel’s Open-Source Technology Center started out with Xfce as its lone desktop option and then added and moved over to the GNOME Shell as the default desktop. While GNOME Shell remains the default desktop choice for this rolling-release Linux distribution, KDE components have begun appearing in recent days.

    On Clear Linux it’s now just a swupd bundle-add desktop-kde command away from getting a Plasma 5 desktop on this high-performance Linux stack. Also new are the desktop-kde-apps and desktop-kde-libs bundles, though they are included as part of the desktop-kde bundle. Over the weekend the KDE Plasma desktop became functional on Clear Linux.

Applications

• Telegram updates desktop app with chat export, night theme

  Telegram 1.3.13 on desktop gains a new night time theme, options to set notification exceptions, and the long-sought ability to export chat history.

  The Telegram Passport feature, an identity broker service, is made more secure in this release thanks to “improved password hashing algorithm” to protect Telegram Passport data.

• Kodi v18 Leia – Beta 1

  We hereby present you the first Beta build of Kodi v18 as we are heading towards the final release. Since we are now in Beta stage our focus will be on solving bugs and possible usability problems. So far it has been proven to be quite solid to use as a daily driver for those who were brave enough to try it out. Of course you should still keep in mind it’s not a final release yet and that on any upgrade a small glitch could happen as we are still doing rework. Once you decide to give it a try it is highly recommended that you create a backup first.

• Kodi 18 Enters Beta With Better Stability Plus Usability Enhancements

  After being in alpha since March, today the first beta of the upcoming Kodi 18 “Leia” release is now available for your open-source HTPC needs.

• ONVIFViewer – Internet Camera Viewer for Linux

  ONVIFViewer is a free and open-source internet camera viewer/IP viewer for Linux systems.

  ONVIF (Open Network Video Interface Forum) is a protocol established by Bosch, Sony and other partner to standardize the network cameras and its interfaces. All the softwares available today to access internet cameras, security cameras are proprietary and nothing was available for Linux systems.

  ONVIFViewer is being developed to bridge the gap with the help of Qt5 and Kirigami UI framework. As part of this project, new C++ libraries are being developed from scratch to communicate with IP cameras. These libraries can be later converted to independent modules for re-usability.

• lnav – An Awesome Searchable Log File Viewer for Linux

  lnav is a free and open source log file navigator capable of reading and merging multiple log files and provide a colorful representation of logs. This cross platform utility is capable of various unique features such as single timeline of logs from multiple sources, SQL query support for logs, syntax highlighting and regex searching inside logs and many more. lnav releases version 0.8.4 and here are the updates.

• Kodi v18 Leia Beta 1 Released With Fixes And Improvements: Download From Here

  Kodi, the XBMC owned media center, has released the first beta version of their software Kodi v18 Leia. In an official announcement on the official Kodi website, the update has been made available for the different platforms such as Windows, Linux, MacOS, Android, and iOS.

• Fresh Linux Applications On Demand

  Traditionally Linux users have relied on central distribution-maintained repositories to get new software. With six-month or longer spans between releases, this meant many users just put up with old versions of applications & libraries. In many cases newer software was just missing from the archives.

  Modern applications iterate quickly, releasing new versions on a faster cadence than the distributions that shipped them. In some cases exceptions were made to Linux archive policies, to cater for faster app development cycles. Many developers switched to shipping their latest releases as direct downloads, additional repositories or ‘PPAs’ (personal package archives) which users must discover and add to their system manually.

  In some cases, users voted with their USB keys and switched to ‘rolling’ Linux distributions which serviced the ‘want it now’ culture more readily. Rolling distributions such as Arch Linux don’t need to wait for a release window to ship software, but keep up to date with the latest builds at a relentless pace.

• FSearch – A Speedy Standalone Search Utility for Linux

  FSearch is a GTK+3, open-source, performance-focused search utility for GNU/Linux and Unix-like Operating Systems. It is inspired by Everything Search Engine so it instantly locates files and folders by filename and it is written in C so it boasts amazing speeds – a feature its users love about it the most.

  It features a modern, customizable GUI with toolbars and a responsive, themeable app window.

  What enables the speed of this search utility is its ability to quickly index all the files on your computer. That way, it is able to suggest files from any location as you type letters into its search field.

• Orion Is A QML / C++ Twitch Desktop Client With VODs And Chat Support

  Orion is a free and open source QML / C++ client for Twitch.tv which can use multiple player backends (including mpv). The application runs on Linux, Windows, macOS and Android.

  Using Orion you can watch live Twitch streams and past broadcasts, and browse or search games and channels using a nice material user interface. What’s more, Orion lets you login to Twitch, so you can chat and follow channels (and receive notifications when a channel you follow goes online).

• Instructionals/Technical

  • Show the PATH, one directory per line (part 2)

  • Handle Line Breaking With Fold and FMT Commands in Linux Terminal

  • Install Varnish Cache for Apache Web Server to Speed up Website

  • Emoji Silhouettes with CSS, a second approach

  • ssh authentication with kerberos

  • Upscale bitmap images with better results

  • Repeated prompts for SSH key passphrase after upgrading to Ubuntu 18.04 LTS?

  • VP9 live streaming from a webcam

  • SPAKE2 in Golang: ECDH, SPAKE2 and Curve Ed25519

  • Display two calendar months side by side

  • How to Install Ubuntu on Your Android Phone Using Linux Deploy

  • Unifying custom scripts system-wide with rpm on Red Hat/CentOS

  • 15 command-line aliases to save you time

  • Cleaning Your Inbox with Mutt

  • 4 Ansible playbooks you should try

  • Test Inkscape Extensions Easily with Inkscape AppImage

    Without root, you can install Extensions easily with Inkscape AppImage on any GNU/Linux operating system. This way you don’t need anymore to install Inkscape in each distro in each time you need to test some Extensions as AppImage is portable and runnable –even on LiveCD session– across different distros i.e. Ubuntu, Fedora, openSUSE, etc. AppImages also do not require you to install something first, so it’s more efficient than Snappy or Flatpak. I hope this can help you to quickly test Inkscape Extensions as many as possible regardless you being designer or developer. This is easier than many of you ever imagined.

  • Install Glances, InfluxDB and Grafana to Monitor CentOS 7

  • Bat – A Cat Clone With Syntax Highlighting And Git Integration

  • Linux for Beginners: Moving Things Around

  • How to Compress PDFs and Make Them Smaller

  • How To Install and Use Composer on Ubuntu 18.04

  • How to Install Blizzard Battlenet App on Linux

  • How to Install Mod_GeoIP for Apache in RHEL and CentOS

  • How to Open and Edit Files and Folders in Ubuntu Desktop as an Administrator

  • How to Play Windows-only Games on Linux with Steam Play

  • Partitioning a 7 exabyte disk

  • How To Install Nginx on Debian 9

  • How to Install Kodi on Linux

  • How to Fix Google Hangouts Microphone not working

  • curl hide progress bar output on Linux/Unix shell scripts

  • Commenting Out/Uncommenting a Line in Ubuntu Configuration File

  • Installing Seafile 6.3.2 inside ISPConfig 3.1

  • Linux / Unix id Command Examples

  • Unix / Linux Print Environment Variables Command

• Games

  • The Universim is now officially available in Early Access on Steam

    The Universim from developer Crytivo just entered Early Access today and as promised it does include the Linux build. It’s been quite a long road to get here, with the Kickstarter being succesful all the way back in 2014 with nearly $400K.

    Note: Copy personally purchased a long time ago from their own store.

  • Linux gaming gets a new head of Steam

    Way back in 2012, Valve, creator of the Steam game engine and network, excited gamers by saying they were bringing Steam-powered games to Linux. Yea!

    Then, a year later, Gabe Newell, Valve’s CEO, said, “Linux is the future of gaming”. He went on to announce there would be Steam Machine gaming consoles powered by Valve’s own SteamOS Linux distribution. All went quiet. Too quiet.

    Years later, Steam Machines finally rolled out. It was too little, too late. Windows upped its gaming support game. Only about 500,000 Steam Machines shipped. But Valve hasn’t given up on games for Linux.

  • An early look at Achaem, an action-RPG with an infinite world that generates as you explore

    An action-RPG where the world generates before your eyes as you explore, it’s certainly an interesting element so is Achaem [Steam] any good?

  • Colony building sim RimWorld just had a huge ‘Polish the Cannons’ update

    The excellent colony building sim RimWorld was updated today with the Polish the Cannons update adding in plenty of new content ahead of a final release. The developer said they did want this to be the big 1.0 release, but instead they’re going to a polished not rushed release which is admirable.

    With update 19, you’re now able to build bridges over water. You can build on them and they can support quite a bit of weight, but they can catch fire and collapse too. It also adds in multiple new buildings: Watermill generator, Autocannon turret, Uranium slug turret, Fabrication bench, Waterproof conduit, Butcher spot and a Double sleeping spot. In addition, there’s new items to build, a new scenario which will start you naked with no items, a new soft sand terrain which doesn’t let you build medium or heavy structures, animals can be renamed and get diseases and so much more.

  • A beta of BATTLETECH for Linux is due in ‘next few weeks’

    Harebrained Schemes just released another major patch for BATTLETECH and they also gave an update on the status of the delayed Linux version.

  • UnderMine, a sweet looking 2D action-adventure RPG will have you dig deep for riches

    UnderMine [Official Site] pulls in elements from a lot of different genres to make a 2D action-adventure RPG that actually sounds really quite good.

  • Language learning game Lingotopia is out, some thoughts

    While I love the idea of the game, the execution of it overall is pretty lacklustre. The movement and camera controls feel like a hassle to work with. The movement is especially bad! Even though you’re a person, it feels like you’re trying to move a truck it’s pretty awful honestly.

    The amount of Spanish I’ve learned while walking around isn’t as much as I was hoping either. The actual learning ends up being nothing more than a guessing game. You click on objects as you walk around and it tells you what it is, sometimes the explanation is covered up by the model of the object too. When you speak to people directly, it gives you a sentence or a paragraph and tells you to guess a specific word with three options or gives you pictures for you to type in the word you think they’re hinting at.

  • Akane is a violent arcade slasher giving you only one aim, to kill as many Yakuza

    Ludic Studios are bringing some violent arcade slashing action to Linux with Akane [Official Site]. Set in 2121 in Mega-Tokyo, it will see you take on the Yakuza with a lot of bloodshed.

  • Puzzle game ‘while True: learn()’ puts you in the shoes of a machine learning developer

    Another programming puzzle game here for you today with ‘while True: learn()’ that will place you into the shoes of a cat loving machine learning developer.

  • Some thoughts on Chasm, the challenging adventure platformer from Bit Kid

    Tested on Ubuntu 18.04 with an NVIDIA 980ti with the 396.54 driver.

  • The Linux Civilization VI patch with cross-platform multiplayer hit a bug, going back to approvals this week

    It seems Aspyr Media hit a small roadblock when trying to get the latest Civilization VI patch out for Linux, the one to finally give cross-platform online support.

  • Steam Play – Let the games begin

    Linux gaming news are always a good thing. An exciting and important thing. The more legitimacy, popularity and quality the Linux world gets, the higher the chances of the Linux operating system, desktop in particular, making it big with the crowds. Even for myself, one of the primary reasons for using Windows is the ability to play various games.

    Now, there’s a brand new and rather ambitious attempt by Steam to take the Linux gaming scene up a few notches. Several years ago, Steam really made the huge difference by creating an official version of their client software for Linux, and since there’s been a healthy influx of new titles to the Steam platform, all capable of running natively on the penguin-powered systems. This is still a drop in the sea compared to what Windows has to offer, and so there’s a new effort now. Improved Steam Play for Linux that can run Windows games through a compatibility layer.

  • The fantastic RPG Tower of Time is now on GOG with a Linux build

    For those after their next RPG, you can’t really go wrong with Tower of Time and it’s now on GOG with a Linux build available right away.

