08.26.18

PTAB Haters (the Patent Maximalists) Hope That SCOTUS Will Save Their Quality-Reducing Agenda

Posted in America, Deception, Patents at 1:08 am by Dr. Roy Schestowitz

Mere months after Oil States, which dealt with this matter already

Patent Lawyers' Tears

Summary: Patent Trial and Appeal Board (PTAB) inter partes reviews (IPRs) still exploit 35 U.S.C. § 101 to invalidate a lot of abstract patents; in between rants about § 101 itself, proponents of software patents (typically patent lawyers) try to undermine the very mechanism of applying § 101

THE U.S. Patent and Trademark Office (USPTO), taking precedential Federal Circuit (CAFC) rulings into account, already limits patent scope — to the point of patent grants decreasing in number.

“They just want to waste even more of the courts’ time, giving perception of interim legitimacy for their massive, elaborate ‘scam’.”Patent lawyers’ interests, which are purely financial (because they do not create anything), aren’t served by this trend. Some have already attempted dirty tricks by which to avoid patents being rechecked (knowing that a reassessment would likely void patents). Patent Trial and Appeal Board (PTAB) inter partes reviews (IPRs), for example, are being dodged by misusing (claims of) immunity. A few days ago Kevin E. Noonan revisited the patent ‘scam’ from the St. Regis Mohawk Tribe (its law firm along with Allergan’s). They just want to waste even more of the courts’ time, giving perception of interim legitimacy for their massive, elaborate ‘scam’. Eiren O’Keeffe told me: “This is indeed an elaborate scam, designed to further shield big Pharma from opening up to keep profits high and patients subservient. Ridiculous this is even allowed to progress given the obvious motivation behind these actions.”

Here is what Noonan wrote:

On July 22nd, the Federal Circuit issued its opinion in St. Regis Mohawk Tribe v. Mylan Pharmaceuticals Inc., affirming the decision by the Patent Trial and Appeal Board (PTAB) of the U.S. Patent and Trademark Office that denied the Tribe’s motion to terminate Mylan’s inter partes review (IPR) proceedings as being barred by tribal sovereign immunity. Yesterday, the Tribe filed its brief in support of its petition for rehearing en banc.

We are pretty certain that SCOTUS won't deal with this. It would be a total waste of the court’s time.

“They are trying to make it seem as though software patents still have some worth, but that’s patently untrue.”Be sure, however, that patent extremists would do anything they can to advocate even ‘scams’ (like the above). They hate PTAB with a passion, so they’d cling onto anything!

The anti-PTAB site Anticipat, for instance, uses or takes out of context very tiny difference which can be easily explained to say “abstract idea reversal rate continues upward trend for July” (that’s the headline). They are trying to make it seem as though software patents still have some worth, but that’s patently untrue. To quote:

Similar to June, in July the PTAB decided a lot of abstract idea rejections. Of 195 total, 32 were reversed, yielding a pure reversal rate of 16.5%. One decision was partially affirmed, yielding a partial reverse rate of 17%.

The difference is minuscule and we offered an explanation for it earlier this month. In a nutshell, fewer people even bother with their patents; only ‘stronger’ cases are even being tested.

Moving on to other anti-PTAB sites, Watchtroll again (and intentionally) conflates patents with innovation or “invention” (yesterday’s guest article from Trevor Day and Neil Ferraro). One can invent things without patent applications, as many have done for centuries. But let’s put this spin aside.

Over at Watchtroll, Burman York (Bud) Mathis III is again heckling judges of CAFC because of their stance on software patents. He sure has a habit of doing so. To quote: “Judge Jimmie Reyna’s decision in McRO v Bandai is without question one of the best decisions to emerge from the Federal Circuit as it competently addressed key elements of Alice Corp. v. CLS Bank. Judge Kara Stoll and Judge Richard Taranto, who signed onto this landmark opinion, should also be praised with Judge Reyna. The McRO decision, among other things, stands for the idea that software is a process under 35 U. S. C. § 101, and that a claim that does naught more than receive data, process data and “apply” the processed data is patent eligible under § 101. The representative claim of McRO is reproduced below for convenience.”

“Watchtroll produced anti-PTAB pieces even twice on the same day (Monday).”McRO is a relatively old decision (a couple of years old) from back when Watchtroll attacked CAFC judges pretty viciously. The site does not care about patent quality at all; to make matters worse, it actively bashes technology companies and judges who oppose abstract software patents. Does Watchtroll stand for science and technology? Or for litigation? For justice? Or just for profits? Watchtroll has always been this crude. Watchtroll’s anti-PTAB agenda resumes, as does the 35 U.S.C. § 101 bashing for abstract ideas, which meant the very end of software patents (at least in US patent courts). These people once again hope that the Justices — however unlikely this may be — would offer redemption to them. Days ago Patently-O wrote: “Whether undisputed evidence that a patented invention is not unduly preemptive, presented to technically proficient judges of the Board, is relevant to the question whether the invention is patent-eligible under 35 U.S.C. § 101.”

Dennis Crouch said it in relation to Smartflash v. Samsung, which saw a SCOTUS petition filed (“Smartflash Patents at issue here: U.S. Patent Nos. 7,334,720; 7,942,317; 8,033,458; 8,061,598; 8,118,221; 8,336,772; and 8,794,516.”).

Watchtroll’s Steve Brachmann wrote about a patent troll’s petition (Advanced Audio Devices) under “Supreme Court Petition Challenges PTAB’s Constitutionality Under the Takings Clause” (this issue or a similar issue was already challenged or tackled only months ago).

“These patent extremists believe that can somehow abolish IPRs, but they cannot.”Watchtroll produced anti-PTAB pieces even twice on the same day (Monday). Gene Quinn did another one, insinuating that there are “Shell Games” at PTAB. Then again on Wednesday Watchtroll was attacking PTAB (over “Transparency”). These patent extremists believe that can somehow abolish IPRs, but they cannot. Justices stand in their way. They know it. Days earlier Jeremy Doerre added another one of those patent maximalist pieces and Patently-O talked about stupid design patents (SCOTUS should knock these out and probably would had it gotten the chance). Here’s what Patently-O said:

During prosecution, the USPTO (examiner then PTAB) rejected the patent — finding the claim indefinite and not enabled. The particular problem with the drawing is that it is a flat plan view and does not show the three-dimensional structure — what do these lines actually represent in terms of 3D hills and valleys? The figures below is more ordinary for a shoe sole design — showing more than just a plan-view of the base.

[...]

In the end, this means that Maatita’s patent will be much broader in scope because it is not limited to any particular three-dimensional shape, but rather only a to the appearance from a particular perspective.

The decision here is also in-line with the Federal Circuit’s ongoing undermining of the indefiniteness doctrine — what does “reasonable certainty” mean to the court?

Patents on shoe sole designs? What next? Things like the patent below… (assigned to Zach Snyder)

Zach Snyder patent

08.25.18

‘Cult of Patents’ Has Cheapened Patents and Nowadays Patent Law Firms Are Collapsing

Posted in America, Patents at 11:00 pm by Dr. Roy Schestowitz

Patents are becoming toothless, clawless

A male lion

Summary: The decline in patent quality is counterproductive in the long run; it assures that the patent system, especially the patent lawsuits element of it, loses momentum

THE concerns expressed by large law firms about EPO scandals aren’t out of date; they’re still applicable because António Campinos hasn’t changed anything at all; what about the USPTO, whose patents (that it grants) are often found to be invalid in patent courts, such as the Federal Circuit and sometimes SCOTUS too? The matter of fact is, if patents are improperly being granted, people will lose confidence in them. And this, in turn, would reduce demand for them, perceived value of them, and ultimately cause the collapse of patent law firms (which in turn get absorbed by one another in order to get enough ‘business’ such as litigation flowing). Last year we wrote several articles about the demise of patent law firms and patent trolls. The patent bubble had burst. We have not seen any potent rebuttal to this, albeit days ago Patently-O wrote about that old strategy of firms getting absorbed when they’re defunct. “One Example,” Patently-O said, came on “August 21, 2018 – Venable LLP, an American Lawyer Global 100 firm, and Fitzpatrick, Cella, Harper & Scinto, one of the world’s leading intellectual property firms, have reached an agreement for Fitzpatrick to join Venable.”

“Last year we wrote several articles about the demise of patent law firms and patent trolls.”Are patent lawyers a dying breed? Trying hard to find work and getting ‘bought’ as a publicity stunt for mere hirings? This is commonly done in the technology sector (hirings disguised as takeovers). There are even catchy words and phrases that describe these routines. Here is another new example that is only days old (“Stinson Leonard Street combines with St. Louis intellectual property firm”). M&A as publicity stunt? How about this (“Apprenda attempting to sell its assets after business shuts down”) from 5 days ago? Well, patents are not really “assets”; this metaphor just isn’t helpful at all.

“People who do patents for a living (not invention but mere patents) may think or even lie to themselves about doing ‘humanitarian’ work; but those on the receiving end of patent lawsuits and blackmail from patent trolls would beg to differ.”We remain convinced that in order for the patent system to maintain a sense of legitimacy it will need to improve patent quality. Days ago Managing IP wrote about the low quality of patents granted in China and Patently-O wrote about “USPTO China IP Roadshow at the University of Iowa College of Law”. China’s SIPO — like WIPO — demonstrates patent maximalism gone extreme. They don’t seem to care about patent quality at all. All they care about is numbers!

Not too long ago the USPTO celebrated 10 million patents (never mind if the ten millionth might be invalid). The USPTO even made a special subsite to mark this ‘event’ and IP Kat currently continues its dance with the ‘Cult of Patents’ (people who believe that the more patents the merrier, irrespective of their merit/quality). A few days ago the patent microcosm published this article which said:

The 10 millionth U.S. patent will largely be a celebratory event, but it has warranted a lot of preparation at the United States Patent and Trademark Office. Especially its IT department.

For the first time in more than 100 years—and for the first time in the computer era, of course—the patent office will issue patents with eight digits. The situation could be likened, somewhat, to the end of the 20th century and the Y2K scare—when old software code had to be upgraded so that software systems throughout the world would function properly when the year 2000 arrived.

Look how many patents used to be granted in the US 100 years ago, 50 years ago, 20 years ago and so on. It’s not innovation that’s accelerating. It’s just patenting activity that’s soaring.

The USPTO is well aware of the situation. It knows that it has become just a patent-granting ‘machine’ and Donald Zuhn — himself a patent maximalist — is one among several people who are now scrambling to paint a patent monopoly as a humanitarian thing. They have this thing called “Patents for Humanity,” again backed by the USPTO (like celebration of 10 million patents). To quote:

Earlier this month, the U.S. Patent and Trademark Office announced the latest winners of the Patents for Humanity program. The Patents for Humanity program, which was launched by the Office in February 2012 as part of an Obama Administration initiative to promote game-changing innovations to solve long-standing development challenges, is a competition recognizing innovators who use game-changing technology to meet global humanitarian challenges. Entrants are divided into five categories: medicine, nutrition, sanitation, household energy, and living standards. The Office noted that in this latest round, there were nine winners and six honorable mentions. Winners receive an acceleration certificate to expedite select proceedings at the USPTO (i.e., a patent application, ex parte reexamination, or an ex parte appeal to the Patent Trial and Appeal Board) in addition to public recognition for their work.

People who do patents for a living (not invention but mere patents) may think or even lie to themselves about doing ‘humanitarian’ work; but those on the receiving end of patent lawsuits and blackmail from patent trolls would beg to differ.

The USPTO’s New Strategic Plan Should be to Keep Services Available and Actually Explain a Week’s Downtime

Posted in America, Patents at 10:09 pm by Dr. Roy Schestowitz

Of course patent quality too should be a priority

A businessman

Summary: The USPTO faces legitimacy problems after a long downtime, failure to explain this downtime, and persistent questions about enforceability of USPTO-granted patents in courts, not to mention in the USPTO’s own Patent Trial and Appeal Board (PTAB)

THE MONTH of August was a tough one for the USPTO and we can imagine that some technical staff needed to be recalled from holidays.

“Iancu sounds like PR person.”“The recent failure of USPTO PALM database is a direct result of John Owens, Tony Chiles and Pam Isom’s incompetency,” an insider wrote. “This time Owens cannot blame a power failure,” this insider added, alluding to previous incidents which were nowhere as severe as the latest [1, 2].

“After a week of the USPTO’s electronic patent filing systems being down, the office says “the director will prescribe a procedure that will allow you to seek a refund of the paper filing fee”. But some observers say this will be tricky,” Michael Loney wrote. The USPTO was still ‘on fire’ (as in up in flames) until a few days ago. Every page came up with pop-ups containing a face-saving message about key services being down. At the moment (minutes ago) the pop-up instead says: “You have been randomly selected to take part in this survey that is being conducted by ForeSee on behalf of the United States Patent and Trademark Office. The feedback you provide will help the United States Patent and Trademark Office enhance its site and serve you better in the future. All results are strictly confidential – see our Privacy Policy for details.”

So we assume that the downtime is over, well over a week after it started. Now comes Director Iancu with ‘damage control’. A nontechnical director, selected by Trump after he had worked for him, is talking about a technical problem. Patently-O has the full text, which is pure spin from Iancu (a lawyer, spin is what these people do for a living), spinning over a week’s downtime as a ‘feature’ or ‘improvement’…

“In the process of getting everything back up and running, we sought not merely to restore but also to improve our PALM operating systems,” he wrote. “Among other things we now have enhanced servers and performance optimization, such that the resulting condition is better than it was before the outage.”