  • Blood Nor Water, a narrative-driven strategy RPG is on Kickstarter promising Linux support

    Blood Nor Water seems quite interesting, with it blending together RPG mechanics with a strategy game with the aim to be accessible without needing overwhelming fast-paced actions per minute like some.

    Initially, the Kickstarter campaign did not mention Linux support. I spoke to the developer personally last night, to see if it would have Linux support. They replied rather quickly, to clarify this and they’ve now updated the campaign to clearly mention it will in fact support Linux. Nice turnaround that!

  • An update on the Linux version of Underworld Ascendant

    After a reader contacted us concerned that Underworld Ascendant [Official Site] wasn’t listing Linux support on their Steam page, I got in touch with OtherSide Entertainment to get some up to date clarification on what’s happening.

    The last time we spoke was in June so with the news that the release was coming later than originally planned, it was a good idea to get some up to date information.

Desktop Environments/WMs

• Getting started with the i3 window manager on Linux

  In my article 5 reasons the i3 window manager makes Linux better, I shared the top five reasons I use and recommend the i3 window manager as an alternative Linux desktop experience.

  In this post, I will walk through the installation and basic configuration of i3 on Fedora 28 Linux.

• K Desktop Environment/KDE SC/Qt

  • KD Chart 2.6.1 Released

    This is the latest release of our powerful open-source Qt component, KD Chart, that allows you to create business charts and much more.

  • KDAB at SIGGRAPH – 2018

  • KDAB Talks at Qt World Summit – Boston

    KDAB is offering two talks at Qt World Summit in Boston. Here’s a preview before the full program is published.

    The first, from Qt 3D expert Mike Krus, gives an in-depth look at how to make the collaboration between designers and developers smoother.

  • Akademy 2018 Trip Report

    I recently had the opportunity to attend Akademy – the annual world summit of KDE. This blog post covers my experience of the event, and is mostly a brain-dump memory aide. Akademy attracts KDE developers, enthusiast users and others from the wider Qt, KDE and distro communities. The event is a week-long in-person combination of talks and BoF (Birds of a Feather) sessions. This year Akademy was held at TU Wein in Vienna, Austria.

    I’d never attended Akademy before, as I am not a KDE developer, and only recently starting running Plasma on my ThinkPad T450. My employer – Canonical – is a sponsor of the KDE project, and a silver level sponsor of Akademy. A recent reorganisation inside Canonical meant I was able to take someone else’s place at the last minute. So I booked travel and accomodation to attend from Saturday to Tuesday.

  • Plasma Mobile at a demoparty?

    Chaos Constructions is an annual computer festival held in Saint Petersburg, Russia. It is centered around demoscene — a form of computer art where participants write programs that produce short audio-visual presentations. Apart from the demoscene contests, you can enjoy computer-related seminars, live acts, and a computer exhibition.

  • Human Interface Guidelines

    The Visual Design Group has been hard at work to improve our Human Interface Guidelines. These set of rules and guidelines are meant for our developers and designers to use when creating applications, submitting patches, suggesting UI changes, etc. Every developer that we work with will feel a little more safe that their application is headed in the right visual direction for KDE.

    However, as with most things, our guidelines have become outdated. Recent development into Kirigami and further work into the desktop have made it clear that we must change and update our guidelines to accommodate for these new developments.

    In fact, during Akademy 2018 in Vienna, updating our guidelines was one of the most cited suggestions that I received.

  • TableView

    I’m happy to announce that in Qt 5.12, a new TableView item will be available in the QtQuick module. TableView is similar to the existing ListView, but with additional support for showing multiple columns.

    Like with ListView, you can assign data models of any kind to TableView, like ListModels or plain Javascript arrays. But to create models with more than one column, you currently need to subclass QAbstractItemModel in C++. A QML TableModel is also in the works, but will come later.

  • Calendar progress

    As we’re closing in on a simple but functional calendar for Kube, I’d like to share our progress with you.

    We’ve decided to start with a week view, as that seems to be a good compromise between information density and enough information for day-to-day use.
    We will eventually complement that with a month view, which is probably all we need for the time being.

  • Krita Comic Managemer: Improving the other exporters.

    There’s still more that can be done, like for example accessibility metadata entries, but for now I am pretty pleased with this.

    It is in master, so Krita 4.2 will carry the updated plugin!

• GNOME Desktop/GTK

  • GTK+ and the application id

    tl;dr: If you want to be sure your application will be displayed with the correct icon under different Wayland compositors make sure that your GApplication (or GtkApplication) uses

    g_set_prgname(your_g_application_id);

    on GTK+3. On GTK+4 this is handled for you.

  • What ails GHashTable?

    I promised a closer look at GHashTable and ways to improve it; here’s that look and another batch of benchmarks to boot.

    This time around I’ve dropped most of the other tables from the plots, keeping only khash and adding results from my GLib branch and Rust’s HashMap, the latter thanks to a pull request from Josh Stone. These tables have closely comparable performance and therefore provide a good reference. Besides, every table tested previously is either generally slower or more memory-hungry (or both), and including them would compress the interesting parts of the plot.

  • What this blog will become after GSoC

    Hello everyone, I am back after some weeks of vacation!

    So GSoC 2018 officially ended last week but I’ve decided to keep using this blog for posting news of the work I will be doing for some time (i.e. until I find a better place for this).

Distributions

• Intel To Develop Safety-Critical Linux OS Distribution

  Imad Sousou of Intel’s Open-Source Technology Center has announced their plans to develop a safety-critical Linux distribution. This Linux distribution will be geared for running on safety-compliant solutions from autonomous vehicles to drones and more.

• Slackware Family

  • Calibre 3.30.0 for Slackware with internal Qt5 libraries

    It took me quite a while to release a new package for Calibre, the e-book library manager. That had a reason.

    In July I switched the Qt5 package in my repositories to version 5.11 to support the latest KDE Plasma5 software and because it offers advantages over the previous 5.9 releases. Unfortunately, as I found out soon afterwards, the Calibre software fails to work with Qt 5.11 – its GUI components were not built and there was no obvious error to explain why.

    Therefore I had to re-visit the calibre.SlackBuild‘s internals and try to revive the internal functions that compile an embedded Qt library set. This was last tested in the early days of my Calibre packages when Qt4 was the running champion. Adding internal Qt5 support was quite a different beast. Qt5 is a lot bigger than the venerable Qt4 so the build process needed some pruning to keep the compilation times acceptable and the package size under control.

• Red Hat Family

  • Red Hat to Explore Blockchain Software Tracking Benefits for Cloud Computing Usage

    Multinational firm offering open-source software essentials, Red Hat is apparently seeking the help of blockchain technology to better assess consumer usage of cloud computing platforms. News regarding Red Hat’s recent endeavor was publicised via a patent filed with the U.S Patent & Trademark Office, officially dubbed, “Blockchain-based Software Instance Usage Determination,” as of Thursday, August 23.

    The reason for considering blockchain stems from the challenges that arise when it comes to keeping track of cloud computing costs. In general, software products are licensed annually and have some fixed fee attached to them. This, however, is not the case with cloud computing, as both the necessary licenses and fees are dependent on usage. Therefore, Red Hat’s need to understand usage in terms of the number of users and amount of time used came about.

  • Red Hat Announces Changes to RHCA Certification

  • FusionLayer Joins Red Hat Partner Program

  • Securing apps and services with Keycloak (Watch DevNation Live video)

    The video from the last DevNation Live: Securing apps and services with Keycloak is now available to watch online. In this session, you will learn how to secure web/HTML5 applications, single-page and mobile applications, and services with Keycloak. Keycloak can be used to secure traditional monolithic applications as well as microservices and service mesh-based applications that need secure end-to-end authentication for all front- and back-end services. The examples in the video cover PHP, Node.js, and HTML/JavaScript.

    Securing applications and services is no longer just about assigning a username and password. You need to manage identities. You need to integrate with legacy and external authentication systems to provide features that are in demand like social logins and single sign-on (SSO). Your list of other requirements may be long. But you don’t want to develop all of this yourself, nor should you.

  • Breaking the legacy virtualization cycle: How Red Hat and our partners are transforming IT through open source

    Across nearly every industry, organizations of all shapes and sizes are embracing digital transformation in an effort to modernize their IT departments. They want to deliver better, faster and more dynamic services to customers — and they’re starting from their infrastructure, up. But for companies locked into legacy technologies, transformation isn’t always an option.

    Organizations with proprietary virtualization solutions know all too well how this technology can stifle enterprise IT innovation and advancement. For many, the cost of simply maintaining existing infrastructure investments ties up an overwhelming majority of budgets, leaving little room to invest in new technologies, and the closed vendor ecosystem can make integrating and adopting cloud-native solutions based on Kubernetes and Linux containers nearly impossible.

  • Finance

    • When will the slump end? Microchip Technology Incorporated (MCHP), Red Hat, Inc. (RHT)

    • Some expensive stocks to avoid Red Hat, Inc. (RHT), Ship Finance International Limited (SFL)

  • Fedora

    • Fedora Moves Ahead With Plans To Drop Packages Having Bad Security Practices

      The Fedora Engineering and Steering Committee (FESCo) has signed off on plans to drop packages with consistently bad security records.

      This is aimed at removing packages from the Fedora package archive that have known security issues against them and not addressed in timely manners.

• Debian Family

  • Debian Stretch Gets Patch for Regression Causing Boot Failures on ARM Systems

    In a recent security advisory, Salvatore Bonaccorso writes that the last Linux kernel update released for Debian GNU/Linux 9 “Stretch” to mitigate the L1 Terminal Fault (L1TF) security vulnerabilities is causing boot failures for users on the ARM architecture.

    Also known as Foreshadow, these security vulnerabilities are similar to the Spectre security vulnerabilities and allow an attacker that has access to an unprivileged process to read the memory from arbitrary addresses that aren’t controlled by users, including from the kernel.

  • Debian Policy call for participation — August 2018

    Here’s a summary of some of the bugs against the Debian Policy Manual. Please consider getting involved, whether or not you’re an existing contributor.

  • Derivatives

    • Debian-Based Neptune Linux 5.5 Operating System Released with LibreOffice 6.1

      Coming only a month after the Neptune 5.4 release that introduced a new dark theme and updated several components, Neptune 5.5 bumps the kernel version to Linux kernel 4.17.8 and updates the graphics stack to Mesa 18.1.6, AMDGPU DDX 18.0.1, Nouveau DDX 1.0.15, and ATI/Radeon DDX 18.0.1.

      “This update represents the current state of Neptune 5 and renews the ISO file so if you install Neptune you don’t have to download tons of Updates,” writes Leszek Lesner in today’s announcement. “In this update we improved hardware support further by providing Linux Kernel 4.17.8 with improved drivers and bugfixes.”

    • Canonical/Ubuntu

      • Ubuntu Weekly Newsletter Issue 542

        Welcome to the Ubuntu Weekly Newsletter, Issue 542 for the week of August 19 – 25, 2018. The full version of this issue is available here.

      • UBports releases Ubuntu Touch OTA-4, the biggest update yet

        When Canonical ceased development of Ubuntu Touch for smartphones and tablets last year, an independent group of developers formed the UBports project to continue supporting and updating the Linux-based smartphone operating system.

        Now the team has released Ubuntu Touch OTA-4, a major update that fixes bugs, updates software packages, adds new features and performance enhancements, and updates the base of the operating system from Ubuntu 15.04 to Ubuntu 16.04 LTS.

      • Ubuntu 18.10 Will (Once Again) Ship with an Older Version of Nautilus

        April’s release of Ubuntu 18.04 LTS offered up the majority of GNOME 3.28 but devs chose to include Nautilus 3.26 rather than the newer v38 release. That made sense; it was an LTS release and v3.26 was the last version of the file manager to support desktop icons.

        This time around Ubuntu 18.10 will offer up the majority of GNOME 3.30 but, where the file manager is considered, once again stick with Nautilus 3.26.

        We speculated several months back that Ubuntu’s preference for keeping desktop icons around (a feature that newer version of Nautilus do not provide) would override the lure of sure-wrought ‘newness’.

      • Minimal Ubuntu for the cloud delivers some maximum benefits

        Ubuntu is used everywhere. In fact, I’m writing this on an Ubuntu machine, specifically, the oh-so-elegant Ubuntu Mate distro. Hundreds of millions of personal computers, servers, mobile devices, and containers are booting Ubuntu, and aren’t looking back. Ubuntu even runs inside the International Space Station and controls the BYU Mars Rover. Ubuntu phones are being rolled out by Meizu and BQ, and it is worth mentioning that Ubuntu can even be installed on Google Nexus tablets and phones. Ubuntu is also running on Hubu, the world’s cleverest robot. Ubuntu powers the infrastructure at leading organizations like Snapchat, Instagram, Pinterest, Reddit, Netflix, Walmart, Bloomberg, WETA Digital, and even Wikipedia. Ubuntu is also behind the largest supercomputer Tianhe-2. Ever since cloud computing has taken off, Ubuntu has become a big key player in the market. Over 60 million Ubuntu images are launched by Docker users. There’s plenty of Ubuntu in Kubernetes, Apache Mesos, Cloud Foundry, and Heroku. And now, there is a brand new version of Ubuntu on the block — Minimal Ubuntu.

      • Canonical Outs Intel Microcode Security Update for All Supported Ubuntu Releases

        According to the advisory, the new Intel microcode firmware security update mitigates the L1 Terminal Fault (L1TF) vulnerability documented as CVE-2018-3646, which could allow an attacker in a guest virtual machine to expose sensitive information from either the host operating system or other guests.

        It also fixes the well known Spectre Variant 4 security vulnerability (CVE-2018-3639) that could allow an attacker to expose sensitive information, including kernel memory via a side-channel attack, and another side-channel attack known as Rogue System Register Read (RSRE) and documented as (CVE-2018-3640).

      • Ubuntu Server development summary – 28 August 2018

        The purpose of this communication is to provide a status update and highlights for any interesting subjects from the Ubuntu Server Team. If you would like to reach the server team, you can find us at the #ubuntu-server channel on Freenode. Alternatively, you can sign up and use the Ubuntu Server Team mailing list.

      • Flavours and Variants

        • Lubuntu Development Newsletter #10

          This is the tenth issue of The Lubuntu Development Newsletter. You can read the last issue here.

Devices/Embedded

• Stackable DAQ HAT for Raspberry Pi boasts 100 kS/s sample rates

  MCC has launched a stackable “MCC 118” voltage measurement DAQ HAT for the Raspberry Pi with eight ±10 V inputs and sample rates up to 100 kS/s.

  Norton, Mass. Based Measurement Computing Corp. (MCC) has released a $99 measurement DAQ HAT for the Raspberry Pi that is optimized for single point and waveform voltage. MCC claims its board offers higher resolution, greater accuracy, and much faster sample rates than most other digital acquisition HAT add-ons for the Raspberry Pi. The MCC 118 provides 8x single-ended, 12-bit, ±10 V analog inputs with sample rates up to 100 kS/s.

• First Ryzen V1000 based signage player has four HDMI 2.0 ports

  Ibase launched an “SI-324” signage PC that runs Ubuntu or Windows on a Ryzen Embedded V1000 SoC with up to 32GB DDR4, 4x 4K HDMI 2.0, 2x GbE, 2x USB 3.0, mini-PC and M.2 expansion, and remote EDID management.

  Ibase’s rugged SI-324 was announced in brief back in February as one of the first products to support the AMD Ryzen Embedded V1000 SoC. Other Ibase digital signage players include the 7th Gen Core “Kaby Lake” based IOPS-60 player, which uses Intel’s OPS technology to connect multiple displays. The wall or rackmountable SI-324 lacks OPS support, but offers 4x HDMI 2.0 ports with independent audio.

• Rugged telematics fleet computer ready to be dinked and dunked

  Nexcom’s compact, IP67 protected “VTC 1911-IPK Telematics IoT Gateway” runs on a Bay Trail Atom and offers CAN 2.0B, dual mini-PCIe and SIM slots, GPS, 2x GbE, SATA, and more. It’s resistant to shock, vibration, humidity, and -40 to 70°C temperatures.

  With flooding and sea-level rise on the rise due to climate change, there will no doubt be a lot more trucks and other heavy equipment sloshing around in the muck. The Nexcom VTC 1911-IPK Telematics IoT Gateway is ready to get wet and bumpy with the help of IP67 water and dustproofing, -40 to 70°C support, and shock, vibration, and humidity resistance. This wireless-enabled in-vehicle computer is designed for construction site management and heavy-duty vehicle fleet management working in chemical plants, construction sites, and waterfront venues.

• IGEL Positioned to Capitalize on Fast-Growing Demand for Linux at the Endpoint

  IGEL, a world leader in endpoint management software for the secure enterprise, today announced findings from the new IDC InfoBrief, “Linux and the Thin Client Management Market.” In the IDC InfoBrief, sponsored by IGEL, IDC reveals findings on the key factors driving thin client adoption growth and propelling endpoint device expansion. In addition, IDC shows findings that endpoint Linux operating system (OS) shipment shares are shifting at a global level, distinctly outpacing all other OSs.

• Android

  • Phones as Old As Moto G Can Now Download Android P, Full List of Devices Inside

    Android P is currently a hotly anticipated software update among Android users. However, the software update is not officially available on devices other than Pixel – Pixel/Pixel XL and Pixel 2/Pixel 2 XL. However, wouldn’t like to download it right now and try it out?

  • Mystery HTC Phone Shows Up in Geekbench Expected to be the HTC U12 Life

  • Infinity Display on the Flagship Galaxy Note 9 Reported to have light leaking off the edges

  • Google Pixel 3 XL: Here Is Everything You Need To Know [Continuously Updated]

  • Why Google Pixel 3 XL “Notch Hack” Is Simply Unacceptable?

  • Google Pixel 3 and Pixel 3XL Announcement Date Leaked

  • LG Announces Its First Android One Smartphone – LG G7

    Ahead of the IFA 2018 scheduled in Berlin, LG has announced its first Android One smartphone – LG G7.

  • Huawei Becomes 2nd-Largest Smartphone Maker | Overtakes Apple

    The Q2 2018 report states – Huawei has sold around 49,846 million devices, i.e., taking up 13.3% smartphone market share. While on the other hand, Apple has only managed to sell 44,715 million devices grabbing a total of 11.9% market share.

  • Best Premium Android Games in 2018

  • 124: Google Pixel 3 launch date, Apple Music on Android Auto, ‘Minis’ launch | 9to5Google Daily

  • Gboard Gets ‘Minis’, Personalised Selfie Stickers for Android and iOS

  • Apple Music to soon roll-out the in-car interface experience for Android users

  • Apple Music is testing Android Auto support

  • Huawei adds 5 more smartphones to the Android 9.0 Pie testing, Honor devices included

  • Huawei now testing Android 9.0 Pie for Mate 10, P20 Pro, Honor Play

  • LG just launched an Android One phone that’s just as good as the Galaxy S8 and Pixel 2

  • LG is releasing an Android One handset with near flagship specs

  • Here’s the One Android Setting Everyone Should Change

  • How to Uninstall Magisk and Unroot Your Android Phone

  • Tesla Updates Android App For Better Connection & New Phone Key Features

  • Google’s video chat app comes to iPads and Android tablets

  • Forget the OnePlus 6, check out Android phone makers’ new nightmare

  • Best microSD Cards for Galaxy Note 9

  • Making headway with Android Pie

  • Asus ZenFone 5Z Review: The Next Great Android Bargain Is Here

  • Pocophone F1 global pricing revealed, starting as low as ~$300 USD

  • What’s your favorite Android version of all time? (Poll of the Week)

  • Lenovo introduces five new Android tablets, starting at $70

  • Google Duo now supports Android tablets and iPads

  • Dark mode is ‘coming soon’ to the Google Phone app for Pixel, Android One devices

  • The big move: Switching from Apple to Android (and vice versa)

Open Mainframe Project Announces Zowe: A Platform for the Mainframe

The Open Mainframe Project today announced Zowe. Zowe provides an open source software framework to bridge the gap between modern applications and the mainframe. It gives users easier interoperability and scalability for tools from multiple vendors. Zowe is the first open source project based on z/OS.

As hybrid cloud architectures grow in popularity, organizations will need intuitive, productive, and better-integrated capabilities for z/OS. The project’s mission centers around hybrid delivery through an open source framework. It will also build an ecosystem of independent software vendors, system integrations, clients, and end users. This framework enables an ecosystem of software solutions intended to provide a simple, intuitive environment for IT professionals across teams.

Google releases open source reinforcement learning framework for training AI models

Reinforcement learning — an artificial intelligence (AI) technique that uses rewards (or punishments) to drive agents in the direction of specific goals — trained the systems that defeated Alpha Go world champions and mastered Valve’s Dota 2. And it’s a core part of Google subsidiary DeepMind’s deep Q-network (DQN), which can distribute learning across multiple workers in the pursuit of, for example, achieving “superhuman” performance in Atari 2600 games. The trouble is, reinforcement learning frameworks take time to master a goal, tend to be inflexible, and aren’t always stable.

That’s why Google is proposing an alternative: an open source reinforcement framework based on TensorFlow, its machine learning library. It’s available from Github starting today.

Liberty Activists Migrating from Twitter to Censorship-Proof “Mastodon” Decentralized Platform

There has been a lot of controversy recently over social media websites like Twitter swinging their ban hammer on personalities with opinions they don’t like. As a libertarian, I believe in property rights and so Twitter, Facebook, Youtube, and the like should certainly be free to ban people for whatever reason they want. I also believe in the free market’s potential reactions to bad decisions by business owners, which include boycott and competition.

Thankfully, the competition has arrived! Mastodon is a decentralized social media replacement for Twitter and it does an excellent job. I recently joined the “Liberdon” server intended for libertarians and voluntarists. Not only is Mastodon decentralized, in that anyone who wants to can run a server, but it’s also “federated”. Federated means your server can be connected to all the other Mastodon servers, that is so long as the other servers want to be connected to you. Each server sets its own rules for which other servers they’ll federate with. So if the NAZIs or Communists start a server, no one has to link up to them – the market decides instead of a centralized corporation like Twitter. However, even if no other servers federate with, say Chris Cantwell‘s server (I don’t think he has one – just as an example), he can still run his server and hate-filled bigots and racists can join it and talk to each other. Of course, each server can be controlled and its policy set by its administrator, so intra-server censorship is still possible (most servers prohibit spam, for instance), but given you are free to start your own server and set your own policy, you can’t be censored if you start your own platform.

Now available: The open source guide to DevOps monitoring tools

Once upon a time, I was troubleshooting some vexing problems in an application that needed to be scaled several orders of magnitude, with only a couple of weeks to re-architect it. We had no log aggregation, no metrics aggregation, no distributed tracing, and no visualization. Most of our work had to be done on the actual production nodes using tools like strace and grepping through logs. These are great tools, but they don’t make it easy to analyze a distributed system across dozens of hosts. We got the job done, but it was painful and involved a lot more guessing and risk than I prefer.

At a different job, I helped troubleshoot an app in production that was suffering from an out-of-memory (OOM) issue. The problem was inconsistent, as it didn’t seem to correlate with running time, load, time of day, or any other aspect that would provide some predictability. This was obviously going to be a difficult problem to diagnose on a system that spanned hundreds of hosts with many applications calling it. Luckily, we had log aggregation, distributed tracing, metrics aggregation, and a plethora of visualizations. We looked at our memory graph and saw a distinct spike in memory usage, so we used that spike to alert us so we could diagnose the issue in real time when it occurred.

4 open source monitoring tools

Isn’t monitoring just monitoring? Doesn’t it include logging, visualization, and time-series data?

The terminology around monitoring has caused a lot of confusion over the years and has led to some poor tools that tout the ability to do everything in one format. Observability proponents recognize there are many levels for observing a system. Metrics aggregation is primarily time-series data, and that’s what we’ll discuss in this article.