Aha! So people should really be thankful for the outage! A blessing in disguise? Iancu sounds like PR person. But see the comments. They’re rightly upset. To quote the first couple of comments:

What challenges? I guess it doesn’t matter how/why it happened? Any interest in explaining how the PTO plans on it not happening again? This is now the second time that a lengthy outage has occurred, on top of the daily sporadic outages.

Also, is there any logical a reason to tie the contingency EFS in with the same system that houses the primary PALM database? What’s the good in a contingency system if its availability is inextricably tied to the availability of the system that it’s supposed to back up?

It’s simple: Two is one and one is none.

And the second:

It is part of the citizens of the US becoming peons. People in charge don’t have to explain. I don’t think that contained an apology either. And it described “the outage” as if it was an act of G*d.

There’s lots more along those lines. Why the USPTO was down is still unexplained. What a mystery. From a government-connected entity better can and should be expected.

Patently-O has meanwhile published the “USPTO New Strategic Plan (Draft),” to which I replied with: “a good strategy for the USPTO would be to first brings its service back online :-) there has been a one-week downtime!” (it was still down at the time).

From Patently-O: “The Strategic Goals reflect the fact that the PTO is primarily a bureaucratic agency — and the main goal is quality bureaucracy. That means efficient, correct, and timely work. Thus, the PTO’s first strategic goal is “Issuing reliable IP rights.””

If patent quality is improved rather than lowered, patents would be more reliable in courts (the same goes for trademarks).

They speak of “optimizing patent and trademark quality,” so Iancu should just formally forbid software patents at the USPTO (it’s about time to do so, but of course he wouldn’t, he used to advocate these for money). IP Watch wrote about this draft as well:

The United States Patent and Trademark Office (USPTO) is seeking comments on its draft strategic plan for the years 2018-2022. The draft plan covers a range of goals, including optimizing patent and trademark quality and timeliness, and providing “domestic and global leadership to improve intellectual property policy, enforcement, and protection worldwide.”

Remember that the USPTO said its systems/services would be restored by last Tuesday. But no… that did not happen. It was down for over a week! The issues were apparently resolved in the past few days, maybe a couple of days ago.

Iancu’s response appears to have mostly angered stakeholders, who still don’t know what happened and whether anyone (company or person) was held accountable. Perhaps the above draft was released (prematurely even) as a form of distraction from Iancu and his team.

In other news, this one from Joseph Herndon, patents on candles were brought up in relation to a Federal Circuit ruling. Luminara is upset and is complaining that its own patents are utter rubbish. They should never have been granted by the USPTO (which merely profits from granting anyway, whenever there’s doubt). To quote Herndon:

Luminara Worldwide, LLC appealed from three inter partes review (IPR) decisions, in which the Patent Trial and Appeal Board held unpatentable a total of 31 claims across Luminara’s three patents. On appeal, Luminara challenged the Board’s decisions as to one claim from each patent and asserted that the Board’s application of the 35 U.S.C. § 315(b) time-bar was improper as to the ’319 patent. The Federal Circuit dismissed the IPR with respect to the ’319 patent, holding that the § 315(b) time-bar applied, and affirmed the other two IPR decisions.

The patents here are directed to making flameless candles that look and behave like real candles. Shenzhen Liown Electronics Co., Ltd. (Liown) requested inter partes review of 31 claims of the Luminara patents including U.S. Patent Nos. 8,696,166; 8,070,319; and 8,534,869. The three patents, which employ moving pendulums to simulate the appearance of a natural flame, are related.

In summary, Iancu’s Office (leadership) needs to seriously think about the quality and thus legitimacy of the patents it grants. It needs to do more to demonstrate that it can handle technical matters (over a week of outage certainly disputes this) and improve transparency, e.g. regarding the cause of the outage.

As things stand at the moment, the Office loses credibility even within or among its own stakeholders, who complain that their US patents are worthless, the service is poor, and the Office is facetious. Don’t make the USPTO another Battistelli-esque EPO.

Links 25/8/2018: Go 1.11, LLVM 7.0 RC2

Posted in News Roundup at 11:20 am by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

  • Desktop

    • Google Chrome OS

      Chrome OS is Google’s cloud-connected desktop operating system. This web-apps focused OS powers mostly inexpensive chromebooks, offering a low-cost desktop option for those of modest means or basic needs. That affordability, along with tie-ins to Google’s online productivity apps, has made the OS popular in the education market. The recent addition of the ability to run Android apps has given the OS new life and millions of new software choices, though the support for those apps is inconsistent. With that major integration still ongoing, Chrome OS feels like something of a work in progress, one that’s not suited to high-power computing needs. Still, for the right users, Chrome OS is a strong choice.

    • New Chrome OS v69 beta hits the Pixelbook with Linux support, night light, and more

      Google announced Linux app support on Chrome OS back at I/O, but it’s been slow to move it out of the dev channel. Finally, the Pixelbook just got a new build of Chrome v69 update that adds the beta Linux support. That’s not all—this was a rather major update.

      Make sure you have plenty of battery before installing this update. In addition to tweaking Chrome OS, the latest update brings changes to the BIOS and touchpad firmware. The installation process will take a few minutes longer than usual as a result. Once you get up and running, you can enable Linux support in the system settings. We have a handy tutorial to get you started installing Linux-y things.

    • How Google’s rumored ‘Campfire’ dual-boot Chromebooks may burn Microsoft

      even years ago, Google began an assault on Windows PCs with its cloud-centric Chromebook PC alternative. Google’s leveraging of a more secure, easier to manage, and more affordable “PC” positioned Chromebooks for market success. Despite this success, however, Chromebooks’ global market share still pales in comparison to Windows PC’s seemingly indomitable presence.

      Google remains committed to an unrelenting multifaceted assault on Windows PCs, in an attempt to position Chromebooks as the “PC” for the modern personal computing age. Android apps on Chrome, aggressive Chromebook ads, a strategic push in schools, Progressive Web App (PWAs), and low Chromebook prices are all tools Google has and will use to make Chromebooks appealing to the masses.

      Campfire, Google’s rumored Windows and Chrome dual-boot solution, is just the latest, and possibly most important, tool in Google’s arsenal to unseat Windows PCs as the PCs for the masses.

    • Some of Google’s Chromebook laptops won’t be getting support for Linux apps

      When Chromebooks first came out, you were limited to a small selection of apps, all made by Google. Over time, the company has opened up Chrome OS to accommodate third-party Android apps, and it’s recently added support for regular Linux apps as well. However, it turns out that a number of Chromebooks have a version of the operating system that’s simply too old to be compatible with this new batch of software.

  • Server

    • Is Kubernetes free as an open source software?

      So, is Kubernetes free?

      Yes, but also no.

      Pure open source Kubernetes is free and can be downloaded from its repository on GitHub. Administrators must build and deploy the Kubernetes release to a local system or cluster or to a system or cluster in a public cloud, such as AWS, Google Cloud Platform (GCP) or Microsoft Azure.

      While the pure Kubernetes distribution is free to download, there are always costs involved with open source software. Without professional support, Kubernetes adopters need to pay in-house staff for help or contract someone knowledgeable. The Kubernetes admin needs a detailed working knowledge of Kubernetes software build creation and deployment within a Linux environment.

      In effect, users need to know what they’re getting into before they adopt open source software in the enterprise.

  • Kernel Space

    • Linux 4.18.5
    • Linux 4.17.19
    • Linux 4.14.67
    • Linux 4.9.124
    • Linux 4.4.152
    • What Stable Kernel Should I Use?

      I get a lot of questions about people asking me about what stable kernel should they be using for their product/device/laptop/server/etc. all the time. Especially given the now-extended length of time that some kernels are being supported by me and others, this isn’t always a very obvious thing to determine. So this post is an attempt to write down my opinions on the matter. Of course, you are free to use what ever kernel version you want, but here’s what I recommend.

      As always, the opinions written here are my own, I speak for no one but myself.

    • Happy birthday, Linux: 27 years

      Linux celebrates another birthday today—27 years! And we couldn’t be more pleased to share in the excitement. Many of our readers are Linux users, fans, nerds… the list of adjectives describing them goes on. What would you call yourself?

      I’d say I’m a Linux newbie with mad respect. On the technical side, I installed Linux for the first time in 2014. On the community side, I’ve been working with Linux folks for six years as an editor for Opensource.com. Because we gather and publish articles from the great, wide community of users out there, I meet and get to know hundreds of Linux users from all walks of life, of all ages and stages on their Linux journey. It’s a fascinating world, because Linux is eating the world with its millions of users, but also because Linux users are a passionate bunch. They feel that they’re on to something special. And they are.

    • Linus Torvalds announced the first version of what became Linux in 1991

      Linux, a free and open-source software operating system, was built around Linux Kernel, the central part of Linux operating systems, Android and Chrome OS. It all begun, when Linus Torvalds started working on his own operating system kernel in 1991. Linus Benedict Torvalds, a Finnish-American software engineer, was studying computer science at University of Helsinki. Linus wrote the program specifically for the hardware he was using and developed it on MINIX using the GNU C Compiler. Torvalds ended up writing an operating system kernel and announced it by posting to the newsgroup “comp.os.minix.” on 25 August 1991. Linux gained importance in 1992 after the X Window System was ported to Linux by Orest Zborowski.

    • Happy Birthday, Linux!

      Happy Birthday, Linux! It’s 27 years since Linus Torvalds’ famous Linux announcement of his (now hugely influential) open source operating system.

    • 27 Interesting Facts about Linux

      In honour of Linux’s birthday here’s a list 27 interesting facts about Linux, its creator Linus Torvalds, and the impact his “hobby” OS has had on the world.

      Since its creation back in 1991, the open source Unix-like operating system has gone on to revolutionise the world, empower startups, birth new industries, and help in the creation of new types of gadgets and technologies.

    • What was the most important moment in the history of Linux?

      Today Linux powers so much of the world’s infrastructure that it’s honestly hard to think of an industry that hasn’t been significantly shaped by its progress. From banks to healthcare giants to airlines, to almost all of the most popular websites in use today, and perhaps even the phone in your pocket, the world runs on Linux.

    • Intel Has Also Relicensed Their FSP Binaries: A Big Win To Coreboot, LinuxBoot

      There’s some good news beyond Intel’s CPU microcode re-licensing to clear up the confusion among users and developers this week: Intel is also re-licensing their FSP binaries to this same shorter and much more concise license.

      The FSP “Firmware Support Package” binaries used by the likes of Coreboot, LinuxBoot, and Facebook’s Open Compute Project is under this same license now as the CPU microcode files. The FSP bits have been closed-source for several generations but are used by Coreboot and friends for allowing their “BIOS” to be as open as possible otherwise. The Intel Firmware Support Package is basically the firmware that initializes the processor, memory controller, chipset, and other certain bits that unfortunately don’t have open-source initialization code available.

    • Linux Kernel Getting Better Support For The Apple Magic Keyboards

      The Magic Keyboard that was introduced by Apple in 2015 is seeing improved Linux support with a new kernel patch that’s pending.

      The Apple Magic Keyboard has worked with Linux already when using the USB-based connection, but not Bluetooth (though some have managed workarounds). Additionally, the Apple Magic Keyboard having the numeric keypad hasn’t worked with either USB or Bluetooth.

    • Linux Kernel And Its Functions

      People use Linux every day. Today almost all electronic products are built on Linux and the most popular ones are Android devices. Every day almost 850,000 Android devices are activated which is the largest compared to any other mobile devices manufacturer such as Windows phone, iPhone etc. It’s not just smartphones that Linux runs but every other gadget from your TV to a refrigerator is running on Linux. So how is this all possible and what is Linux all about? Let’s talk about this.
      Before identifying the main functions that the famous Linux Kernel has, it is vital to define what is the Linux Kernel.

    • A Global Switch To Kill Linux’s CPU Spectre/Meltdown Workarounds?

      Something I have seen asked in our forums and elsewhere — most recently on the kernel mailing list — is whether there is a single kernel option that can be used for disabling all of the Spectre/Meltdown workarounds and any other performance-hurting CPU vulnerability workarounds.

      With many of the mitigation patches for these speculative execution vulnerabilities hitting many processors these days, there’s often a measurable “performance tax” associated with them. Fortunately, for most of the mitigations they can be disabled at run-time via various options.

    • WireGuard Takes Another Step Towards The Mainline Linux Kernel

      Jason Donenfeld who has now spent years working on WireGuard as an in-kernel, secure network tunnel sent out a second version of his kernel patches on Friday.

      At the end of July he sent out the initial kernel patches for review and following that month worth of feedback he now has V2. The revised work includes splitting up some of the Zinc crypto code, code clean-ups, and other low-level improvements to this code.

    • IBM Posts Initial Patches For Linux Secure Virtual Machine On POWER

      IBM developers on Friday posted their initial Linux kernel patches for enabling Secure Virtual Machine (SVM) support with POWER hardware.

      These “request for comments” patches are their preliminary work on supporting Secure Virtual Machines on POWER.. The goal is on making the guest’s memory inaccessible to the hypervisor, similar to the work done by AMD for EPYC CPUs with Secure Encrypted Virtualization and as well some work by Intel for their CPUs.