Google improves AI model training by open-sourcing framework

AI: Google releases open source framework for reinforcement learning

An Introduction to Quantum Computing with Open Source Cirq Framework

As the title suggests what we are about to begin discussing, this article is an effort to understand how far we have come in Quantum Computing and where we are headed in the field in order to accelerate scientific and technological research, through an Open Source perspective with Cirq.

First, we will introduce you to the world of Quantum Computing. We will try our best to explain the basic idea behind the same before we look into how Cirq would be playing a significant role in the future of Quantum Computing. Cirq, as you might have heard of recently, has been breaking news in the field and in this Open Science article, we will try to find out why.

[...]

It will be easier for us to understand Quantum Computing by comparing it first to Classical Computing. Classical Computing refers to how today’s conventional computers are designed to work. The device with which you are reading this article right now, can also be referred to as a Classical Computing Device.

Events

• Reports from Netdev 0×12

  The Netdev 0×12 networking conference was held in mid-July. Participants at the event have put together a set of reports of the talks that were held on the last two days; Day 2 includes eleven talks, including the keynote by Van Jacobson, while Day 3 covers another ten topics.

• Netdev day 3

  In this talk Tushar Dave presents his work on using eBPF for Reliable Datagram Socket (RDS) filtering. Tushar started his talk by explaining that RDS is a high performance, low latency connectionless protocol that sits on top of TCP (sk_buff) and IB (scatterlist) transport layers.

  The problem Tushar tried to solve was to implement RDS filtering and firewall to do DPI of a full RDS packet in a unified solution for both TCP and IB. Netfilter is a possibility but Netfilter only uses sk_buff. An alternative is eBPF which has been adopted into the Linux kernel and used for a lot of things.

  In order to use eBPF as it was, Tushar had to add a new BPF prog type (similar to socket filter) that deals with scatterlist. In addition he had to create a new function to setup needed data structures to run filter program attached to the socket. As POC Tushar created a BPF helper to help users to traverse the sg elements in the scatterlist.

• Netdev 2018 day 2

  The first of these saved us until ~1995, then the second and third until ~2012. Since then the problem has been increasing. Dennard’s scaling stopped. Usually, the switch’s speed was faster than the host speed. CPU upgrades cannot solve network problems anymore. This had a big impact on the network. Google has been working to try and address some of these issues; Van mentioned several Google authored papers: – Hull, BwE, FQ/pacing, Timely, BBR, Carousel. All these papers tried to figure out how to find the bottleneck link downstream and prevent pressure in downstream buffers. BwE discussed how to fix things at the host to prevent queue buildup in switches. FQ/pacing was about desire to prevent many packets traveling to the same destinations in bursts.

  Van argued that AFAP isn’t working for us now because it’s local to the host and our problems aren’t local. We need a mechanism that allows for more control of packet spacing on the wire. To enforce relationships between all outgoing packets, the enforcement mechanism needs to be just in front of the NIC. Carousel is a great example of this.

Web Browsers

• Chrome

  • Chrome’s New Tab Page is Finally Customizable

    Google is giving Chrome users a more configurable “new tab” page to play with, with options to add custom links and set a custom background image.

• Mozilla

  • Thank You, Cathy Davidson

    Cathy Davidson joined the Mozilla Foundation board in 2012, and has been a force helping us broaden our horizons and enter new areas. Cathy was the first person to join the Foundation board without a multi-year history with browsers or open source. This was an act of bravery!

  • SUMO Days Firefox 62: you are invited!

    On these days, Support contributors will be online answering questions live and hanging out. If you do not see anyone active online, please contact Rachel (username: guigs) or another Administrator or Operator in the #sumo IRC channel listed in the wiki.

    There is also the two Telegram channels that are active for assignments of tweets and collaboration. You may need an account to participate, so just send a message to social Telegram group – there are guidelines on how to set up Tweetdeck for social if you would like your own workspace, or you can message guigs to add your trello account to the trello board with delegated tweets for the day.

  • Experiment: Adjusting SETA to run individual files instead of individual jobs

    I did an experiment in June (was PTO and busy on migrating a lot of tests in July/August) where I did some queries on the treeherder database to find the actual test cases that caused the failures instead of only the job names. I came up with a list of 171 tests that we needed to run and these ran in 6 jobs in the tree using 147 minutes of CPU time.

  • Dear Venmo: Update Your Privacy Settings

    Last month, privacy researcher and Mozilla Fellow Hang Do Thi Duc released Public By Default, a sobering look at the vast amount of personal data that’s easily accessible on Venmo, the mobile payment app.

    By using Venmo’s public API and its “public by default” setting for user transactions, Hang was able to watch a couple feud on Valentine’s Day, observe a woman’s junk food habits, and peer into a marijuana dealer’s business operations. Seven million people use Venmo every month — and many may not know that their transactions are available for anyone to see.

    Privacy, and not publicity, should be the default.

    Despite widespread coverage of Hang’s work — and a petition by Mozilla that has garnered more than 17,000 signatures — Venmo transactions are still public by default.

  • Taskcluster Credential Derivation in EC2 using S/MIME, OpenSSL’s C api and Node.js’s N-API

  • Shrinking Go Binaries

  • Firefox Nightly Secure DNS Experimental Results

    A previous post discussed a planned Firefox Nightly experiment involving secure DNS via the DNS over HTTPS (DoH) protocol. That experiment is now complete and this post discusses the results.

    Browser users are currently experiencing spying and spoofing of their DNS information due to reliance on the unsecured traditional DNS protocol. A paper from the 2018 Usenix Security Symposium provides a new data point on how often DNS is actively interfered with – to say nothing of the passive data collection that it also endures. DoH will let Firefox securely and privately obtain DNS information from one or more services that it trusts to give correct answers and keep the interaction private.

  • Taskcluster Artifact API extended to support content verification and improve error detection

  • Let’s be Transparent

    Two years ago, we released the Firefox Hardware Report to share with the public the state of desktop hardware. Whether you’re a web developer deciding what hardware settings to test against or someone just interested in CPUs and GPUs, we wanted to provide a public resource to show exactly what technologies are running in the wild.

    This year, we’re continuing the tradition by releasing the Firefox Public Data Report. This report expands on the hardware report by adding data on how Firefox desktop users are using the browser and the web. Ever wanted to know the effect of Spring Festival on internet use in China? (it goes down.) What add-on is most popular this week in Russia? (it’s Визуальные закладки.) What country averages the most browser use per day? (Americans, with about 6 to 6.5 hours of use a day.) In total there are 10 metrics, broken down by the top 10 countries, with plans to add more in the future.

Oracle/Java/LibreOffice

• Oracle Solaris 11.4 Released for General Availability

  I’m pleased to announce the release of Oracle Solaris 11.4. Of the four releases of Oracle Solaris that I’ve been involved in, this is the best one yet!

  Oracle Solaris is the trusted business platform that you depend on. Oracle Solaris 11 gives you consistent compatibility, is simple to use and is designed to always be secure.

• Solaris 11.4 released

  Congrats to my colleagues in the Solaris team who released Solaris 11.4 today. Despite the 11.x moniker, this is actually a major Solaris release; Oracle has just decided to go down the perpetual macOS X / Windows 10 version numbering route from now on. (This development is unlikely to faze Solaris veterans, who have been using SunOS 5.x since 1992.)

• Oracle Solaris 11.4 Officially Released

  Two years after Solaris 11.3 and Oracle opting for a “continuous delivery” model of 11.next updates instead of a “Solaris 12″, Solaris 11.4 is out the door today.

  Oracle is talking up Solaris 11.4 with its general availability release as “the trusted business platform”, “consistent compatibility, is simple to use and is designed to always be secure”, “more than 3,000 applications certified to run on it”, and “the only operating system that has completed UNIX V7 certification.”

Pseudo-Open Source (Openwashing)

• No lasers or Linux hacks, but Better Call Saul remains one of TV’s techiest shows [Ed: Conde Nast throws terms like "Linux hacks" into headlines that have nothing to do with Linux. Knowing that many people associate "hacks" with malice...]

• Open Source Components Save Time but Need to be Closely Monitored [Ed: Proprietary software also needs to be closely monitored, but I understand that some rather parasitic firms -- some connected closely to Microsoft -- create a stigma to sell their blobs. Zev Brodsky from WhiteSource, which works with Microsoft, is attacking FOSS here, as usual.]

• Opening Doors to Collaboration with Open Source Projects [Ed: Here we have the Linux Foundation once again propping up Microsoft; this is the company currently investigated by DoJ for corruption and bribery. If the Linux Foundation was a wild animal, it would not survive very long. It’s putting its head inside the lion’s mouth, expecting the lion to lick it instead of biting it. Or maybe the Linux Foundation no longer pursues the success of Linux but instead just wants to get as much money and influence as possible...]

BSD

• OBSD.ams : The setup

  For all the people who want to know what our setup looks like. Below is a write-up of our setup and configuration. There aren’t any packages installed on the servers running the Virtual Machines.

FSF/FSFE/GNU/SFLC

• bison-3.1 released [stable]

  We are very happy to announce the release of GNU Bison 3.1. It introduces new features such as typed midrule actions, brings improvements in the diagnostics, fixes several bugs and portability issues, improves the examples, and more.

Licensing/Legal

• GPL Violations Cost Creality a US Distributor

  One of the core tenets of free and open source software licenses is that you’re being provided source code for a project with the hope that you’ll “pay it forward” if and when you utilize that code. In fact some licenses, such as the GNU Public License (GPL), require that you keep the source code for subsequent spin-offs or forks open. These are known as viral licenses, and the hope is that they will help spread the use of open source as derivative works can’t turn around and refuse to release their source code.

• Sign up for the FSF’s next seminar on GPL Enforcement and Legal Ethics

  The Free Software Foundation (FSF) is the recognized canonical source on best practices for the use of GNU licenses. As stewards of the GNU family of licenses, we provide a wide variety of resources for helping developers and lawyers alike to improve their understanding of software freedom. In addition to published resources, we also routinely provide in-person instruction in the form of continuing legal education seminars. The FSF is proud to announce again that we are offering a seminar to take place on the west coast on September 27th.

• Open-source licensing war: Commons Clause

  Most people wouldn’t know an open-source license from their driver’s license. For those who work with open-source software, it’s a different story. Open-source license fights can be vicious, cost serious coin, and determine the fate of multi-million dollar companies. So, when Redis Labs added a new license clause, Commons Clause, on top of Redis, an open-source, BSD licensed, in-memory data structure store, all hell broke loose.

  Why? First, you need to understand that while you may never have heard of Redis, it’s a big deal. It enables real-time applications such as advertising, gaming financial services, and IoT to work at speed. That’s because it can deliver sub-millisecond response times to millions of requests per second.

  But Redis Labs has been unsuccessful in monetizing Redis, or at least not as successful as they’d like. Their executives were discovering, like the far more well-known Docker, that having a great open-source technology did not mean you’d be making millions. Redis’ solution was to embrace Commons Clause.

Programming/Development

• Stop! Don’t blindly take that coding challenge.

  If we can collectively reject awful hiring practices, we all win. Employers already have most of the power in this relationship, so we need to band together and consider how each of our individual actions affect the community as a whole.

   

  Don’t ever do a code test before speaking with an engineer on the team. You have the power to stop employers from lazily looking at your “hacker rank” or some other arbitrarily defined score. If you want to be treated like a human being, just stop doing things that put you in a box and force you to be seen as a number.

   

  You have the power. You can do this.

• Is “C Programming language” Still Worth Learning in 2018?

  C has been an evergreen language and played a prominent role for most of the system developments that took place in the last few decades. C programming was originally developed by Dennis Ritchie between 1969 and 1973 at Bell Labs and was made for general-purpose, imperative computer programming, that supported structured programming, lexical variable, scope, and recursion etc.

  Today, we have lots of programming languages to choose and learn but as a beginner, everybody has a question “Which programming language should I learn first?” and most of the answers that we get on the internet or through suggestions are “C”. In this article, we’ll try to find out if C Programming is still worth learning in 2018. If yes then why?

• This Week in Rust 249

  This Week in Rust is openly developed on GitHub. If you find any errors in this week’s issue, please submit a PR.

• Add GUIs to your programs and scripts easily with PySimpleGUI

  Few people run Python programs by double-clicking the .py file as if it were a .exe file. When a typical user (non-programmer types) double-clicks an .exe file, they expect it to pop open with a window they can interact with. While GUIs, using tkinter, are possible using standard Python installations, it’s unlikely many programs do this.

  What if it were so easy to open a Python program into a GUI that complete beginners could do it? Would anyone care? Would anyone use it? It’s difficult to answer because to date it’s not been easy to build a custom GUI.

  There seems to be a gap in the ability to add a GUI onto a Python program/script. Complete beginners are left using only the command line and many advanced programmers don’t want to take the time required to code up a tkinter GUI.

• Containers in Perl 6

  In the first article in this series comparing Perl 5 to Perl 6, we looked into some of the issues you might encounter when migrating code into Perl 6. In the second article, we examined how garbage collection works in Perl 6. Here, in the third article, we’ll focus on Perl 5′s references and how they’re handled in Perl 6, and introduce the concepts of binding and containers.

Health/Nutrition

• What is the stance on plain packaging across Asia?

  IP practitioners are concerned that the WTO ruling on plain packaging encroaches on IP rights and could spell trouble for other industries

• Brexit no-deal could send cigarette packaging up in flames

  The UK government’s Brexit no-deal guidance has raised uncertainty over tobacco plain packaging that uses EU copyrighted images. IP practitioners say the potential disruption to UK cigarette companies will depend on the EU Commission’s attitude to its IP

• Indonesia, Cuba Do Not Appeal WTO Plain-Packaging Ruling

  The governments of Cuba and Indonesia today chose not to appeal a June ruling at the World Trade Organization that upheld Australia’s law requiring tobacco products sold in the country to be packaged without logos or other trademarked designs. That leaves Honduras and the Dominican Republic alone in their appeals of the decision.

  [...]

  Cuba called the panel’s report “very deceiving,” said it relied on fundamentally non-objective analysis, and that it was structured to reach a predetermined outcome. “In other words,” it said, the report was subjected to “reverse engineering.” Notwithstanding its serious concerns about the report, the country chose not to participate in the next phase. Indonesia reportedly also indicated its displeasure with the ruling but chose not to appeal.

  Australia, for its part, praised the panel for confirming that WTO rules do not inhibit the right of members to “implement legitimate, non-discriminatory public health measures.” It also noted the number of other countries which have since adopted their own plain packaging laws, including the United Kingdom, France, Ireland, New Zealand, Hungary and Slovenia. It named others that are currently working to adopt such measures, including Canada, Uruguay, Singapore, Belgium and Chile.

  Canada, a third party to the case, applauded the panel’s decision, saying it reflects a “careful balance struck between rights and obligations to facilitate trade and a Member’s right to take legitimate public health measures.” Canada confirmed it is currently working to adopt plain packaging measures.

Security

• Kali Linux 2018.3 Release

  Another edition of Hacker Summer Camp has come and gone. We had a great time meeting our users, new and old, particularly at our Black Hat and DEF CON Dojos, which were led by our great friend @ihackstuff and the rest of the Offensive Security crew. Now that everyone is back home, it’s time for our third Kali release of 2018, which is available for immediate download.

  Kali 2018.3 brings the kernel up to version 4.17.0 and while 4.17.0 did not introduce many changes, 4.16.0 had a huge number of additions and improvements including more Spectre and Meltdown fixes, improved power management, and better GPU support.

• Kali Linux 2018.3 Ethical Hacking OS Adds iOS Research, Penetration Testing Tool

  Offensive Security announced today the release of Kali Linux 2018.3, a new snapshot of the Debian-based ethical hacking and penetration testing operating system formerly known as BackTrack Linux that brings updated components and several new tools.

  Powered by the Linux 4.17 kernel series, Kali Linux 2018.3 adds more fixes for the latest Spectre and Meltdown security vulnerabilities, better power management, improved GPU support, and lots of updated hacking and penetration testing tools, including Aircrack-ng, Burp Suite, OpenVAS, Wifite, and WPScan. A full changelog with all the fixes and updates is available here.https://bugs.kali.org/changelog_page.php

  “Another edition of Hacker Summer Camp has come and gone. We had a great time meeting our users, new and old, particularly at our Black Hat and DEF CON Dojos,” writes the Offensive Security team. “Now that everyone is back home, it’s time for our third Kali release of 2018, which is available for immediate download.”

• Fortnite Installer Vulnerabilities Highlight Mobile App Store Risks

  There are many good reasons why it’s often best for organizations looking to deploy or consume Android applications to use the Google Play mobile apps store.

  The discovery of a high-profile flaw in one of the world’s most popular games highlights why you should stick to apps in Google Play. Epic Games’ Fortnite is played by millions of players around the world on different platforms, including Android. Fortnite, however, isn’t available on the Google Play store for Android; rather, Epic Games decided to bypass Google and use a third-party store to deliver its game. That fact, however, didn’t stop Google from discovering a serious vulnerability that was publicly disclosed on Aug. 25.

• Command Injection Vulnerability found in WordPress Plainview Activity Monitor v20161228 and Prior

  A command injection vulnerability has been found in the renowned personal blogging and website creation management platform: WordPress. The vulnerability is found to exist in the Plainview Activity Monitor WordPress Plugin component, and it has been assigned a CVE identifier of CVE-2018-15877.

• Reproducible Builds: Weekly report #174

• Latest Mirai variant leverages open source project for cross platform infections [Ed: Actually, it leverages bad devices where the passwords and usernames are both uniform, the same, among other issues]

• Bubblewrap Security Feature Will Be Removed From Ubuntu and CentOS

  Ubuntu and CentOS are disabling a security feature which was added to the GNOME Desktop environment last year. The Security feature named Bubblewrap creates a sandbox environment that secures GNOME’s thumbnail parsers.

  Thumbnail parsers are the scripts that read files inside a folder and create a thumbnail image that can be used with the GNOME, KDE and different Linux Desktop Environments. The operation takes place whenever the user navigates to directories within the OS where there is a need to display thumbnail images.

• Security updates for Tuesday

• DLL Injection and Code Execution Vulnerability in v54.5.90 lets Hackers spread Malware

• Back to School Essentials for Security

  Going back to school? This is a perfect time for a digital security refresh to ensure the privacy of you and your friends is protected!

  It’s a good time to change your passwords. The best practice is to have passwords that are unique, long, and random. In order to keep track of these unique, long and random passwords, consider downloading a password manager.

  As a great additional measure: You can add login notifications to your accounts, so that you can monitor logins from devices you don’t recognize.

  If you’re a regular user of a public computer, like at the school library or lab, keep in mind that public computers can remember information from your logins. Adding two factor authentication to your accounts is a great way to bolster your security. Adding a second factor in addition to your unique, long, and random password makes it much harder for someone else to access your account. There are many types of two factor authentication, including SMS text messages, apps like Authenticator, or hardware tokens like Yubikey.

• Security reviews and microservices

  Humans don’t scale, not even linearly. In fact adding more humans probably results in worse performance. If you need to review a thousand services you will need an incredible number of people, and anytime people are involved there are going to be a lot of mistakes made. There is no secret option three where we just staff up to get this done. Staffing up probably just means you now have two problems instead of one.

  Automation is the only plausible solution.

• WhatsApp Vulnerable to Memory Corruption and DoS Crash with Crafted Message in v2.18.61

  WhatsApp is not new to memory corruption vulnerabilities. After a series of infamous and chronically frustrating special character message circulations which would cause the application to crash fiercely until the troublesome message was deleted (note that deleting the message was a feat immensely difficult to accomplish as the application would crash repeatedly and not launch properly in the first place to allow you to delete the message), there is now another such crafted message which is lending itself to a memory corruption vulnerability in the popular instant messaging social media platform.

  The new-found Memory corruption vulnerability has been found to affect the iPhones 5, 6s, and X with iOS 10 and 11.4.1 which was the latest iOS version when the tests were conducted. The vulnerability exists in WhatsApp’s versions 2.18.61 and older on these platforms.

Defence/Aggression

• Skripals – When the BBC Hide the Truth

  On 8 July 2018 a lady named Kirsty Eccles asked what, in its enormous ramifications, historians may one day see as the most important Freedom of Information request ever made. The rest of this post requires extremely close and careful reading, and some thought, for you to understand that claim.

• [Likely fabricated, see below] Bob Marley Assassination Rumours Surface: Ex-CIA Agent Allegedly Claims His Murder

  A report has many Bob Marley fans tripping. The piece contains quotes from a supposed CIA retiree named Bill Oxley. The 79-year-old is said to have confessed to the assassination of Marley. Oxley was inspired by his mortality to share his secrets from his deathbed.

• FAKE NEWS ALERT: The CIA did NOT kill Bob Marley

  The report was first posted online by YourNewsWire.com.

  It’s one of the most notorious Fake News websites. For instance, it spread rumours that Hillary Clinton was linked to a paedophile ring.

  Another time, it claimed US authorities were plotting to assassinate Donald Trump.

  The site is registered by Sean Adl-Tabatabai, a former BBC producer who went on to work for the conspiracy theory website of David Icke, who believes the world is controlled by predatory lizards who demand human sacrifice.

  The Bob Marley article is written by Baxter Dmitry, whose other articles include fake claims that the FBI carefully deleted evidence from the Las Vegas shooting, the Pope believes Jesus has turned into Satan, and that Britney Spears had admitted to escaping from the Illuminati.

• Germany to Shield 9/11 Plotter from CIA Amid Repatriation to Morocco – Report

  Former Al-Qaeda member Mounir al-Motassadeq, convicted of preparing the 2001 terrorist attacks, is to be released after 15 years in a German prison and sent home to Morocco. According to German media he will be taken there on board of a chartered plane in a special operation, as local security services fear that US intelligence may intercept him.

  Forty-four-year-old Mounir el-Motassadeq, imprisoned in Germany for taking part in organizing terror attacks on the US on September 11, 2001, is to be secretly deported to his homeland of Morocco after October 15, the Bild news outlet reported.

• Ex-CIA Officer: US Intelligence ‘Likely Bluffing’ About Its Agents in Kremlin

  The New York Times reported on Friday, citing unnamed US intelligence officials, that US sources in the Kremlin who had warned about Russian intervention in the US 2016 presidential election were now remaining silent about any possible Russian plans to intervene in the upcoming congressional elections in November.

  [...]

  The story that had been fed to the New York Times reporters was also probably an attempt to spread disinformation among the Russian security services and authorities, Giraldi advised.

  “It is far more likely that US intelligence officials are trying to pull off a double bluff and convince the Russians that they have agents there in order to set off a fruitless and distracting counter-intelligence search,” he said.

  Also, contrary to insinuations in the New York Times article, there was no evidence to indicate that Russia was trying to kill US sources or intelligence agents, Giraldi added.

• US Intelligence Sources ‘Likely Bluffing’ About Human Agents In Kremlin – Ex-CIA Officer

  US intelligence officials who told the New York Times they had high level intelligence sources in the Kremlin were probably bluffing to bolster their discredited allegations about Russia interfering in the 2016 US elections, retired CIA case officer Philip Giraldi told Sputnik.

  “Senior US intelligence officers would never so casually and publicly admit they had high-level intelligence sources in the Kremlin,” Giraldi said on Monday. “That is the most elementary of procedures.”

Transparency/Investigative Reporting

• National’s Michael Woodhouse calls for whistleblower Chelsea Manning to be banned from New Zealand

  National has called for US whistleblower Chelsea Manning to be banned from speaking in New Zealand because of her criminal record.

  Manning, a former US Army intelligence analyst, is due to speak at events in Auckland and Wellington on September 9 and 10.