    • Linux Foundation

      • Performance and Scalability Systems Microconference Accepted into 2018 Linux Plumbers Conference

        Core counts keep rising, and that means that the Linux kernel continues to encounter interesting performance and scalability issues. Which is not a bad thing, since it has been fifteen years since the “free lunch” of exponential CPU-clock frequency increases came to an abrupt end. During that time, the number of hardware threads per socket has risen sharply, approaching 100 for some high-end implementations. In addition, there is much more to scaling than simply larger numbers of CPUs.

    • Graphics Stack

      • RadeonSI Gets Patches For OpenGL 4.5 Compat, Workaround For No Man’s Sky On Steam Play

        Valve open-source Linux GPU driver developer Timothy Arceri has spent a lot of time in recent months improving the RadeonSI Gallium3D driver’s OpenGL compatibility profile support. Now there are patches taking it up to par with the core profile context support.

        With the imminent Mesa 18.2 release the RadeonSI OpenGL compatibility profile support has gone from OpenGL 3.2 to OpenGL 4.4 thanks to Arceri, Marek at AMD, and other contributors. This Friday morning Timothy has now posted patches bumping it to OpenGL 4.5.

      • RadeonSI Gets Another Handful Of OpenGL Extensions, Mirroring The PRO Driver’s Behavior

        Prolific Mesa contributor Marek Olšák has landed support for more OpenGL / OpenGL ES extensions into the RadeonSI Gallium3D driver.

      • AMD Posts Open-Source Vulkan Driver Code For Vega 12 GPU

        AMD developers have done their weekly code drop to their official open-source Linux Vulkan driver code. This week there are fixes while most interesting is initial support for the yet-to-launch Vega 12 graphics processor.

      • Looks like AMD just open sourced their V-EZ Vulkan wrapper

        When they initially announced V-EZ, they said it would be closed source and they would be working with “professional ISVs who would benefit from acquiring the source code”.

        I’ve seen a lot of developers mention how Vulkan really is a much more complex beast, which makes sense since it’s supposed to be closer to the hardware than OpenGL with a smaller, leaner driver giving developers more power and control. That’s not great for everyone though, so projects like this are still going to be useful. Previously, their GitHub page said “V-EZ is not aimed at game developers.”, however they seem to have removed that now too.

      • weston 5.0.0

        This is the official release of weston 5.0.0.

      • Wayland 1.16 Released, Likely The Last Time-Based Release, Plus Weston 5.0

        Current Wayland/Weston release manager Derek Foreman of Samsung OSG today announced the release of Wayland 1.16 as well as the Weston 5.0 reference compositor.

        Wayland 1.16 brings build system updates, drops the wl_buffer definition, the protocol now supports a zero physical size output, and other small work… Really nothing too major in Wayland 1.16.

      • mesa 18.1.7

        Mesa 18.1.7 is now available for general consumption. This release has been rather small compared to the last few release, There’s just a handful of fixes in total. Meson, radv, anv, gallium winsys, intel, i965, and r600 were the only recipients of fixs this go around.

      • Mesa 18.1.7 Released With Few Bug Fixes

        Mesa 18.1.7 ships with the last two weeks worth of fixes in the Mesa stable space. But overall this isn’t nearly as big as past Mesa 18.1 point releases. Mesa 18.1.7 has some minor fixes to R600 Gallium3D, Intel i965, RADV Vulkan driver fixes, the Doom workaround has been back-ported to RADV, and a variety of other fixes.’

    • Benchmarks

  • Applications

  • Desktop Environments/WMs

    • K Desktop Environment/KDE SC/Qt

      • Akademy, Akadeyou
      • Akademy Group Photo Automator

        Every year we take a group photo at Akademy and then me or one of the Kennies manually marks up the faces so people can tag them and we can know who we all are and build community. This is quite old school effort so this year I followed a mangazine tutorial and made Akademy Group Photo Automator to do it. This uses an AI library called face_recognition to do the hard work and Docker to manage the hard work and spits out the necessary HTML. It was a quick attempt and I’m not sure it did much good in the end alas. The group photos tend to be quite disorganised and whoever takes it upon themselves to direct it each year makes basic mistakes like putting everyone on a flat stage or making everyone wave their hands about which means many of the faces are half covered and not recognised. And it seems like the library is not a fan of glasses. It also outputs rect coordinates rather than circle ones which ment Kenny had to do many adjustments. Still it’s an interesting quick dive into a new area for me and maybe next year I’ll get it smoother.

      • A GNOME dev enters an Akademy and…

        And so three days later we traveled to Wien to meet with the KDE community. On arrival, we were pleased by a friendly and joyful ambient on the pre-registration party, which had no registration at all! We were happy to know these issues don’t happen only at GUADEC.

      • postmarketOS at Akademy 2018

        Two weeks ago was Akademy 2018, KDE’s yearly gathering to talk about and develop all things KDE. Since Plasma Mobile (which we have packaged) was of course also represented, a few members of the postmarketOS team decided to attend and meet each other for the first time! @ollieparanoid even took it upon himself to hold a talk about our project, telling everyone what it’s about and what progress has been made since the start. You can view the slides here and this blog post will be updated to include a link to the video of the talk once Akademy’s recordings are put online.

        Besides our own talk, our friend @bshah from Plasma Mobile also had a talk about the progress on running the mainline kernel rather than libhybris or Halium to achieve fully working hardware (slides are available as well). We used this oppertunity to talk with the Plasma Mobile team directly and discuss the future and exchange ideas.

        Also present was TL Lim from PINE64 who kindly offered several of us dev-kits for the Pine A64 including a touch screen, so we can develop postmarketOS on it. Watch out for a port coming to that device!

      • KDE Itinerary – Overview

        As introduced in the previous post there has been some work going on to explore a privacy-by-design alternative to digital travel assitant services like provided by Google or TripIt.

        While probably not noticed by many users, the first building blocks for this have been added in the 17.12 and 18.04 application releases already, and a lot more is coming with 18.08. The following provides an overview of the components that have been extended or created as part of this effort.

      • KDE PIM Junior Jobs are opened!

        Do you want to help us improve your favorite PIM suite but you were always scared by its size and complexity? Well, fear no more! We have collected a bunch of simple and isolated tasks in various parts of the PIM suite that require none or just very basic understanding of how the entire Kontact and Akonadi machinery works. We have documented them and we are prepared to guide you and help you to accomplish the tasks. Those are small simple tasks, but they will make many users (and PIM developers) very very happy.

    • GNOME Desktop/GTK

      • GUADEC 2018

        I was a bit anxious about the travel, It was my first time flying and not only that but I had to spent the night in the Airport due to departure being at 6am. The flights went smoothly and I arrived at Málaga in the evening. Afterwards I took a bus to get to Almeria, it was a pleasant surprise to find out that other gnomies were also on board.

        [...]

        By far the thing I enjoyed the most from GUADEC was the social events. Talking with people about all sorts of thing and seeing perspectives of others from all around the world was a magical experience and though-provoking. I don’t really like going to the beach, but I loved both the beach party and the Sandcastle BoFs. The visit to the Alcazaba Castle and the Flamenco show afterwards was absolutely delightful too.

  • Distributions

    • DuZeru OS: As Easy as It Gets

      DuZeru isn’t going to blow your mind — it’s not that kind of distribution. What it does do is prove that simplicity on the desktop can go a long, long way to winning over new users. So if you’re looking for a solid and simple Linux distribution, that’s perfectly suited for new users, you should certainly consider this flavor of Linux.

    • Red Hat Family

      • Maxta Introduces A Hyperconverged Red Hat Virtualization Offering

        On August 22nd, Maxta Inc announced a pre-configured system of Red Hat Virtualization software and Maxta Hyperconvergence software bundled together on Intel Data Center Blocks hardware. Maxta specializes in hyperconverged software like this and will be demoing it next week at VMworld, booth #1518.

      • Red Hat infrastructure migration solution for proprietary and siloed infrastructure

        Red Hat recently introduced its infrastructure migration solution to help provide an open pathway to digital transformation. Red Hat infrastructure migration solution provides an enterprise-ready pathway to cloud-native application development via Linux containers, Kubernetes, automation, and other open source technologies. It helps organizations to accelerate transformation by more safely migrating and managing workload to an open source infrastructure platform, thus reducing cost and speeding innovation.

      • OVS-DPDK: Migrating to vhostuser socket mode in Red Hat OpenStack

        In the Newton release, the default vhostuser mode in Open vSwitch (OvS) is dpdkvhostuser. In Red Hat OpenStack Platform 10 GA, and subsequent updates till 29th June, the default vhostuser mode is dpdkvhostuser. With the latest update to OSP10 (post 29th June 2018), the default mode has been changed to dpdkvhostuserclient. This post provides the information on vhostuser migration and verifying the vhostuser modes of the VMs created with dpdkvhostuser mode.

        In order to understand the difference between the two modes and the advantage of moving to dpdkvhostuserclient mode, read the OvS documentation onvhostuser modes. In short, vhostuser allows Qemu to fetch/put network data to OvS-DPDK without overloading Qemu with the translation. And the vhostuser socket is a UNIX domain socket, created to establish the communication between Qemu and OvS-DPDK. This communication follows a specific messaging format detailed in theQemu’s vhost user document.

      • 2018 C-Suite Award Winners (AH)
      • Finance

      • Fedora

        • Flock 2018 Reflections

          Flock 2018 is going down in my books as another successful and wonderful Fedora conference! This year Flock to Fedora was held in Dresden, Germany, August 8-11th. I am so thankful to have the opportunity to be a part of this community for another year, and to have the chance to see the impact my contributions make. This year, I attended with the determination to interact more with different parts of the community outside of Fedora design. I made it my goal to liaise with people from other teams to hear their experiences, stories, and to learn how Fedora Badges could help improve each initiative and the project as a whole. Overall, I think I was successful in this venture and would like to share some of the experiences I had.

        • FPgM report: 2018-34
        • 1000 downloads of Scribus unstable in COPR Fedora 28

          What a surprise to see 1000 download of Fedora 28 repository for Scribus Unstable! Thanks a million.

        • Meet Fedora at FrOSCon 2018!
    • Debian Family

      • Debian/TeX Live updates 20180724

        Exactly one month has passed since the last TeX Live for Debian update, so here we are with the usual bunch. Besides the usual updates to macros and font packages, this time I also uploaded a new set of binaries for TeX Live which incorporates several bug fixes to programs.

      • Freexian’s report about Debian Long Term Support, July 2018

        Like each month, here comes a report about the work of paid contributors to Debian LTS.

      • Debian LTS work, July 2018
      • Derivatives

        • Canonical/Ubuntu

          • Cosmic Cuttlefish (to be 18.10) feature freeze

            As per the release schedule, Cosmic is now in Feature Freeze.

          • Feature Development Is Over On Ubuntu 18.10

            Ubuntu 18.10 “Cosmic Cuttlefish” is now under a feature freeze to focus on bug-fixing ahead of the October debut of this next Ubuntu Linux installment.

            Developers should be now working on just fixing bugs/regressions and not new features, but feature freeze exceptions are possible in certain circumstances.

            Ubuntu developer Steve Langasek announced the start today of the feature freeze. Ubuntu 18.10 is aiming for an 18 October release and for that to be the UI freeze is coming up next on 13 September, the beta release on 27 September, and the kernel freeze on 4 October.

          • Canonical Outs Major Linux Kernel Updates for All Supported Ubuntu Releases

            Canonical released today a bunch of major Linux kernel updates for all supported Ubuntu releases to address more than 50 security vulnerabilities affecting various kernel components.

            The new kernel security updates are now available for users of the Ubuntu 18.04 LTS (Bionic Beaver), Ubuntu 16.04 LTS (Xenial Xerus), and Ubuntu 14.04 LTS (Trusty Tahr) operating system series on 32-bit, 64-bit, Raspberry Pi 2, Amazon Web Services (AWS) systems, Google Cloud Platform (GCP) systems, and cloud environments.

          • Ubuntu Membership Board call for nominations

            As you may know, Ubuntu Membership is a recognition of significant and sustained contribution to Ubuntu and the Ubuntu community. To this end, the Community Council recruits from our current member community for the valuable role of reviewing and evaluating the contributions of potential members to bring them on board or assist with having them achieve this goal.

            We have five members of our boards expiring from their terms, which means we need to do some restaffing of this Membership Board.

            [...]

            To nominate yourself or somebody else (please confirm they wish to accept the nomination and state you have done so), please send a mail to the membership boards mailing list (ubuntu-membership-boards at lists.ubuntu.com). You will want to include some information about the nominee, a Launchpad profile link, and which time slot (20:00 or 22:00) the nominee will be able to participate in.

  • Devices/Embedded

Free Software/Open Source

  • How NFV deployments are driven by open source projects

    There is growing demand for efficient networks with low latency and high bandwidth to support innovations such as autonomous cars, connected devices, machine learning, augmented and virtual reality, and real-time analytics.

    To satisfy this demand, communication service providers and telecom operators are adopting new telecom architectures enabled with software-defined networking (SDN) and network function virtualization (NFV). These systems provide faster networks, centralized control, and faster deployment of new services as network function devices turn into software packages called virtual network functions (VNFs) to reduce capital and operating expenditures. With NFV and SDN, many service providers are shifting toward multi-featured 5G networks, which are ideal for the latest technology demands.