  She served seven of a 35-year prison sentence for theft and espionage after releasing hundreds of thousands of classified or sensitive documents to Wikileaks.

  National’s immigration spokesman and former minister Michael Woodhouse said Manning was convicted and sentenced to prison for using her position to steal hundreds of thousands of documents and release them.

• Chelsea Manning and the limits of free speech absolutism

  The upcoming visit of the US intelligence whistleblower appears to have some on the right reassessing their commitment to free speech and open debate. How quickly they forget, writes Danyl McLauchlan.

  Back in the very distant past of two weeks ago, amidst the clash and clamour of the Great Debate about freedom of speech provoked by the no-platforming of Don Brash at Massey University and the ominous-yet-farcical visit of two Canadian white nationalists, I wondered: who would the political right protest or no-platform? Whose freedom of speech would conservatives like to take away while loudly insisting they still believed in freedom of speech, but just not for a particular person who they happened to disagree with?

• WikiLeaks whistle-blower Chelsea Manning shouldn’t be allowed into NZ, says National’s Michael Woodhouse

  National Party immigration spokesperson Michael Woodhouse says Ms Manning should not be allowed to enter the country due to her criminal convictions.

  ‘People with criminal convictions of this type are not allowed into New Zealand without a special direction. I could see no circumstances that would warrant Chelsea Manning coming into New Zealand.”

• National Party says Chelsea Manning should not be allowed in New Zealand

• National wants Chelsea Manning banned from NZ

• National wants Chelsea Manning barred from New Zealand

• Call for Manning to be barred from NZ

AstroTurf/Lobbying/Politics

• ‘Using Media to Create This Idea There’s a Gang on Every Street Corner’

  Janine Jackson: When local and federal law enforcement conducted an early morning raid in the Bronx in May 2016, arresting more than 100 people accused of “gang membership,” tabloids didn’t waste any ink on words like “alleged.” But the New York Times wasn’t less cartoonish: They told readers, “For the last ten years, life in the northern Bronx has largely been defined by wanton violence.” And the Times was no less quick to cheer for this kind of militarized intervention, supposedly aimed at reducing violence. CounterSpin asked writer and organizer Josmar Trujillo for some context.

  Josmar Trujillo: Raids, and gang raids in particular, aren’t new in New York City, or really in the United States. But last Wednesday’s raid, the size of it and the media hype around it, they’re expanding from the last, I’d say, two to three years. And probably even more so since the death of a police officer in my neighborhood, Spanish Harlem, last October. A lot of that had to do with the strategy of the district attorney there, Cy Vance.

• The President Is a White-Nationalist Mob Boss—and His Base Doesn’t Care

  Diehard Trump supporters represent at most a quarter of the electorate, but dominate media discussions of the president’s standing. They shouldn’t.

• How Do We Verify Anonymous Sources?

  In the movie “All the President’s Men,” a young Bob Woodward repeatedly goes to a dimly lit parking garage to meet with a man whose face was shrouded by shadows as he dispenses bits of information. That information fuels the Washington Post’s reporting on Watergate and, ultimately, helps lead to the resignation of President Richard Nixon.

  The source was known as “Deep Throat,” and he became perhaps the most famous anonymous source in modern journalism history. But he wasn’t anonymous to Woodward, who near the beginning of the movie calls him from a pay phone hoping he’ll provide information about the break-in at the Democratic National Committee headquarters, located in the Watergate complex.

• Media Continues Writing Premature Obituaries for the Democratic Left

  Despite these eager obituaries, there were also plenty of wins for insurgent Democrats on August 7. Democratic Socialist and Our Revolution candidate Rashida Tlaib won her primary for the House seat in Michigan’s 13th district; since she is running unopposed in the general election, she will become the first Palestinian-American woman in Congress. James Thompson also won the Democratic nomination in Kansas’s 4th district, and will face Ron Estes in a tough race in a deep-red district. Sarah Smith came in second in Washington’s 9th district top-two primary, and will face incumbent Democrat Adam Smith in the general election. Progressive candidates also earned big wins in a number of state and local races, and Missouri voters overwhelmingly approved a ballot measure to overturn the state’s anti-union right-to-work laws.

  More wins for left-leaning candidates came the following week on August 14. Somali refugee Ilhan Omar, who won her primary in Minnesota’s 5th district, will join Rashida Tlaib to become the first Muslim women to be elected to Congress. Randy Bryce won his primary to run for Paul Ryan’s soon-to-be-vacant seat in Wisconsin’s 1st district. Progressive Jahana Hayes won against Mary Glassman (who was surprisingly supported by a local Our Revolution chapter) in Connecticut’s 5th district, and will likely become the state’s first female African-American Democrat in Congress. Sanders-endorsee Christine Hallquist won the gubernatorial primary in Vermont, becoming the first trans woman nominated for a major political office.

  There were losses as well as wins in the August 14 primary, like Kaniela Saito Ing in Hawaii’s 11th district. Yet the major wins on August 14 made the premature obituaries of Sanders’s candidates look like wishful reporting.

Censorship/Free Speech

• Internet Content Moderation Isn’t Politically Biased, It’s Just Impossible To Do Well At Scale

  The narrative making the political rounds recently is that the big social media platforms are somehow “biased against conservatives” and deliberately trying to silence them (meanwhile, there are some in the liberal camp who are complaining that sites like Twitter have not killed off certain accounts, arguing — incorrectly — that they’re now overcompensating in trying to not kick off angry ideologues). This has been a stupid narrative from the beginning, but the refrain on it has only been getting louder and louder, especially as Donald Trump has gone off on one of his ill-informed rants claming that “Social Media Giants are silencing millions of people.” Let’s be clear: this is all nonsense.

  The real issue — as we’ve been trying to explain for quite some time now — is that basic content moderation at scale is nearly impossible to do well. That doesn’t mean sites can’t do better, but the failures are not because of some institutional bias. Will Oremus, over at Slate, has a good article up detailing why this narrative is nonsense, and he points to the episode of Radiolab we recently wrote about, that digs deep on how Facebook moderation choices happen, where you quickly begin to get a sense of why it’s impossible to do it well. I would add to that a recent piece from Motherboard, accurately titled The Impossible Job: Inside Facebook’s Struggle to Moderate Two Billion People.

• Event: Amnesty International Hong Kong hosts 8th Human Rights Documentary Film Festival
  

  The festival will feature six documentaries focusing on five human rights themes: peace and freedom, migrant workers, freedom of speech, civil society, Israeli-Palestinian conflict, democracy, and internet surveillance.

• When Freedom of Expression Isn’t Free: Journalism, Facebook, and Censorship in Bhutan

  On August 6, a Bhutanese journalist was sentenced to three months in prison for libel. The journalist had written a post on her personal Facebook account about a woman mistreating her 6-year-old stepdaughter. The post went viral, the police and other related agencies became involved. There were testimonies made in defense of the journalist by several parties, but the court found them to be “inadmissible.” The court verdict, besides meting out this punishment, asked the journalist to post an “apology statement” addressed to the “victim” – not the child, but the stepmother – on Facebook and to keep it for a month.

  This is the second time a Bhutanese journalist has been dragged to court for defamation via Facebook. I was the other journalist, the first to be the defendant of such a defamation suit in the country in 2016. The case, which involved a property dispute, received international attention and was considered important for freedom of expression in Bhutan. I would have been sentenced to three years in prison for libel had the case not been withdrawn at the end of the trial by the plaintiff. I did not see the end as having been a victory for me. There was no judgment in favor of a constitutional right.

  The Constitution of Bhutan guarantees every Bhutanese the fundamental right to free speech, opinion, and expression. But there are many ways in which this is curtailed. For instance, civil servants are “gagged” by the Bhutan Civil Service Rules and Regulations, a section of which, called Civil Service Core Values, states: “A civil servant shall not criticise his agency and the Royal Government.”

• When the news media is news: A new book details censorship and self-censorship in the Chávez regime

  Since Hugo Chávez became President of Venezuela in 1999, approximately 21 journalists have been attacked every year; others lost their jobs, or were murdered. The escalation of violence against the press was because of the implementation of a systematic policy of harassment of freedom of expression that ended up framing the press as the main enemy of the revolution.

  [...]

  Which media organizations supported Chávez’s candidacy and his rise to power? Which channel was the first to make the decision to split the screen between government programming and their own content during the coup d’état attempt on April 11, 2002? Who was behind the departure of Teodoro Petkoff from El Mundo? The book answers these questions, and many more.

• Defending the Digital Commons: A Left-Libertarian Critique of Speech and Censorship in the Virtual Public Square

  Is it now progressive to argue that essential liberties and rights should yield to private corporate power? I ask because the notion that the freedom to transmit and receive information is properly limited on the grounds that businesses profit from the control of ideas has always struck me as a rightwing position: liberty exists beyond the government—or in spite of it. In the rightwing view, the government is not something that should necessarily defend the civil rights of individuals in all circumstances, but something that, in its neutrality, perpetuates the privileges of elites as a class. Yet an argument has emerged on the left appealing to the supposed right of private corporations to legally censor speech as justification for suppressing objectionable expressions and opinions.

  The case that prompts this essay is the suppression of Alex Jones and InfoWars (its podcasts, webcasts, etc.), a fringe media outfit with a rightwing bent and an aggressive edge, by several large social media platforms—including Facebook, YouTube, Apple, and Spotify—for violating their policies against “glorifying violence” and “hate speech.” Jones is notorious for promoting what are popularly called “conspiracy theories,” such as the claim that the terrorist attack on the United States on September 11, 2001 was a false flag operation designed to bring the population under greater government control. Although Facebook, for example, has been aggressively censoring pages and posts for more than a decade, Jones’ infamy has drawn attention to the practice. “Glorifying violence,” Facebook explains in a statement released to the media, “violates our graphic violence policy.” “Hate speech” is evidenced by “dehumanizing language to describe people who are transgender, Muslims and immigrants.”

• Facebook Censorship, Mad Ben Nimmo and the Atlantic Council

  Facebook has deleted all of my posts from July 2017 to last week because I am, apparently, a Russian Bot. For a while I could not add any new posts either, but we recently found a way around that, at least for now. To those of you tempted to say “So what?”, I would point out that over two thirds of visitors to my website arrive via my posting of the articles to Facebook and Twitter. Social media outlets like this blog, which offer an alternative to MSM propaganda, are hugely at the mercy of these corporate gatekeepers.

  Facebook’s plunge into censorship is completely open and admitted, as is the fact it is operated for Facebook by the Atlantic Council – the extreme neo-con group part funded by NATO and whose board includes serial war criminal Henry Kissinger, Former CIA Heads Michael Hayden and Michael Morrell, and George Bush’s chief of Homeland Security Michael Chertoff, among a whole list of horrors.

  The staff are worse than the Board. Their lead expert on Russian bot detection is an obsessed nutter named Ben Nimmo, whose fragile grip on reality has been completely broken by his elevation to be the internet’s Witchfinder-General. Nimmo, grandly titled “Senior Fellow for Information Defense at the Atlantic Council’s Digital Forensic Research Lab”, is the go-to man for Establishment rubbishing of citizen journalists, and as with Joseph McCarthy or Matthew Clarke, one day society will sufficiently recover its balance for it to be generally acknowledged that this kind of witch-hunt nonsense was not just an aberration, but a manifestation of the evil it claimed to fight.

  There is no Establishment cause Nimmo will not aid by labeling its opponents as Bots. This from the Herald newspaper two days ago, where Nimmo uncovers the secret web of Scottish Nationalist bots that dominate the internet, and had the temerity to question the stitch-up of Alex Salmond.

• Billionaire Steve Wynn, Who Once Tried To Kill Nevada’s Anti-SLAPP Law, Loses Defamation Case Under That Law

  Back in 2015, we wrote about some apparent backroom dealing in Nevada, in which the legislature seemed poised to get rid of that state’s very good and thorough anti-SLAPP law. As a reminder, anti-SLAPP laws are designed to stop an unfortunately common practice of wealthy individuals and companies from suing critics and reporters for defamation, even though the defamation cases themselves had no chance. The plaintiffs knew that merely dragging the defendant to court would be costly in terms of time, money and general stress. Anti-SLAPP laws were a way to deal with that unfortunately common practice usually by (1) putting the immediate burden on the plaintiff to show a likelihood of success and then dismissing the case quickly if they fail to do so, (2) halting the expensive and time-consuming discovery process, and (3) often making the plaintiffs pay the defendants’ legal fees. The idea is that this is a deterrent to frivolous lawsuits, while leaving legitimate defamation lawsuits unharmed. As we’ve pointed out for years, unfortunately, only about half of the states have such anti-SLAPP laws, of varying quality, and there is still no federal anti-SLAPP law.

  In 2013, Nevada passed one of the best anti-SLAPP laws in the country. But, by 2015, there was an effort underway to throw it out. Nevada-based lawyer, Marc Randazza, pointed out that it appeared that billionaire Steve Wynn was a driving force behind the effort to kill Nevada’s anti-SLAPP law, perhaps in response to having recently lost a defamation lawsuit in California, thanks to California’s own anti-SLAPP law. Thankfully, that effort failed.

• Conservatives: Stop Crying Wolf On Tech Bias Or No One Will Ever Take You Seriously

  Aha! A big tech company caught red handed pushing its progressive agenda. Well…not so fast. Rather than uncovering compelling evidence of bias, this article’s author and its promoters merely reveal their ignorance of how search engines work.

  First, the author seems to conflate Google Search and Google News, two products which use different algorithms and serve different functions. Google News is a searchable news aggregator and app (with some overt editorial functions), whereas Google Search tries to give users the most useful and relevant information in response to a query.

  In order to determine what constitutes a relevant and useful result, search engines use complex algorithms to rank the quality of different pages based on a variety of signals such as keywords, authoritativeness, freshness or site architecture. A big part of this quality determination is based on outside links to a site – an idea going back to Larry Page and Sergey Brin’s work at Stanford in the late 1990s that culminated in the creation of the PageRank algorithm.

  Page and Brin realized that incoming links to a site served as a proxy for quality markers like authoritativeness, trustworthiness and popularity. Today, Google Search is much more complex, utilizing complex machine-learning functions like RankBrain and an evolving set of algorithms with names like Hummingbird, Panda, Penguin and Pigeon. However, incoming links are still a key factor. Additionally, while Google uses manual quality raters to test new algorithm changes, they do not use them on live search results.

• Donald Trump: “Rigged” Google Search Is Hiding Positive News About Me

  Fake news and manipulated content are rapidly becoming prevalent in our daily life. While many common people have been subjected to appalling abuse and digital misinformation, the USA President himself has claimed to have become a target of “bad stories.” And this time, he has blamed Google. Look at the tweets and see it for yourself.

• How To Get Your Dissident Ideas Heard In The New Media Environment

  I often say that my long-term goal here is to become obsolete so that I can focus on making art and poetry. Ideally this will look like our society shifting to a mode of operation that is so healthy that there is no longer any demand for an Australian political blogger who points out the fact that it’s wrong to manipulate public thought with mass media and drop explosives on children, but I’ll also settle for a world in which there are enough people doing this sort of thing that I’m no longer wanted or needed in this role.

Privacy/Surveillance

• Fugitive Fraudster Who Demanded Half Of Facebook Arrested After Three Years On The Run

  It’s been a while since we last wrote about Paul Ceglia. If you don’t recall, way back in 2010, Ceglia suddenly claimed that years earlier, he had hired Mark Zuckerberg to do some software development, and bizarrely (and literally unbelievably), that part of the contract for Zuck to work on Ceglia’s project… was an agreement to hand over 50% of Facebook, which didn’t even exist yet. Making it more ridiculous, Ceglia then claimed some weird interest amounts, and therefore was demanding ownership of 84% of Facebook. The whole thing was nonsensical, and while Zuckerberg admitted he had done some work for Ceglia prior to starting Facebook, nothing about the supposed contract made any sense at all. Beyond the bizarre nature of the contract Ceglia claimed he had with Zuckerberg, it quickly became clear that other evidence Ceglia presented, including purported emails, didn’t look real.

• Trust Us, We’re Secretly Working for a Foreign Government: How Australia’s Proposed Surveillance Laws Will Break The Trust Tech Depends On

  In the last few years, we’ve discovered just how much trust — whether we like it or not — we have all been obliged to place in modern technology. Third-party software, of unknown composition and security, runs on everything around us: from the phones we carry around, to the smart devices with microphones and cameras in our homes and offices, to voting machines, to critical infrastructure. The insecurity of much of that technology, and increasingly discomforting motives of the tech giants that control it from afar, has rightly shaken many of us.

  But latest challenge to our collective security comes not from Facebook or Google or Russian hackers or Cambridge Analytica: it comes from the Australian government. Their new proposed “Access and Assistance” bill would require the operators of all of that technology to comply with broad and secret government orders, free from liability, and hidden from independent oversight. Software could be rewritten to spy on end-users; websites re-engineered to deliver spyware. Our technology would have to serve two masters: their customers, and what a broad array of Australian government departments decides are the “interests of Australia’s national security.” Australia would not be the last to demand these powers: a long line of countries are waiting to demand the same kind of “assistance.”

  In fact, Australia is not the first nation to think of granting itself such powers, even in the West. In 2016, the British government took advantage of the country’s political chaos at the time to push through, largely untouched, the first post-Snowden law that expanded not contracted Western domestic spying powers. At the time, EFF warned of its dangers —- particularly orders called “technical capability notices”, which could allow the UK to demand modifications to tech companies’ hardware, software, and services to deliver spyware or place backdoors in secure communications systems. These notices would remain secret from the public.

• Ron Wyden Wants The DOJ To Provide Answers On Stingray Devices’ Disruption Of Emergency Call Service

  The FBI has admitted — albeit not that publicly — that Stingray devices disrupt phone service. Spoofing a cell tower has negative effects on innocent phone users as the device plays man-in-the-middle while trying to locate the targeted device. An unsealed document from a criminal prosecution and assertions made in warrant affidavits alleging “minimal” disruption are all we have to go on, at least in terms of official statements.

  Supposedly, Stingrays are supposed to allow 911 service to continue uninterrupted. But it’s hard to square that with the fact every phone in the device’s range is forced to connect to the Stingray first before being allowed to connect with a real cell tower. In some cases, the device might force every phone in range to drop to a 2G connection. This may still allow 911 calls to take place, but almost any other form of communication will be impossible as long as the Stingray is in use.

  Ron Wyden’s staff technologist, Chris Soghoian (formerly of the ACLU), will be fielding answers from the DOJ and FBI about 911 service disruptions, if those answers ever arrive. Wyden’s office has sent a letter [PDF] demanding to know the extent of cell service disruption when Stingrays are deployed. And he’d also like to know if these agencies are being honest about the negative side effects when agents seek warrants.

• Sen. Wyden Confirms Cell-Site Simulators Disrupt Emergency Calls

  It is striking, but unfortunately not surprising, that law enforcement has been allowed to use these technologies and has continued to use them despite the significant and undisclosed risk to public safety posed by disabling 911 service, not to mention the myriad privacy concerns related to CSS use. What’s more, a cell-site simulator wouldn’t just disrupt service for the specific person or persons being tracked but would likely disrupt service for every mobile device in the area as it tricks every phone in the area into connecting to the fake base station in search of the target phone. This could be especially dangerous during a natural disaster when IMSI catchers are being used to locate missing persons in damaged buildings or other infrastructure, cutting off 911 service at a time like that could be a grave danger to others trapped in dangerous situations.

  Harris Corporation claims that they have the ability to detect and deliver calls to 911, but they admit that this feature hasn’t been tested. Put bluntly, there is no way for the public or policy makers to know if this technology works as intended. Thanks to the onerous non-disclosure agreements that customers of Harris Corp and other CSS vendors’ customers have regularly been required to enter into there is very little public information about how CSS work and what their capabilities are. Even if a security researcher did audit a CSS, the results would be unlikely to ever see the light of day.

  Furthermore, even if Harris’ technology works the way they claim it does, they are far from the only manufacturer of CSS devices. There are several other companies that manufacture such technology and we know even less about the workings of their technologies or whether they have any protections against blocking 911 calls. Cell-site simulators are now easy to acquire or build, with homemade devices costing less than $1000 in parts. Criminals, spies, and anyone else with malicious intent could easily build a CSS specifically to disrupt phone service, or use it without caring whether it disrupts 911 service.

Civil Rights/Policing

• American Muslim Challenges Warrantless Border Device Search From An Unexpected Legal Angle

  This motion is normally used in criminal cases to argue for the return of property seized by the government. Lazoja was never accused of a crime, nor was she given any justification for the phone search. Her phone was returned to her intact 130 days[!] after it was seized, so she technically has her property back already. But with the help of the Council on American-Islamic Relations (last seen challenging the TSA’s suspicionless surveillance program “Quiet Skies”), Lazoja is hoping to force the federal government to delete any of her data it still has in its possession.

  The motion [PDF] details Lazoja’s experience with US customs officials, who took her into a room and demanded she unlock her phone for them. She refused, so the CBP seized it, giving her a receipt for her phone and sent her on her way without her personal property. Lazoja alleges a number of Constitutional violations and cites recent phone-related Supreme Court decisions, but it’s unlikely these arguments will be availing, what with the courts’ deference to the government’s assertions that border security trumps individual rights.

• Suspected CIA black site in Thailand to become tourist destination

  Not many tourist attractions promote themselves by saying “there’s nothing to see here”. But the Ramasun Camp Historical Museum in north-eastern Thailand isn’t your average destination: it’s among the locations suspected of hosting a CIA black site and secret torture prison.

• CIA ‘black site’ in Thailand where terrorists linked to 9/11 and the Bali bombings ‘were waterboarded and tortured’ opens to tourists

• More Than 60 Years After His Brutal Murder, Emmett Till Deserves Justice

  The Justice Department has reopened the Emmett Till case at a time when we’re constantly reminded of how much racial injustice persists in the US.

  Sixty-three years ago, Mamie Elizabeth Till-Mobley made the unbearably painful decision to have an open coffin funeral for her 14-year-old son Emmett. On Aug. 28, 1955, Emmett was tortured and murdered by white men in Mississippi for allegedly acting disrespectfully toward a white woman.

  The sight of Emmett’s body, mutilated beyond recognition, spread throughout the world in photographs published in Jet Magazine and other outlets. The shocking sight so outraged people in the United States and in other countries that it helped spark the civil rights movement of the 1950s and 60s. That outrage did nothing to assure accountability for Till’s death — no one was ever found guilty in spite of confessions in Look Magazine by one of the murderers.

  In July, the United States Department of Justice announced that an investigation of Emmett Till’s lynching will be reopened. Skepticism about the motives of the administration and the fact that such an investigation is decades late does not change the fact that a new, credible investigation is sorely needed as a necessary examination of the inexcusable racism that existed in 1955 and, sadly, persists today.

  Till’s murder was not the aberrational act of two men whose behavior fell outside of the norms of society. It was instead just one of a long series of examples of racial violence perpetrated in the name of preserving white supremacy and protecting white women from black men. Given the accusation that Till had wolf-whistled at the white wife of one of the murderers, it was not surprising that violence would result in 1955 Mississippi. Nor was it a surprise that an all-white, all-male jury would refuse to hold the white defendants responsible for the murder despite clear and convincing evidence of their guilt.

• FBI, Border Patrol Bypass Hate Groups As Leading Perpetrators Of Anti-Muslim Incidents

  The Council on American-Islamic Relations filed suit on August 8 against Customs and Border Protection, the Federal Bureau of Investigation, and other federal agencies, which it accuses of creating “a kind of second-class citizenship” for American Muslims.

  The lawsuit argues these agencies use an interagency watchlisting system that separates American Muslims from their children, denies them employment opportunities, prevents them from traveling by air, and rejects or delays their immigration benefits.