  • Nova is an open-source video player for phones, tablets, and Android TV

    inding the perfect media player on the platform you like to enjoy watching or listening to content on can be a pain in the butt. I remember this being such a hassle on the desktop PC until VLC came around, and now most of the people in the know either use it or MPC-HC. Then people began watching more content on their smartphones, and again, it led to a huge search for the go-to application to use. For a long time, this ended up being an application called MX Player, which has been downloaded by over 500,000 million users. As people have begun to move away from MX Player, a new open-source video player has emerged and it is being called Nova.

    So you may wonder if MX Player had such a strong following then why are so many people looking for alternatives? We see this from time to time though. An application gets so big that some feel it becomes bloated with features, and some feel the updates aren’t pushed out fast enough, or a recent user update has tarnished the experience. However, in the case of Android’s most popular media player, it was actually when MX Player was all of a sudden acquired by a media giant in India. This started to worry people because once a popular application gets acquired, the parent company almost always ruins what made it so great.

  • 8 Best Kodi Live TV Addons For Streaming Live Channels | Working Addons 2018

    Kodi is one of the most popular media players mainly because of its versatility. With the help of Kodi addons, you can use the XBMC owned media player for streaming movies, music and even games. It is an open source software that is free to use, and with new Kodi repositories coming by the day, the versatility of Kodi is increasing.

  • Software freedom for the modern era

    True software freedom for this age: you can get the source code of a service you use, and can set it up on your own server. You can also get all your data from the service, and migrate it to another service (hosted by you or someone else). Futher, all of this needs to be easy, fast, and cheap enough to be feasible, and there can’t be “network effects” that lock you into a specific service instance.

  • Startup Taps into Open-Source Operating System Shift
  • Events

    • It’s The Season For A Lot Of Interesting Linux / Open-Source Conferences

      There’s been a number of recent Linux/open-source conferences but more are right on the horizon, including some with video streams for those interested.

      Earlier this month in Boston was Red Hat’s DevConf.us. If you are interested in that free Linux conference, the video sessions from there are now uploaded on YouTube.

  • Web Browsers

    • Mozilla

      • Support Localization – Top 20 Sprint and More

        It’s time to update you about the current status of the localization clean up initiative proposed a while ago. After an initial outreach to hundreds of previously registered contributors around Mozilla, small groups of still active localizers were asked to try and reach the goal of localizing the Top 20 articles into their language.

      • This Week in Mixed Reality: Issue 17, Hubs Edition

        As I do every week, I was going to say it’s mostly be bug fixing. However this week the big news is our update to Hubs, Mozilla’s VR chat system. You can now share any kind of media within Hubs: PDFs, images, music, and even Youtube videos.

      • Bias and Hiring: How We Hire UX Researchers

        This year, the Firefox User Research team is planning to add two new researchers to our group. The job posting went live last month, and after just a few weeks of accepting applications, we had over 900 people apply.

        Current members of the Firefox User Research Team fielded dozens of messages from prospective applicants during this time, most asking for informational meetings to discuss the open role. We decided as a team to decline these requests across the board because we did not have the bandwidth for the number of meetings requested, and more importantly we have spent a significant amount of time this year working on minimizing bias in our hiring process.

        We felt that meeting with candidates outside of the formal hiring process would give unfair advantage to some candidates and undermine our de-biasing work. At the same time, in alignment with Mozilla’s values and to build on Mozilla’s diversity and inclusion disclosures from earlier this year, we realized there was an opportunity to be more transparent about our hiring process for the benefit of future job applicants and teams inside and outside Mozilla thinking about how they can minimize bias in their own hiring.

      • Skill Tree Balancing with a Job Move

        I’m moving from Research to Cloud Ops within Mozilla. The following wall of text and silly picture are a brain dump of new ideas about skills and career growth that I’ve built through the process.

  • Pseudo-Open Source (Openwashing)

    • The Commons Clause – Helpful New Tool or the End of the Open Source as We Know it?

      Almost nothing inspires a spirited discussion among the open source faithful as much as introducing a new open source license, or a major change in an existing license’s terms. In the case of version 3 of the GPL, the update process took years and involved dozens of lawyers in addition to community members. So, it’s no surprise that the pot is already boiling over something called the “Commons Clause.” How energetically? Well, one blog entry posted yesterday was titled The Commons Clause Will Destroy Open Source. The spark that turned up the heat was the announcement the same day by RedisLabs that it was adopting the license language.

      The clause itself is short (you can find it here, together with an explanatory FAQ). It was drafted by Heather Meeker, an attorney with long open source involvement, in conjunction with “a group of developers behind many of the world’s most popular open source projects.”

      It’s also simple in concept: basically, it gives a developer the right to make sure no one can make money out of her code – whether by selling, hosting, or supporting it – unless the Commons Clause code is a minor part of a larger software product. In one way, that’s in the spirit of a copyleft license (i.e., a prohibition on commercial interests taking advantage of a programmer’s willingness to make her code available for free), but it also violates the “Four Freedoms” of Free and Open Source software as well as the Open Source Definition by placing restrictions on reuse, among other issues.

    • Complicating Licensing

      I’ve recently seen a couple of attempts to present non-open source licensing as almost open source. What I’m talking about is Commons Clause and fair source. This sounds a lot like the failed shared source model promoted by companies such as Microsoft in the early 2000. Yes, I’m looking at you redis and neo4j.

      What I find particularly disturbing is the way that both, but especially Commons Clause, attempts to piggyback on the good name of open source. The naming is very close to Creative Commons, and the way that the clause is intended to be introduced is very confusing for the user as the user would see a familiar open source license, and then just a “small” exception.

      I would argue that the way to go about this is to combine a strong copyleft license such as GPLv3, LGPLv3 or AGPLv3, with a CLA. That way a dual licensing model could be used to create a business model. If that is not possible, the [A/L]GPLv3 needs to be improved – not complicated by additional clauses added by a third party.

  • BSD

    • OpenSSH 7.8 released

      OpenSSH 7.8 is out. It includes a fix for the username enumeration vulnerability; additionally, the default format for the private key file has changed, support for running ssh setuid root has been removed, a couple of new signature algorithms have been added, and more.

    • OpenBSD Foundation gets first 2018 Iridium donation!

      This year the first $100K+ donation came from Handshake (https://www.handshake.org).

    • Remote Access Console using Raspberry Pi 3b+ and FreeBSD

      I have a small homelab and I was looking into some sort of KVM console to be able to access them both locally and remotely instead of moving around VGA cables/serial cables.

      Those are rather expensive so I opted to build my own remote access system. Since all my servers and switch(es) have a serial console that should not be to hard.

  • Licensing/Legal

    • Deutsche Bahn Intercity software under EUPL

      This software, distributed under the EUPL, is the open European Train Control System (OpenETCS), the signalling and control component of the European Rail Traffic Management System (ERTMS). It is kind of positive train control, replacing the many incompatible safety systems previously used by European railways. It is becoming a standard that was also adopted outside Europe and is an option for worldwide application. It is managed by the European Union Agency for Railways (ERA) and it is a legal requirement that all new, upgraded or renewed tracks and rolling stock in the European railway system should adopt it, possibly keeping legacy systems for backward compatibility

  • Programming/Development

    • Go 1.11 is released

      Who says releasing on Friday is a bad idea?

      Today the Go team is happy to announce the release of Go 1.11. You can get it from the download page.

      There are many changes and improvements to the toolchain, runtime, and libraries, but two features stand out as being especially exciting: modules and WebAssembly support.

      This release adds preliminary support for a new concept called “modules,” an alternative to GOPATH with integrated support for versioning and package distribution. Module support is considered experimental, and there are still a few rough edges to smooth out, so please make liberal use of the issue tracker.

    • Go 1.11 Released With WebAssembly Port, Assembler Accepting AVX-512 Instructions

      Version 1.11 of the Go programming language is out this Friday as the newest feature update.

    • Project Template for Bison and Flex
    • littler 0.3.4: More updated examples

      The fifth release of littler as a CRAN package is now available, following in the now more than ten-year history as a package started by Jeff in 2006, and joined by me a few weeks later.

      littler is the first command-line interface for R and predates Rscript. And it is (in my very biased eyes) better as it allows for piping as well shebang scripting via #!, uses command-line arguments more consistently and still starts faster. It also always loaded the methods package which Rscript converted to rather recently.

      littler lives on Linux and Unix, has its difficulties on macOS due to yet-another-braindeadedness there (who ever thought case-insensitive filesystems as a default where a good idea?) and simply does not exist on Windows (yet — the build system could be extended — see RInside for an existence proof, and volunteers are welcome!).

    • LLVM 7.0 RC2 Along With The Updated Clang Can Be Tested This Weekend

      LLVM release manager Hans Wennborg tagged the second release candidate this week of LLVM and its associated sub-projects like Clang.

      LLVM 7.0-RC2 has seen “a bunch of merges” for fixing the initial fall-out from the past six months worth of development on this compiler stack. Several bugs were fixed in the process. At least from some recent tests I did on the branched LLVM/Clang 7.0 code, it’s been working out great on several Linux x86_64 boxes.

Leftovers

  • Triumph Of Greed Over Arithmetic

    It gets worse. S3 is by no means the low-cost provider in the storage market. If we assume that the competition is Backblaze’s B2 service at $0.06/GB/yr and that their Kryder rate is zero, FileCoin would need to store 428PB for 10 years before breaking even. Nearly half an Exabyte for a decade!

  • Science

    • Kids are glued to their screens – but parents are in no position to criticize

      And more than half of teens said they often or sometimes find their parents or caregivers to be distracted by their electronic devices when the youngsters are trying to have a conversation with them. The study calls teens’ relationship with their phones at times “hyperconnected” and notes that nearly three-quarters check messages or notifications as soon as they wake up. Parents do the same, but at a lower, if still substantial, rate of 57%.

  • Hardware

    • [Old] Intel settlement: The power of email

      Intel’s rebate payments to Dell maxed out that fiscal quarter, February to April 2006, at $805 million, according to the Cuomo complaint. That figure represented 104% of Dell’s net income for the quarter. (Do these sound like traditional, volume discounts to you, reader?) Nevertheless, Dell capitulated in May and announced plans to introduce one line of AMD-powered servers. Intel’s payments to Dell that quarter dropped to $554 million (which, nevertheless, constituted 116% of Dell’s quarterly net). In August 2006, Dell actually started shipping AMD-powered servers, and in September it unveiled plans to introduce other AMD-powered lines of PCs. The next quarter, its rebate dropped to $200 million.

  • Health/Nutrition

    • Dominican Republic Appeals WTO Plain Packaging Decision

      The Dominican Republic has followed Honduras in appealing a decision by a World Trade Organization dispute settlement panel that found Australia’s tobacco plain packaging law to be allowable under WTO rules. Cuba and Indonesia also had cases against Australia but so far have not appealed.

      The details of the Dominican Republic’s appeal are not yet available from the WTO, and are expected in the coming days. The appeal, WT/DS441/23, will be found here when available.

      The tobacco-producing Caribbean nation had filed a WTO case against Australia in July 2012, and focused on alleged trademark and geographical indications violations. The original filing, WT/DS441/1, is available here.

  • Security

    • Intel ditches Linux patch benchmark ‘gag’, offers ‘innocuous’ new license

      Intel has ditched a controversial licensing agreement that appeared aimed at legally preventing developers from publishing benchmark results that could reveal performance slowdowns caused by its recent security patches.

      As ZDNet reported yesterday, the chip maker was criticized by open-source champion Bruce Perens for slipping new restrictions into the software agreement for maintainers of Linux distributions such as Debian and Ubuntu.

      The changes in license terms came with microcode updates to mitigate Spectre and Foreshadow, or L1 Terminal Fault (L1TF), speculative attacks.

    • No, a Teen Did Not Hack a State Election

      Headlines from Def Con, a hacking conference held this month in Las Vegas, might have left some thinking that infiltrating state election websites and affecting the 2018 midterm results would be child’s play.

      Articles reported that teenage hackers at the event were able to “crash the upcoming midterm elections” and that it had taken “an 11-year-old hacker just 10 minutes to change election results.” A first-person account by a 17-year-old in Politico Magazine described how he shut down a website that would tally votes in November, “bringing the election to a screeching halt.”

      But now, elections experts are raising concerns that misunderstandings about the event — many of them stoked by its organizers — have left people with a distorted sense of its implications.

      In a website published before r00tz Asylum, the youth section of Def Con, organizers indicated that students would attempt to hack exact duplicates of state election websites, referring to them as “replicas” or “exact clones.” (The language was scaled back after the conference to simply say “clones.”)

    • If It Doesn’t Have Paper Backups and Automatic Audits, It’s Not an Election Security Bill

      Right now, the U.S. Senate is debating an issue that’s critical to our democratic future: secure elections. Hacking attacks were used to try to undermine the 2016 U.S. election, and in recent years, elections in Latin America and Ukraine were also subject to cyber attacks.

      It only makes sense to harden the security of U.S. voting machines, which are perhaps the most direct route to impacting an election’s results. But the current bill that’s advancing in the Senate, the Secure Elections Act, is no solution at all. If it isn’t strengthened dramatically, senators should vote against this deeply flawed bill.