  CAIR’s challenge comes months after an annual report on the status of civil rights for Muslims in the United States, which found more Islamophobic episodes were instigated by federal agencies than either hate groups or individual bigots.

  The report, based on complaints made to or investigated by CAIR, found the number of anti-Muslim incidents rose 17 percent between 2016 and 2017. It described some of the personal experiences of discrimination.

• Embattled Garbage Hauler Co-Owns Dump With Person Expelled From Trash Industry, Records Show

  On Friday, the agency that oversees New York City’s commercial trash industry suspended the license of Sanitation Salvage, saying the Bronx company posed an “imminent danger to life and property” after two fatal accidents and a spate of other collisions. The agency outlined a pattern of unsafe practices including unlicensed vehicle operators, drivers working excessive hours and high rates of failed safety inspections for Sanitation Salvage trucks.

  But a ProPublica review of records shows that the oversight agency may have overlooked another potential impropriety hiding in plain sight: The owners of Sanitation Salvage are co-owners of a Bronx garbage dump with a person who was expelled from New York City’s commercial trash industry years ago.

  State and city records show that the Squitieri brothers, who run Sanitation Salvage, jointly own Metropolitan Transfer Station with Rosemarie Isabella, who was a principal of Isabella City Carting. In 2013, the Business Integrity Commission, or BIC, the city agency charged with oversight of private trash companies, revoked Isabella City Carting’s license, citing its long and troubled history in the mob-controlled industry and the fact that the company’s barred founder was still actively collecting payments from its clients.

• Protest Song Of The Week: ‘Move Along’ By Sihasin

  Several hundred immigrant children remain in the custody of the United States government, separated from their parents. Attorney General Jeff Sessions and the Justice Department have escalated the war on immigrants by deciding domestic violence and gang violence are no reason to grant individuals asylum. The family of a child that died shortly after she was released from the custody of Immigration and Customs Enforcement filed a $40 million lawsuit.

  To challenge the anti-immigrant policies of the government under President Donald Trump, a collective of artists compiled songs for an album called “Never Illegal.”

  “Never Illegal” is a “collective statement from artists across the U.S. that we are better than the events that are taking place at the Mexican border. No human being is never illegal, and no child should ever be separated from their loving parents,” the album’s Bandcamp page states.

Internet Policy/Net Neutrality

• When ISPs Tell Seniors Net Neutrality Laws Will Increase Their Bills, They’re Lying and Losing

  The fight to secure net neutrality protections for Californians keeps showing how far ISPs and their surrogates will go to make a buck off of ending the free and open Internet. The latest maneuver is a flood of deceptive robocalls targeting seniors and stating that net neutrality will raise their cell phone bills by $30 a month and slow down the Internet. It’s not just a lie, it’s proof that you’ve successfully put them on the defensive by contacting your representatives about net neutrality.

  The robocalls don’t mention net neutrality by name. Instead, they simply assert that S.B. 822 will raise their bills and slow down their Internet. If ISPs decided to make this true by coordinating to raise prices in reaction to net neutrality legislation it would probably be illegal under federal antitrust law. There is no evidence that says net neutrality harms ISPs to the point where they must raise prices to make money. In fact, the evidence says the exact opposite. The fact that this is even possible reveals that we seriously lack sufficient competition in the wireless market. Such intentional misrepresentations demonstrate the extent major ISPs oppose any legal requirements to keep the Internet free and open, even after it has been discovered that they would go so far as to upsell public safety during an emergency in California.

  The thing is, we know that none of these large companies is operating on so small a margin that complying with net neutrality would “force” them to raise their prices. We also know net neutrality rules have never raised their operational costs. We know these things because the evidence is already publicly available.

• Verizon couldn’t have restricted Santa Clara County’s internet service during the fires under net neutrality

  Federal Communications Commission Chairman Ajit Pai and his staff are fond of taking to Twitter to assert that, in the just over two months since the repeal of the FCC’s 2015 network neutrality rules took effect, the “Internet remains free and open” — and that opponents’ concerns that unconstrained broadband providers will act in a way that harms consumers and competition are overblown. The 2015 rules prohibited broadband providers like Verizon, Comcast and AT&T from picking winners and losers by blocking, throttling or otherwise discriminating against or favoring certain Internet traffic.

• Don’t Hold Your Breath Waiting For The FCC, FTC To Punish Verizon For Screwing Firefighters

  We’ve noted how the telecom industry been having great success in the Trump era eliminating FCC, FTC, and state authority over telecom monopolies. The underlying industry justification is that gutting consumer protections will somehow magically improve competition and spur investment by regional telecom monopolies, a decades-old claim that has never been true, and yet somehow never dies. In reality, when you kill regulatory oversight of natural monopolies (without shoring up the underlying competition issues beneath), the problem only tends to get worse. It’s something you probably noticed if you’ve had any interactions with Comcast lately.

  Last week the perils in this particular course of action were laid bare when Verizon was busted first throttling and then trying to upsell first responders while they were trying to combat wildfires in California. Gigi Sohn, one of the ex-FCC staffers that helped craft the rules, did a good job pointing out how the FCC’s “Restoring Internet Freedom” order didn’t just kill net neutrality,

DRM

• Denuvo Announces Plan To Fail To Combat Online Game Cheaters After Failing To Stop Piracy With Its DRM

  On the one hand, look, cheaters in online games suck out loud. These cheaters break the online gaming experience for all the non-cheaters out there. Perhaps more importantly, anti-cheating software is going to become a very real market ripe to be exploited, given the explosive growth in competitive online eSports and online gaming in general. If any company or group of companies could manage to end this infestation for gamers, they’d deserve a hero’s parade.

  On the other hand: this is Denuvo. Few companies have rivaled Denuvo’s boisterous claims and posture coupled with the failure of its product. It would be very easy to change out the references to anti-cheating software in the Irdeto quote above and replace them with references to Denuvo’s DRM and map that onto how Denuvo talked about its DRM product but a few years ago. Same promises, different product. I can only assume that anyone partnering with Irdeto for Denuvo anti-cheating software are basing that decision more on the reputation of Irdeto than Denuvo.

Intellectual Monopolies

• Brazil’s patent backlog may resolve without fast-track procedure

  Forces against Brazil’s patent system may have killed the proposal to fast-track pending applications, but examiners’ individual productivity could solve the backlog in the long term

• Trademarks

  • Tai Chi Tea: Beware of TM Infringement

    A difficulty here is that Zheng Cai represented himself pro se and did not exactly follow either TTAB or Federal Circuit procedure. In particular, Cai presented a set of factual assertions and images in his brief, but did not follow the particular brief filing rules. Because of the procedural failure, the TTAB refused to consider the materials presented — finding that Mr. Cai “introduced no evidence.” As Manafort can attest — it is difficult to win a case without presenting any evidence.

• Copyrights

  • Honest Government Ads Takes On EU Parliament’s Plan To Censor The Internet With Article 13

    If you’re in the EU and this kind of clueless, dangerous regulating concerns you, speak out now. If you’re not in the EU, it still helps to speak out about this. Contact the EU Parliament or just spread the word so that others know just how much damage the EU may do to the internet if this moves forward.

  • How The EU May Be About To Kill The Public Domain: Copyright Filters Takedown Beethoven

    Over in the EU Parliament, they’re getting ready to vote yet again on the absolutely terrible Copyright Directive, which has serious problems for the future of the internet, including Article 13′s mandatory censorship filters and Article 11′s link tax. Regrading the mandatory filters, German music professor Ulrich Kaiser, has written about a a very disturbing experiment he ran on YouTube, in which he kept having public domain music he had uploaded for his students get taken down by ContentID copyright claims.

  • Save the date: CC Global Summit is happening May 9-11 in Lisbon!

    Since 2015, the CC Summit has nearly doubled in size. We’ve lined up two great venues to host this international event. Workshops, talks, planning sessions, and small group sessions will be held in Museu do Oriente, a vibrant new museum in a refurbished industrial building on the Alcântara Waterfront. Our keynotes and our Friday night party will be held at Cineteatro Capitólio, a major Art Deco cultural landmark that recently reopened its doors. The event will be co-hosted by CC and CC Portugal, and we owe tremendous gratitude to the CC Portugal team for their insight and assistance. We also want to congratulate and thank Teresa Nobre and Timothy Vollmer, our Program Committee Chairs, for stepping up to lead our community planning.

  • US Copyright Office Review Board denies UEFA copyright protection over Starball logo

    Although the World Cup is over, this Kat can’t keep his mind off thinking about MORE football … or soccer (as Americans call it).

    In 2016, the Union des Associations Européennes de Footbal (UEFA) filed an application with the US Copyright Office to have the famous Starball logo registered as a copyright work of two-dimensional visual art. The Starball logo is composed of a round ball, made up of black stars, with white polygons in the negative space between the stars. The shapes are arranged into a circular space, with the outer stars curved to follow the circumference (see below).

  • USTR: Mexico Agrees To Raise IP Enforcement Standards With The US

    Mexico and the United States have reached a preliminary agreement to raise standards of enforcement of intellectual property rights, according to the Office of the US Trade Representative (USTR). Among the terms, the agreement appears to toughen requirements for internet service providers in protecting against copyright theft and extend copyright terms, and might make it harder for Mexico to agree elsewhere to strengthen its protection of geographical indications.

  • US Trade Rep Appears To Misreport Its Own Trade Agreement To Include Copyright Extension

    Soooooooo, you’ve probably heard the news on Monday about how the Trump adminstration had struck a preliminary trade agreement with Mexico to replace NAFTA. Most of the attention over the deal has to do with the lack of Canada being a part of it, with Mexico making it clear it still thought that this was a new deal with both the US and Canada and President Trump repeatedly acting as if this deal was a “take it or leave it” deal for Canada, and if they left it, it would just be US and Mexico.

    There will, of course, be plenty of time to dig into the details of what’s in the actual agreement, but on stuff that matters to us, it already looks bizarre. The USTR put out a “fact sheet” about the intellectual property part of the agreement and it’s causing quite a bit of consternation. In particular, it claims that copyright will be extended to life+75 years. Literally no one has been asking for this. While the movie and recording industries have pushed to extend copyrights in the past, this time around, they more or less acknowledged that it was a bridge too far to keep extending copyrights this long, and some have even expressed a willingness to shorten copyright terms.

    But there’s been a lot of confusion about what the “life+75 years” even means here — and it now seems quite likely that the USTR simply misunderstood its own agreement (yes, really). Current in the US, for works made for hire or corporate works, copyright lasts 95 years, and for those made by individuals, it’s life+70 years. In Mexico, it’s been an upward ratchet from life+50 years, to life+75 years, to life+100 years as of 2003. There were some stories that during TPP negotiations, Mexico had pushed for life+100 years in the US as well, but that seemed like a non-starter.

    So why would the USTR give an okay for life+75 years when basically no one in the US is still pushing for such a thing, and in fact seem to be in general agreement that, if anything, the term should go in the other direction? Either the USTR negotiators have no idea what they’re doing (possible!), don’t realize why this is a big deal (also possible) or are misreporting what’s actually in the agreement. It appears the last one is likely. While the USTR told reporters on a call that they absolutely mean extending copyright to life+75 years, after that, USTR representatives started claiming that this is not an extension of copyright, but was merely supposed to be setting the floor on copyright terms of 75 years, not “life plus 75 years,” in which case copyright wouldn’t change in either country. But, because this administration appears to be so clueless, someone at the USTR may have taken this news and mistakenly claimed it was now life plus 75, rather than a 75 year floor.

  • New Campaign Aims to “Save Music” Ahead of EU Copyright Filter Vote

    In just 15 days’ time, MEPs will again vote on the now-controversial copyright proposals of Article 13. The legislation would see platforms such as YouTube compelled to introduce upload filters, to prevent unlicensed content being offered to the public. The new ‘Love Music’ campaign, supported by powerful industry players, aims to ensure a thumbs-up from MEPs. But the opposition is out, in force