      The best solution to stop a possible hack of voting machines is clear: all machines must use a paper trail that’s regularly audited. Many states with voting machines already use paper, but more than a dozen are using at least some machines that provide no paper trail. In five states—New Jersey, Delaware, South Carolina, Georgia, and Louisiana—not a single jurisdiction has a paper trail.

    • OpenBSD Co-Founder Drops Hyper-Threading Support to Mitigate Foreshadow Attacks

      Theo de Raadt, an OpenBSD co-founder has officially announced that the open-source operating system will not utilize Hyper-threading for Intel processors. He complains that Intel isn’t telling them about upcoming discovered threats and the steps that an OS developer needs to take to mitigate against TLBleed and T1TF; otherwise known as “Foreshadow.” He has dropped support for older versions of OpenBSD and asks users to upgrade to version 6.4 as he doesn’t have the manpower to backport the changes.

    • Intel Hyper-Threading Accused of Being a Security Threat

      Following the reveal of the Foreshadow (L1TF) Intel CPU flaw, as well as the previous TLBleed flaw, Theo de Raadt, founder of OpenBSD, which makes a free, multi-platform, UNIX-like operating system, recommended everyone completely disable Intel’s Hyper-Threading in BIOS before hackers start taking advantage of it.

      [...]

      We’ve seen over the past few months that the Meltdown and Spectre flaws were not a one-time vulnerability that we could patch once and then forget about. Multiple Spectre-like speculative execution flaws have been found since Meltdown and Spectre was revealed earlier this year, and chances are we’ll continue to see more of them until the entire class of speculative execution bugs are fixed at the CPU architecture level.

      de Raadt also believes that Hyper-Threading itself will exacerbate most of the speculative execution bugs in the future, which is why now is the best time to disable it. He also recommended updating your BIOS firmware if you can.

      The OpenBSD founder criticized Intel over not being very transparent about how it intends to fix these speculative execution flaws once and for all and also about not properly documenting which operating systems are supposed to do to mitigate these bugs. The OpenBSD team had to learn how to research and develop their own mitigations based on what other operating systems were doing without much help from Intel.

    • Intel Reworks Microcode Security Fix License after Backlash, Intel’s FSP Binaries Also Re-licensed, Valve Releases Beta of Steam Play for Linux, Chromebooks Running Linux 3.4 or Older Won’t Get Linux App Support and Windows 95 Now an App
    • T-Mobile Hacked Again: Over 2 Millions Account Numbers and Addresses Potentially Leaked

      Attackers may have compromised three percent of T-Mobile’s 77 million customers on Monday, revealing personal information like addresses, phone numbers, and account numbers.

      Credit cards, passwords, and social security numbers were not accessed, according to T-Mobile. The company will notify affected customers via text message.

    • T-Mobile hack may have exposed data of 2 million customers

      T-Mobile has revealed that hackers may have stolen the personal information of some of its customers.

      The intrusion took place on Monday, and some customer data “may have been exposed” before the carrier’s cybersecurity team shut off access and reported the breach to law enforcement, it said in a statement.

    • Securing google-authenticator-libpam against reading secrets

      I have recently worked on enabling 2-step authentication via SSH on the Gentoo developer machine. I have selected google-authenticator-libpam amongst different available implementations as it seemed the best maintained and having all the necessary features, including a friendly tool for users to configure it. However, its design has a weakness: it stores the secret unprotected in user’s home directory.

      This means that if an attacker manages to gain at least temporary access to the filesystem with user’s privileges — through a malicious process, vulnerability or simply because someone left the computer unattended for a minute — he can trivially read the secret and therefore clone the token source without leaving a trace. It would completely defeat the purpose of the second step, and the user may not even notice until the attacker makes real use of the stolen secret.

    • A Rant on Single Function Security Tools
    • Mirai Variant Cross-Compiles Attack Code with Aboriginal Linux [Ed: This malware relies on systems being compromised in the first place, e.g. due to default password that's uniform]
    • Mirai IoT Malware Variant Abuses Linux Cross-Compilation Framework
  • Defence/Aggression

    • Zimbabwe ambassador to Senegal found dead in Dakar

      Zimbabwe’s ambassador to Senegal and The Gambia, Trudy Stevenson, has been found dead in Dakar on Friday.

      The 73-year-old diplomat was reportedly discovered at her residence by her chauffeur when he reported for duty.

      The Zimbabwean foreign affairs and international trade ministry confirmed the death of the diplomat, but could not shed more light, saying government was yet to talk to the family.

      “It is true Ms Stevenson has passed, but we are yet to get in contact with all the relatives,” an official in the ministry said.

    • Zim ambassador to Senegal found dead in Dakar
    • US Military Admits It Killed Dozens More Civilians Than Previously Acknowledged. Now What?

      In June and July, the US-led Coalition of countries fighting the armed group calling itself the Islamic State admitted that reports of civilian casualties it had previously dismissed as “not credible” were, in fact, correct: in its assault on Raqqa, Syria, last year, Coalition forces had killed at least 77 civilians, as documented earlier this year by Amnesty International. The Coalition also acknowledged that an attack on a school near Raqqa had likewise killed dozens of civilians, as documented by Human Rights Watch – a claim also previously dismissed as “not credible.”

      This grim news represents a step forward of sorts for the Coalition. Previous reports of civilian deaths at the hands of U.S. or Coalition forces by Amnesty, the United Nations and other human rights organizations had been dismissed out of hand. When Amnesty, where I work, reported on civilians killed by U.S. drone strikes in Pakistan, for example, we received no response at all. That may have been because the government would not even acknowledge it had engaged in drone strikes in the country—regardless, it left deaths publicly uncounted.

  • Transparency/Investigative Reporting

    • Reality Winner Will Spend Five Years In Jail For Leaking Info Government Officials Released Publicly

      This is the longest sentence ever imposed under the Espionage Act. And it’s being imposed for a leaked document confirming much of what had been been discussed publicly by intelligence officials: that Russia interfered with the 2016 election. Winner will spend five years in jail for leaking information other government officials have published in full.

      Espionage charges are easy to prosecute. The defendant’s options are limited. They’re unable to raise defenses about serving the public interest or acting as whistleblowers. This was document turned over to a media agency. This was not a document detailing crucial national security matters being handed to agents of an unfriendly government.

      Winner isn’t a martyr, but neither is she the despicable villain portrayed in the DOJ’s official statement on its easy win. Twice the statement reminds us her act was not a “victimless crime.” In case we’re unable to get the point, it’s delivered in all caps once. Bold print highlights various incidentals the US Attorney thinks are particularly nefarious — like Winner KNOWINGLY disseminating a document with TOP SECRET printed across the top of it even though it EXPOSED SOURCES AND METHODS and it will apparently take the US intelligence community years to recover.

    • Former MI6 spy v WikiLeaks editor: Who really deserves 1st Amendment protection?

      If ‘Dirty Dossier’ author Christopher Steele deserves protection under the 1st Amendment but WikiLeaks’ Julian Assange doesn’t, then the concept of a free press is merely a distant memory.
      While it is all too easy to become frustrated and annoyed by what passes for news in the legacy media these days, this article in the Daily Mail did arouse my particular ire earlier this week – and in this instance no particular blame attaches to the newspaper, it is simply reporting some unpalatable facts.

      The gist of it is that former British MI6 intelligence officer and current mercenary spy-for-hire, Christopher Steele, author of the discredited ‘Dirty Dossier’ about Donald Trump, has been accorded First Amendment rights in a court case in the USA.

      You might wonder why this article caused me so much spluttering annoyance over my breakfast? Steele’s treatment is in marked contrast to that accorded to WikiLeaks Publisher and Editor-in-Chief, Julian Assange, and the hypocrisy is breathtaking. Allow me to expound.

    • Julian Assange and the Fate of Journalism

      Julian Assange is the Australian founder of Wikileaks—a website dedicated to the public’s right to know what governments and other powerful organizations are doing. Wikileaks pursues this goal by posting revelatory documents, often acquired unofficially, that bring to light the criminal behavior that results in wars and other man-made disasters. Because Wikileaks’ very existence encourages “leaks,” government officials fear the website, and particularly dislike Julian Assange.

      Essentially, Wikileaks functions as a wholesale supplier of evidence. Having identified alleged official misconduct, Wikileaks seeks to acquire and make public overwhelming amounts of evidence—sometimes hundreds of thousands of documents at a time—which journalists and other interested parties can draw upon. And since the individuals and organizations being investigated are ones ultimately responsible to the public, such a role as wholesale supplier of evidence can be seen as a public service.

    • Ecuador leaves Venezuelan-run regional alliance

      Ecuador has withdrawn from a regional bloc led by Venezuela in a bid to further distance itself from that country’s socialist government.

      Foreign minister Jose Valencia said on Thursday that Ecuador has decided to abandon the Bolivarian Alliance for the Peoples of Our America, or ALBA, immediately because Ecuador wants to be “independent” of organizations that are trying to impose “specific views” on Latin America’s social and political issues.

      ALBA was created in 2004 by the late Venezuelan President Hugo Chavez in a bid to counter U.S. influence in the region. It currently has 12 members that include Nicaragua, Bolivia, Cuba and several small Caribbean islands.

    • Let a hundred WikiLeaks blossom

      When WikiLeaks exploded onto the scene a decade ago, it briefly seemed like the internet could create a truly open society. Since then, Big Brother has fought back.

      Every day now, we hear complaints about the growing control of digital media, often from people who apparently believe the concept was originally an unregulated free-for-all.

      However, let’s remember the origin of internet. Back in the 1960s, the US Army was thinking about how to maintain communications among surviving units in the event that a global nuclear war destroyed central command. Eventually, the idea emerged of laterally connecting these dispersed units, bypassing the (destroyed) center.

      Thus, from the very beginning, the internet contained a democratic potential since it allowed multiple direct exchanges between individual units, bypassing central control and coordination – and this inherent feature presented a threat for those in power. As a result, their principle reaction was to control the digital “clouds” that mediate communication between individuals.

      “Clouds” in all their forms are, of course, presented to us as facilitators of our freedom. After all, they make it possible for me to sit in front of my PC and freely surf with everything out there at our disposal – or so it seems on the surface. Nevertheless, those who control the clouds also control the limits of our freedom.

      [...]

      But my point here is that I was repeatedly attacked for my report on this case: the reproach was that by describing the case I reproduced it and thus repeated it symbolically. Although, I shared it with strong disapproval, I allegedly secretly enabled my listeners to find perverse pleasure in it.

      And these attacks on me exemplify nicely the “politically correct” need to protect people from traumatic or disturbing news and images. My counterpoint to it is that, in order to fight such crimes, one has to present them in all their horror, and one has to be shocked by them.

    • Reality Winner could get record-setting sentence in NSA leak case

      Reality Winner, who pleaded guilty in June to leaking a top-secret government report about Russian meddling in the 2016 election, could receive a record-setting prison term when she is sentenced in a federal court in Augusta Thursday, court records show.

      The former National Security Agency contractor faces up to 10 years in prison. But her plea deal with prosecutors calls for her to serve five years and three months behind bars. That is longer than anyone else has been sentenced for an “unauthorized disclosure to the media,” federal prosecutors said in a court filing this month.

      The prosecutors are urging Chief U.S. District Court Judge J. Randal Hall to agree to the sentence spelled out in her plea deal. If the judge instead moves to give her a longer sentence, Winner, 26, could withdraw her guilty plea and go to trial.

  • Finance

    • Farmer shows ubuntu, gives land to his workers

      Colin Forbes also provided mentorship and resources, including supplying them with the initial seeds, fertilisers, pesticides and diesel to operate machinery.

      In the small town of Amsterdam in Mpumalanga, a community of farm workers are finally building brick houses for themselves after farm owner Colin Forbes gave a portion of his land to his employees.

      Forbes’ family has owned Athole Farm in the small town near the Swaziland border since 1860.

      Seven years ago, he followed his father’s idea of showing humanity to their workers by giving away 10% of the farm to them.

    • Bad News for Donald Trump, China is Already Bigger Than the United States

      Actually, China’s economy is already considerably bigger than the US economy. Using the purchasing power parity measure, which is recommended by most economists and the CIA World Factbook, China’s economy is already more than 25 percent larger than the US economy. It is also worth noting that there are no growth projections from any remotely reputable source that show the US economy growing more rapidly than China’s economy.

  • AstroTurf/Lobbying/Politics

    • Why Manafort and Cohen Thought They’d Get Away With It

      Oh, the audacity of dopes. The crimes of Paul Manafort and Michael Cohen are notable not just for how blatant they were but also for their lack of sophistication. The two men did little to hide their lying to banks and the Internal Revenue Service. One can almost sympathize with them: If it wasn’t for their decision to attach themselves to the most unlikely president in modern history, there’s every reason to think they might be still working their frauds today.

      But how anomalous are Mssrs. Manafort and Cohen? Are there legions of K Street big shots working for foreign despots and parking their riches in Cypriot bank accounts to avoid the IRS? Are many political campaigns walking felonies waiting to be exposed? What about the world of luxury residential building in which Cohen plied his trade with the Trump Organization?

      The answer is more disturbing than the questions: We don’t know. We don’t know because the cops aren’t on the beat. Resources have been stripped from white-collar enforcement. The FBI shifted agents to work on international terror in the wake of 9/11. White-collar cases made up about one-tenth of the Justice Department’s cases in recent years, compared with one-fifth in the early 1990s. The IRS’ criminal enforcement capabilities have been decimated by years of budget cuts and attrition. The Federal Election Commission is a toothless organization that is widely flouted.

      No wonder Cohen and Manafort were so brazen. They must have felt they had impunity.

    • Do NOT Let Them Make A Saint Of This Asshole

      John McCain’s family has announced that the Arizona Senator has opted to end treatment for brain cancer and live out his final few days in peace, presumably under the best hospice care money can buy. And I sincerely hope that it is peaceful. My statements about my desire for John McCain to shuffle off this mortal coil sooner rather than later have been highly publicized, and I stand by all of them, but I don’t wish him a painful or agitated end.

      And, also, I am going to keep hammering on how very important it is that we refuse to bow to the aggressive demands from establishment loyalists that we be respectful of this warmongering psychopath and his blood-soaked legacy.

      [...]

      One of the most aggressively protected narratives in corporate liberal circles is that John McCain is a hero whose very name should be uttered with the greatest reverence. It gets traction with rank-and-file Democrats because supporting McCain for his opposition to Trump allows them to feel as though they are non-partisan free thinkers, in exactly the same way Trump supporters believe their hatred of McCain makes them non-partisan free thinkers. In reality, McCain is just one of the many bloodthirsty neocons like Bill Kristol and Max Boot who have aligned themselves with the Democratic party in recent years in order to better advance their warmongering agendas.

      It is those agendas that are being promoted with the hero worship of John McCain. By committing the outrageous heresy of mocking, ridiculing and scorning that sacred cow, we are fighting the attempts of the empire loyalists and war propagandists to normalize and sanctify the act of inflicting neoconservative military bloodbaths upon innocent people around the world.

    • Mystery group blankets Michigan seeking ballots from 2016 election

      Clerks around the state are getting blanketed with requests to turn over every ballot cast in the 2016 election, as they try to recover from record turnouts in the August primary and prepare for November.

      The new challenge comes compliments of a woman named “Emily” with no last name.

      Nearly every clerk in Michigan has received Freedom of Information Act requests signed by Emily asking for copies of every ballot cast in the 2016 presidential election — whether at the polls or by absentee ballot. Voter signature cards have even been sought.

      “It’s unnerved a lot of the clerks, rightfully so,” Michigan Director of Elections Sally Williams said Friday.

  • Censorship/Free Speech

    • New York State Can’t Be Allowed to Stifle the NRA’s Political Speech

      The First Amendment bars state officials from using their regulatory power to penalize groups merely because they promote disapproved ideas.

      It’s no secret that New York Gov. Andrew Cuomo is no fan of the National Rifle Association. A mailer his campaign sent to New York voters this week proclaims, in bold letters: “If the NRA goes bankrupt, I will remember them in my thoughts and prayers.”

      There’s nothing wrong with the governor singling out a political adversary for criticism, or even mockery. That’s just politics, and the NRA itself is no stranger to hardball tactics.

      But in a lawsuit the NRA filed against Cuomo this spring, the organization contends that he did more than criticize it. The NRA alleges that Cuomo and top members of his administration abused their regulatory authority over financial institutions to threaten New York banks and insurers that associate with the NRA or other “gun promotion” groups, and that those threats have jeopardized the NRA’s access to basic insurance and banking services in New York.

      In the ACLU’s view, targeting a nonprofit advocacy group and seeking to deny it financial services because it promotes a lawful activity (the use of guns) violates the First Amendment. Because we believe the governor’s actions, as alleged, threaten the First Amendment rights of all advocacy organizations, the ACLU on Friday filed a friend-of-the-court brief supporting the NRA’s right to have its day in court.

    • Post Valve’s ‘Hands Off’ Games Curation Announcement, Everything Is A Mess

      Back in June we discussed Valve’s somewhat odd announcement that it was getting out of the games curation business, and opening its platform to what it said would be far more games. The restrictions on what type of content would now be allowed on the gaming platform was said to mostly be limited only to games that are “trolling” or “illegal.” As with all things Valve, this apparent announcement aimed at transparency and making sure developers knew what expectations Valve had for games on Steam mostly achieved the exact opposite, with everyone wondering immediately what qualified as “trolling.” Nobody could really agree on where exactly Valve would be drawing the lines on the types of content it would allow. That said, most people, including most of the participants of the podcast we conducted on the topic, essentially agreed that this would chiefly allow more games with sexual content onto the platform.

      And, yet, it seems that even that hasn’t been true thus far. Kotaku has a post up discussing the many, many sexuality related games that had been disallowed from Steam, but which were gearing up to be included based on the new policy. It seems the policy hasn’t opened up the platform to many of them after all.

    • Trump’s Anti-press Rhetoric Is Dangerous, But His Actions Are Worse

      In a coordinated response to Trump’s incessant attacks on the press, more than 300 news organizations joined together last week and published editorials about the important role of a free press.

      The effort is led by the Boston Globe, who called for editorial boards of publications across the country to publish their own editorials defending—in their own words—the importance of press freedom. Participating publications include outlets big and small, from the New York Times to small, local, and independent papers.

      Trump has called the press “enemy of the American people,” and said that journalists “don’t like our country.” He responded to the editorials in a predictably petty manner. He has also vowed to revoke broadcast licenses over coverage he didn’t like, and has threatened to sue critical news organizations and journalists. And, of course, he engages in constant Twitter diatribes about “fake news.”

      The president’s verbal attacks on the press are certainly appalling, but his rhetoric gets an outsized amount of attention, when his administration’s actions against press are much worse. They deserve just as much condemnation as his tweets.

    • Dubious Studies And Easy Headlines: No, A New Report Does Not Clearly Show Facebook Leads To Hate Crimes

      Those are some fairly bold claims, and certainly worth exploring. However, it’s not exactly clear that the paper actually can support such claims. You can download a copy of the 75 page paper yourself, entitled Fanning the Flames of Hate: Social Media and Hate Crime by two PhD students, Karsten Müller and Carlo Schwarz, both from the University of Warwick. For what it’s worth, people have pointed out that this paper has not yet been peer reviewed, and an earlier version of this paper got some less breathless press coverage a few months ago. But, the NY Times is the NY Times.

      The paper definitely presents some interesting data, and it should be applauded that researchers are exploring these issues — though separating out the actual causal variables seems like a difficult task. The researchers do appear to have fairly thorough data on anti-refugee attacks throughout Germany. The Facebook data, however, seems a lot less solid. A few people have been breaking down the problems with the study online, including Jonas Kaiser, Dean Eckles and Hal Hodson, who all convincingly argue that the NY Times is overplaying what the study actually shows.

      Before I dig in a bit, I should note that part of the problem here is that the necessary Facebook data to do this kind of study is hard to come by. Earlier this year, Facebook announced that it would be giving some academics access to data in order to do just this kind of research (though more focused on election impact, but this should be similar). And, it would be damn helpful if Facebook were willing to give out the kind of data needed in order to actually do the kind of study that was presented in this paper.

    • Today In Useless Surveys: Some People Want Internet Companies To Stop Filtering News And Some Don’t.

      Sometimes public sentiment is useful. And sometimes it’s only useful in demonstrating how little the general public understands some issues. It would appear that a new survey done by the Knight Foundation about how the internet giants should handle “news” content is one of the latter ones. While there’s lots of discussion about what the poll results “say,” the only thing they really say is that the public has no clue about how the internet and news works — and that should be the focus. We need much greater tech and media literacy. Unfortunately, the poll seems more likely to do the opposite.

      [...]

      There’s a little bit more of a discussion about the breakdown based on age, but there is no discussion of what the fuck this even means — because it means literally nothing. What “regulations” do newspapers and broadcast news face? Well, not much? But, it really kind of depends. Broadcast news may face some FCC regulations because they use the public airwaves. But newspapers don’t. And internet sites don’t. Because they don’t use the public airwaves. Other than that, they already face the same basic “rules and regulations.” So it’s not at all clear how — as a bunch of people have claimed — this study supports the idea for “increased” regulation of internet sites.

      Honestly, this feels like a kind of push poll and it’s kind of shameful that the Knight Foundation and Gallup — both of which should know better — would do such a thing. After asking all these random amorphous meaningless questions about internet platforms, they then jump in with a question about regulating the platforms without defining or clarifying what regulations they’re even talking about, in an area where the vast majority of the public will have literally no idea what those limited regulations are? What good is that other than to just get people to say “sure, they should all be on an equal footing.”

    • More Student Press Censorship Alleged at Liberty

      Officials at Liberty University fired two student editors with a history of mixed coverage from the institution’s newspaper, the second occasion in which the religious university has come under fire for press censorship.

      [...]

      Liberty is led by President Jerry Falwell Jr., who was criticized in 2016 after he stopped The Champion from publishing a column that slammed then candidate Donald Trump for remarks on the notorious leaked Access Hollywood recording. Falwell, a vocal Trump supporter, said the column was “redundant,” as the newspaper had just run a piece about Trump.

      Suppression of student press at religious institutions is well documented. A group of student journalists at Taylor University in Indiana surveyed student reporters at religious colleges and universities and found widespread reports of censorship.

    • Free Speech in Peril as #Resistance Hero John Brennan Loses Security Clearance

      After President Donald Trump revoked his security clearance last week, John Brennan arose as a Hero of Free Speech. On Twitter he announced in terms designed to stir the corpses of the Founding Fathers “This action is part of a broader effort by Mr. Trump to suppress freedom of speech. My principles are worth far more than clearances. I will not relent.” Twelve former senior intelligence officials agree, calling Trump’s revocation “an attempt to stifle free speech.”

      No less than Ben Wizner, a director at the ACLU, stated “The First Amendment does not permit the president to revoke security clearances to punish his critics.” Even Republicans like Bob Corker, the retiring Senate Foreign Relations Committee chair said “It just feels like sort of a… banana republic kind of thing.” For emphasis, Corker also said the revocation was the kind of thing that might happen in Venezuela. Referring to a list of other former Obama officials whose clearances Trump may revoke, Senator Mark Warner, the top Democrat on the Intelligence Committee, said “It was almost… a Nixonian enemies list.” Admiral William McRaven, former SEAL and bin Laden killing superhero said of Trump’s revocation “Through your actions, you have embarrassed us in the eyes of our children.” A letter to the New York Times demanded a military coup to end Trump’s reign.

      [...]

      Is it all political? Sure. What was the point of Brennan, or other Obama-era officials unlikely to be consulted by the Trump administration, of having clearances that outlived their government tenure anyway? Brennan in particular was using his security clearance to monetize his experience, and to bolster his opinions with the tang of inside knowledge. There is no government interest in any of that, and the government has no place allowing Brennan to hold a clearance for his own profit. Shutting him down preserves the whole point of issuing anyone a clearance, granting them access to America’s secrets so that they can do Uncle Sam’s work. A clearance isn’t a gift, it’s a tool issued by the government to allow employees to get some work done. Brennan is working now only for himself, and deserved to lose his clearance.

    • Arrow season 7 is so violent that it’s testing The CW’s censorship limits

      We already know that Stephen Amell has had, in his words, “the shit kicked out” of him thanks to Arrow’s gritty seventh season. But we didn’t realise just how violent the show is set to be.

      Revealing just how far Arrow is pushing the boundaries ahead of its return, the series’ long-time stunt coordinator James Bamford recently admitted they’re trying their best to reach the limit.

      Talking about an unprecedented phone call Bamford and showrunner Beth Schwartz had with the show’s censors, the stuntman told Newsarama: “We are really trying to push the limits on the show in the gritty factor.

    • Music censorship in Northern Nigeria

      In Northern Nigeria, music has long been used as a tool for social criticism: a powerful means of speaking out against tyranny, corruption and oppression. However, artists who attempt to use their music to convey socio-political messages often find themselves the victims of censorship and other forms of official reprimand. This article provides an overview of censorship in Northern Nigerian music.

      [...]

      The most radical form of censorship in the region has stemmed from the introduction, in 1999, of Islamic sharia law in states with dominant Muslim populations, such as Zamfara, Kano, Sokoto, Katsina, Bauchi, Borno, Jigawa, Kebbi and Yobe. In these states, sharia is used to outlaw sensual and vulgar musical content. The Kano State Censorship Board (KSCB), arguably the most visible censorship body in Northern Nigeria, was established in 2001. Since its founding, it has faced allegations of intimidation and arrests within Kano, prompting an exodus of artists to neighbouring states perceived to be more liberal and friendlier to their craft.

  • Privacy/Surveillance

    • Android Collects 10x Data Than Apple iOS When Idle: Report

      A new study has surfaced that says Google collects way more data from Android than Apple does through iOS. Most of the data taken into account is collected through passive means, i.e., when the Android device is idle or stationary. But Google captures a lot of data while the device is being used as well.

    • Google Tracks Users In Incognito Mode Too, Study Suggests

      If you think that using incognito mode in Chrome would really hide your footprints, you are in for a shock. A new report says that user-anonymous identifiers are collected while browsing in private mode and Google has the ability to connect this information to your Google Account.

      Let’s say you open up a private browser session in Chrome. Websites that run Google ads automatically send anonymized cookies to the browser associated with the user.

    • Sydney airport seizure of phone and laptop ‘alarming’, say privacy groups

      A British-Australian citizen travelling through Sydney airport has had his devices seized, and believes his laptop password cracked and his digital files inspected by Border Force officers, in what privacy groups say is a worrying development.

      Nathan Hague, a 46-year-old software developer, was detained apparently at random for 90 minutes while the officers took his phone and password-protected laptop into a back room.

      Hague said the officers refused to tell him what would be done with his devices, why they were being inspected or whether his digital data was being copied and stored.

    • Appeals Court: City-Owned Utility Pulling Electric Use Info Every 15 Minutes Is A Search

      An oddball, but interesting, decision [PDF] flowing from the Supreme Court’s Carpenter ruling has been issued by the Seventh Circuit Court of Appeals. While the Carpenter decision centered on the long term collection of historic cell site location information, the ruling could be applied to a number of situations where records created by citizens are stored and housed by other parties and accessible without a warrant.

      This case deals with smart meters, issued by the government (via the public electric utility) to track electric use in citizens’ homes. With the old meters, readings were performed by utility employees every few weeks. The new smart meters send back info on electric use every fifteen minutes. This frequency was chosen by the City of Naperville government. It could have gone with something less intrusive, but it chose this method instead.

      The city was sued by citizens opposed to being snooped on by the new smart meters. The plaintiffs argued the frequent readings allowed to government to make a great deal of inferences about activities inside citizens’ homes, based on the rolling delivery of energy use amounts. The district court tossed the case. So does the Appeals Court, but only after making some interesting findings. (via Orin Kerr/Volokh Conspiracy)

      First, the court rules that the government’s use of smart meters to retrieve information about electric usage is actually a search under the Fourth Amendment. To do that, it looks to the Supreme Court’s Kyllo decision, which dealt with the warrantless deployment of thermal imaging scanners by law enforcement. That decision found deployment to be a search, even if officers never physically entered the residences being scanned. Enough could be inferred about inside activity from the thermal images to be considered a search under the Fourth Amendment. The Appeals Court says the same rationale applies here.

    • Facebook’s ‘Privacy Protecting’ VPN Booted From Apple Store For Snooping Too Much

      Back in February we noted how Facebook had launched a new security tool the company promised would “help keep you and your data safe when you browse and share information on the web.” The product was effectively just reconstituted version of the Onavo VPN the company acquired back in 2013. We also noted how some reports were quick to point out that instead of making Facebook users’ data more private and secure, Facebook used the VPN to track users around the internet — specifically what users were doing when they visited other platforms and services.

      [...]

      Admittedly, Apple’s app store approval process is certainly its own type of terrible. But the report notes that Apple demanded that Facebook “voluntarily” remove the app, and Facebook complied. As such, iOS users can no longer download the app, and users that have already installed it will no longer receive updates for it. It is, however, still available over at the Google Play store, if giving Facebook even greater insight into your online activity is a prospect that excites you.

      The whole kerfuffle only punctuated our repeated point that VPN’s aren’t some kind of mystical privacy panacea. In the wake of the GOP killing broadband privacy rules and the myriad other privacy and hacking scandals, countless people have been flocking to VPNs under the mistaken belief that a VPN is some kind of silver bullet. But a VPN is only as good as the people running it on the other end. And if the people on the other end are running scams or lying about what data is collected and stored (which is incredibly common in the VPN realm) you’re not a whole lot better off.

  • Civil Rights/Policing

    • ‘My Son is Traumatized’: One Separated Family’s Reunion

      The reunion offers a window into what medical experts warned: For children, the trauma of separation can linger far past reunion.

      Inside a Texas detention center, 3-year-old Sammy* was asleep next to his father, Ever Reyes-Mejia, on the ground with a tin foil emergency blanket when an Immigration and Customs Enforcement official told Ever that he needed to go see an immigration judge and fill out some paperwork. Ever asked whether he should leave his son asleep and was told that he would return shortly and there was no need to wake him.

      That was the last time Ever saw his son before ICE took Sammy across the country to Bethany Christian Services, a foster care agency in Michigan.

      Fleeing violence in Honduras, Ever and Sammy came to the United States in April 2018 seeking asylum, presenting themselves to immigration authorities at the McAllen Bridge in Texas. They were two of the thousands of parents and children who were forcibly separated under the Trump administration’s family separation policy. Ever and Sammy were separated for almost three and half months. During that time, Sammy was so upset that he refused to speak to his father on the phone.

      On June 26, a federal judge, ruling in the ACLU’s class-action lawsuit, ordered the U.S. government to stop the separation of families and to reunite those who had already been torn apart. Ever was among the first group of parents prioritized for reunification because Sammy was under the age of 5.

    • Celebrate Women’s Suffrage, but Don’t Whitewash the Movement’s Racism

      Sojourner Truth and Mary Church Terrell are among the activists who endured deeply entrenched racism while fighting for Black women’s right to vote.

      My 94-year-old great-aunt, Paralee Wilmer — we call her Aunty Lee — voted for the first time after moving to Cincinnati, Ohio, in 1944. Born to no-nonsense, small farmers in Millers Ferry, Alabama, and the youngest daughter of 12 children, Aunty Lee was one among many African Americans who moved from the South to the North in search of better job opportunities and greater freedoms during the The Great Migration. These freedoms included the right to vote without intimidation or any other hindrance.

      Aunty Lee’s memory is a bit cloudy regarding whether the first time she cast her ballot was in an election for local politicians or a presidential race, but one thing she knows for sure is her pastor at the time inspired her to exercise her constitutional rights and fulfill her civic duties. He said, “When it’s time to vote, make sure you vote. When it’s time to do grand jury, make sure you go.”

      At age 20, Aunty Lee understood the magnitude of her pastor’s advice, given the disenfranchisement of Black folks that she witnessed growing up in Millers Ferry — including poll taxes, literacy tests, and outright violence and intimidation that prevented Black people from voting. To be a Black citizen in America but denied full citizenship rights epitomizes the hypocrisy of American democracy. This is a sad truth that I repeat like a blues refrain to my students.

      This summer — as the nation celebrates the 170th anniversary of the first major convention for women’s rights at Seneca Falls and the 98th anniversary of the 19th Amendment to the Constitution, which granted women the right to vote — how do we reconcile widespread narratives of a triumphant, steady march towards women’s enfranchisement with the more complicated and painful reality of my great-aunt’s lived experience as a young, Black woman in Jim Crow America?

      One word: intersectionality.

    • Joe Bryan’s Attorneys Ask For New Trial, Say Murder Conviction Built On Faulty Forensics

      In the tiny central Texas town of Comanche, in the same courtroom where he was convicted nearly three decades ago of murdering his wife, Joe Bryan and his attorneys finally got the opportunity this week to make their case that the 77-year-old former high school principal deserves a new trial.

      Over three days, they presented a succession of witnesses who testified that the forensic evidence used to convict Bryan of his wife’s 1985 murder was faulty, and that new evidence pointed to a possible alternative suspect in the killing.

      The hearing — which held out the tantalizing promise of winning Bryan a fresh chance to prove his innocence — drew dozens of spectators who packed the hard-wooden benches inside the Comanche County courthouse. Lining the two front rows were Bryan’s family members, who wore matching red t-shirts emblazoned with the words “Justice For Joe.”

      Behind them, Clifton residents who had not seen Bryan since the 1980s crowded in beside law students, reporters, and top attorneys with the Innocence Project of Texas, who were on hand to assist with Bryan’s case. Penny Blue, the sister of Joe’s late wife, Mickey, sat by herself in the back of the courtroom.

    • Another Prison Phone Service Caught Recording Privileged Conversations And Passing Them On To Law Enforcement

      The law was broken and no one on the law enforcement side did anything to fix it. That split-second decision made during an rapidly-evolving situation (or whatever) may come back to haunt Boston and his Sheriff’s department cohorts. In this mess of 1,000 calls hang 58 serious criminal cases, running the gamut from gang-related charges to the attempted murder prosecution of the offspring of a reality TV star.

      The “technical error” was exposed during the trial of Joshua Waring, the son of a star of “Real Housewives of Orange County.” Inmate services director Greg Boston testified during this case, exposing Global Tel Link’s screwup and the apparent partaking of ill-gotten goods by local law enforcement.

      The Orange Court Sheriff’s Department claims it instructed the service provider to fix the problem when it discovered it had access to privileged recordings. But that hardly explains how Global Tel Link managed to record 1,000 calls it never should have recorded before someone on either end actually noticed the issue. According to Waring’s attorney, the “technical error” went unaddressed for three years, suggesting the OCSD didn’t mind having access to privileged conversations, even when it knew the recordings were illegal under state law.

    • Sanitation Salvage Ordered to Halt Trash Collections

      The agency that oversees New York’s private trash industry ordered Sanitation Salvage, one of the city’s largest haulers, to halt operations, saying the company poses “an imminent danger to life and property.”

      “This company has demonstrated time and time again that they value profit over the lives of New Yorkers and the well-being of their workers,” Mayor Bill de Blasio said in a statement. “We are immediately suspending this company’s license following a pattern of unsafe practices.”

      The action comes after Sanitation Salvage trucks killed two men between November 2017 and April 2018. Those deaths prompted local politicians and community groups to demand closer oversight of a dangerous industry that sends trucks racing through the streets of New York every night.

      The Business Integrity Commission, or BIC, released a five-page order that said the company cannot collect trash in New York City until the commission completes an audit and determines that Sanitation Salvage is no longer a danger to the public.

    • Research Paper Shows Militarized SWAT Teams Don’t Make Cops — Or The Public — Any Safer

      A study has been released confirming what many have suspected: militarization of law enforcement doesn’t make communities safer, has zero effect on officer safety, and is rarely deployed as advertised when agencies make pitches for the acquisition of military gear.

      The most frequent recipient of military tools and training are SWAT teams. Professor Jonathan Mummolo’s research — published by the National Academy of Sciences — gained unprecedented access to SWAT deployment numbers, thanks to a public records request and a Maryland state law requiring documentation of every SWAT raid performed. (That law was allowed to expire by legislators who apparently felt it provided too much transparency and accountability.)

    • CIA Whistleblower: John Brennan Is Out For Himself, Not the Resistance

      Donald Trump’s revoking of ex-CIA Director John Brennan’s security clearance has re-ignited a bitter public feud. Ex-CIA torture whistleblower John Kiriakou argues that given Brennan’s record and personal ambitions, he is not a trustworthy Resister.

    • Lithuania says will not appeal European court ruling over CIA jail

      Lithuania on Wednesday said it would not appeal a European court ruling that the Baltic state had been complicit in a clandestine CIA programme by holding terror suspects at a secret detention site on its territory.

      “We decided it would make no sense to appeal to the Great Chamber because there are no legal criteria for that,” government official Karolina Bubnyte Sirmene told AFP.

      The European Court of Human Rights ruled in May that Lithuania hosted a secret prison from February 2005 to March 2006, when CIA operatives held Abu Zubaydah, considered a top Palestinian operative for Al-Qaeda.

      The EU and NATO state was ordered to pay 100,000 euros ($116,000) in damages to Zubaydah for enabling US authorities to subject him to “inhuman treatment”.

  • Internet Policy/Net Neutrality

    • T-Mobile Begs Small Wireless Carriers To Support Its Awful Merger. The Problem: They Hate It Too

      We’ve repeatedly explained how T-Mobile and Sprint’s latest attempt to merge will be terrible for both jobs and competition. Despite what T-Mobile and Sprint executives have claimed, history suggests the reduction of total wireless carriers from four to three will likely result in less incentive than ever to seriously compete on price. Similarly, while T-Mobile and Sprint have told regulators that the deal will somehow create an explosion in new jobs, Wall Street analysts have predicted that the deal could kill off anywhere from 10,000 to 30,000 jobs as the new company inevitably eliminates redundant positions.

      While some diehard T-Mobile and Sprint fans have bought into these claims, most objective observers with a firm grasp on history realize that the promised “synergies” of telecom mergers like this one almost never materialize. And the obvious impact on competition and jobs is a major reason this merger and others like it (including AT&T’s attempt to acquire T-Mobile) have been scuttled by regulators. There’s simply too many examples of this kind of consolidation resulting in massive monopolies with little incentive to give a damn (hi Comcast and AT&T, didn’t see you standing there).

      T-Mobile’s looming merger is so unpopular, the company was forced to quietly hire Trump ally Corey Lewandowski in an effort to seal the deal (the whole mocking a kid with Down Syndrome thing be damned). Reuters notes that the company has also started reaching out to smaller wireless carriers, urging them to not only express support to the FCC, but submit favorable editorials to major papers supporting the merger.

    • Verizon tries to douse criticism, touts “priority access” for first responders

      Verizon officials were contrite and apologetic during a California State Assembly committee hearing that was convened Friday to examine mobile Internet throttling experienced by firefighters during recent blazes.

  • Intellectual Monopolies

    • Chinese patent quality and innovation should not be underestimated, new study claims [Ed: The patent maximalists like to deny that China's SIPO does grant lots of utterly trash patents. Why? Because it puts at risk their maximalist agenda. Here we have the patent trolls' lobby, IAM.]

      Self-reported patent quality in China generally matches up with quantitative measures of patent quality, according to the findings of a recently published study. In the face of some claims that the power of Chinese technological progress is overstated, this is another piece of evidence which indicates that, at least from an IP perspective, the country is very much on the march.

    • USA: Yellowfin Yachts, Inc. v. Barker Boatworks, LLC, United States Court of Appeals, Eleventh Circuit, No. 17-11176, 07 August 2018

      The federal district court in Tampa did not err in deciding on summary judgment that fishing boat manufacturer Yellowfin Yachts failed to establish that a former executive and his company were liable for trade dress infringement, unfair competition, or trade secret misappropriation, the U.S. Court of Appeals in Atlanta has held, affirming summary judgment in favor of the defendants.

    • Birss J excuses Chugai from tocilizumab royalties in UCB “validity tie breaker”
    • SPC export waiver: a long road ahead

      The European Commission’s proposed export waiver for supplementary protection certificates is likely to face opposition and may be delayed by EU parliamentary changes, says Trevor Cook of WilmerHale.

      On hearing that the European Commission had on 28 May 2018 adopted a proposal for a Regulation to amend Regulation (EC) 469/2009 concerning the supplementary protection certificate (SPC) for medicinal products, many practitioners might have been forgiven for imagining that such proposal sought to deal with what are to them are the most pressing issues with the SPC Regulation—perhaps by seeking to introduce a unitary SPC to accompany the proposed unitary patent, or perhaps by addressing some of the confusion surrounding certain aspects of the SPC Regulation that has led to so many references to the Court of Justice but has resulted in so little clear guidance from that body.

    • Trademarks

      • Honey Badger Don’t Care: Protecting Creativity with Trademarks

        The Honey Badger video is probably NSFW — but it is also funny and informative. In the viral video, C.Gordon (aka Randall) who created the video, repeatedly states that “Honey Badger Don’t Care” and “Honey Badger Don’t Give a Shit.” This became a meme. (See google photo search results below.) Gordon registered the “Honey Badger Don’t Care” mark, but at the time couldn’t register the potentially offensive “Don’t Give a Shit” mark.

      • Auckland girl fights global media company over ‘Slime Princess’ trademark

        A 12-year-old Auckland girl is taking on a global media giant after her attempt to trademark “Slime Princess” hit opposition.

        Katharina Weischede, from Henderson in West Auckland, first began making slime as part of a school science fair. What started off as a hobby had by late 2017 become a home-based business called “Slime Princess”.

        Now known by her friends, family and even strangers as the “Slime Princess”, she eventually decided to trademark her business’s name.

      • Nickelodeon Is Opposing A 12 Year Old New Zealand Girl’s ‘Slime’ Trademark For Some Reason

        Viacom has decided to take its trademark bullying game international and possibly against the most sympathetic target it could find. Nickelodeon, owned by Viacom, has decided to oppose the trademark registration of a 12 year old girl in New Zealand, claiming its trademark on the word “slime” is too important. Katharina Weischede has managed to build up an online brand in New Zealand for producing and playing with “slime.” She made a business out of it and attempted to trademark “slime princess”, only to find Nickelodeon opposing it.

    • Copyrights

      • ‘The Locks They Put on DVDs Now Are in Tractors’

        Copyright and farmers don’t often appear in the same story. They did last spring, when agricultural machine maker John Deere argued that farmers should not be able to independently access the operating software in their tractors, for example—because they don’t own that part, they just license it. Or, as our guest put it, “Old McDonald has a tractor, but he owns a massive barn ornament, because the manufacturer holds the rights to the programming that makes it run.”

        Kyle Wiens is co-founder and CEO of iFixit, the online repair community and parts retailer. We asked him to explain the right to repair, and the argument that John Deere and others are trying to make.

      • Recognizing It Had No Chance, Cox Settles BMG Copyright Trolling Case

        The long saga of the BMG v. Cox case is now over. If you don’t recall, BMG had hired the copyright trolling outfit Rightscorp to bombard ISPs with shakedown letters, based on accusations of copyright infringement. Rightscorp really wanted ISPs to pass those letters on to ISP subscribers, including the part where they demand money to leave you alone. As was revealed during the case, Rightscorp would blatantly lie to those subscribers, telling them that if they were innocent they needed to first hand their computers over the police for a forensic search. Cox, after being bombarded with these shakedown letters, started ignoring the Rightscorp letters, leading BMG to sue.

        Cox pointed to the DMCA safe harbors to protect itself, but the judge, Liam O’Grady, made it pretty clear that he didn’t care much for the internet at all, and didn’t seem to mind Righscorp and BMG shaking down people for money with the threat of losing their entire internet access. Of course, it did not help at all that Cox itself had some damning emails about how they treated subscribers accused of infringement. While plenty of attention has been placed on Cox’s apparent “thirteen strikes” policy for those accused (not convicted) of copyright infringement, the real problem came down to the fact that Cox didn’t follow its own repeat infringer policy. So, in the end, Cox lost to BMG in the lower court and it was mostly upheld on appeal.

      • Katy Perry sued for copyright infringement, is Marcus Grey the Dark Horse?

        Following this Kat’s post on the Ed Sheeran copyright infringement case relating to the song “Shape of You” (here), she came across another similar dispute going on over the pond!

        This case, brought in the US District Court of California, is between Plaintiffs Marcus Gray, Chike Ojukwu, and Emanuel Lambert who are Christian rap/hip-hop artists and Defendants Katheryn Elizabeth Hudson (Katy Perry), Jordan Houston (Juicy J), Lukasz Gottwald (Dr Luke) as well as a number of other individuals and music publishers.

        The allegation was first filed on the 1st July 2014, which claimed that the song “Dark Horse” infringed upon the Plaintiffs’ copyright in the song “Joyful Noise.” On 25th June 2018 the defendants filed a motion for a summary judgement and the Court hearing took place on 13th August.

      • Milan court issues dynamic blocking injunction against Italian ISPs

        Does a blocking injunction against an intermediary only concern the domain names indicated in the relevant order or can it be also considered as encompassing future infringements committed through other domain names?

        This is the question that the Milan Court of First Instance (Tribunale di Milano) had to address in the context of interim proceedings between publisher Mondadori and a number of major Italian internet access providers (ISPs).

      • Copyright Trolls Killed Off in Denmark After Supreme Court Hearing Denied

        Two ISPs in Denmark have emerged victorious from a battle to keep the personal details of their customers private. Telenor and Telia were previously ordered to hand over information to copyright trolls but when the demands kept coming, the ISPs kicked back. Following a big win for the providers at the High Court in May, the Supreme Court will not hear the case, meaning the trolls will lose access to their cash cows.

The Unitary Patent (UPC) is Not Delayed; It’s Dead and Without Any Major Rework It Will Go Nowhere

Posted in Europe, Patents at 2:48 am by Dr. Roy Schestowitz

Delay

Summary: The Unified Patent Court (UPC) isn’t just delayed but likely canceled; however, people who planned to make a fortune from UPC-centric lawsuits don’t want the public to know that or see it that way

THE EPO hasn’t mentioned the Unitary Patent in nearly two months. António Campinos said something about it in his first week in Office and that’s about it. The EPO does, however, promote software patents every single day now, even at the USPTO. Yesterday the EPO did that thrice (yes, three times!) in one single day, outdoing its usual once or twice per day. In that regard, Campinos is a lot worse than Battistelli.

“The UPC is nowhere near a reality; it’s very, very far from it. Simply put, the UPC isn’t happening. It is already dead. “The Unitary Patent (or UPC) is itself a Trojan horse for software patents, among other bad things. It is a crude and cycnical attempt to bypass national patent laws and even directives against software patents. It’s just insane and no democratic society should allow this to happen. The German Constitutional Court has already taken that abomination to task, but Team UPC keeps pushing two lies which depend on dismissal of a complaint and elimination of lots of other barriers. The UPC is nowhere near a reality; it’s very, very far from it. Simply put, the UPC isn’t happening. It is already dead.

Managing IP, which worked with the EPO on some UPC advocacy/events, has this new article with a loaded headline: “How patent-heavy businesses are planning for the UPC and unitary patent” (as if it’s about to start).

“Counsel at pharmaceutical, telecommunications, car and plastics manufacturers and medical charities tell Managing IP about their considerations for the unitary system,” Managing IP wrote, hiding all the pertinent quotes behind their paywall (so only people who agree with this agenda can read and scrutinise).

“No, there are no “delays” for UPC. The UPC just isn’t happening. Unitary ‘patents’ do not exist and the foreseen framework is already dead. It’s abandoned. Hardly anyone speaks about it.”What Patrick Wingrove does here is that self-fulfilling fantasy-type of propaganda, i.e. pretty much the same old tactic used by Managing IP for a number of years. On almost the very same day another article emerged, this one titled “Bulgaria ratifies the Protocol on Provisional Application of the UPC Agreement but delays still in store for the UPC” (what an incredible understatement, as if it’s only a matter of time).

No, there are no “delays” for UPC. The UPC just isn’t happening. Unitary ‘patents’ do not exist and the foreseen framework is already dead. It’s abandoned. Hardly anyone speaks about it. It’s gone with the wind, gone with Battistelli, whom nobody has heard anything from since he left at the end of June. Herbert Smith Freehills LLP, which is responsible for the above, is just wanting us to think otherwise and being Team UPC opportunists (litigation ‘industry’) they’re looking really hard for signs of UPC progress, jumping a whole month back to a country with barely any European Patents (a fraction compared to a country like France or Germany). Bulgaria was mentioned on August 21st (but that only showed up yesterday) regarding something that happened back in July. To quote: “On 24 July Bulgaria ratified the Protocol on Provisional Application of the UPC Agreement (Protocol). Four more ratifications/declarations are needed, including Germany, for the Protocol to come into effect and allow the practical workings of the Unified Patent Court (UPC) to be established in preparation for the court coming into operation, which will happen once the UPC Agreement (UPCA) itself has been sufficiently ratified. In both cases, ratification by Germany is a prerequisite. Recently reported comments from the Chairman of the UPC Preparatory Committee have revealed that there may be at least a 6-8 month delay once Germany is ready to ratify the UPCA, given how much needs to be done for the UPC to be ready to open its doors. It therefore looks increasingly unlikely that the UPC will take effect before Brexit unless Germany ratifies the Protocol in the next few months.”

“The EPO does not obey court rulings, it does not care about the law, the management engages in corruption, and the founding document (EPC) doesn’t mean a thing. While this remains the case (António Campinos has not tackled this in any way whatsoever), only a madman would entrust or give the EPO authority/leverage over a legal system, as per the UPC.”Notice their nonchalance; as if they’re already sure about the outcome of the complaint in Germany. As if it’s without merit. What sheer arrogance.

Meanwhile (also yesterday) Mitscherlich PartmbB’s Christian Rupp talked about an upcoming/past case for the Boards of Appeal. The EPO has already attacked its judges pretty viciously; the Boards of Appeal can therefore not rule independently and that’s a persistent problem which even the German Constitutional Court is well aware of. Rupp wrote:

In the decision T2563/11 the Boards of Appeal of the European patent had to deal with a divisional application having identical claims to a parent application (on which in the meanwhile a patent had been granted), but having differences in the specification – which, in the opinion of the applicant, lead to a different scope of protection vis-à-vis the scope of the granted parent.

The Board decided that, for the double patenting prohibition, it is the “matter for which protection is sought” defined in the claims (in line with the wording of Art. 84 EPC) which matters, but not the scope of protection, or more exactly “the extent of the protection conferred by a European patent” as defined in Art. 69 EPC. According to Art. 69EPC the “extent of the protection” shall be determined by the claims, however wherein the description and drawings shall be used to interpret the claims.

The EPC is no longer applicable in the EPO however; it was repeatedly violated by Battistelli, who faced no consequences for violating the EPC. The reality of the matter is — and the German Constitutional Court has ample evidence of it — the EPO now operates above the law. The EPO does not obey court rulings, it does not care about the law, the management engages in corruption, and the founding document (EPC) doesn’t mean a thing. While this remains the case (António Campinos has not tackled this in any way whatsoever), only a madman would entrust or give the EPO authority/leverage over a legal system, as per the UPC.

In Koch v EPO, a Rare Glimpse at Tricks the EPO Employs at the Administrative Tribunal of the International Labour Organisation (ILO)

Posted in Europe, Patents at 1:59 am by Dr. Roy Schestowitz

Uploaded by Koch two days ago to her Twitter account

Koch E-mail

Summary: The latest public disclosure about an ongoing case that is years old and demonstrates the appalling treatment of EPO workers by the current management

THE case of Mrs. (and Dr.) Koch is one we’ve been hearing about for years because many EPO insiders are well aware of it. They speak about it.

Well, Dr. Koch is back at it; days ago she was uploading a bunch of E-mails — as she did before — and tweeting updates about her case and the case’s history. The latest burst of messages says: “You may guess why former Vice-President of the #EPO’s DG1 insisted that the investigation under #EPO’s Circular 342 (against #human #rights and the principle of #non-#retroactivity) should go ahead, while at least the pretext for the investigation would have disappeared, s. below [] The investigation under the #EPO’s Circular 342 was only stopped, after (and probably because) I had been forced to “offer” early retirement under compelling pressure (illness, further threats to my health due to C342). [] I was also refused an #employment #medical #examination since September 2012, at that time. #offerofretirementunder #compelling #pressure [] After I had been compelled into an “offer” of retirement (of 31-5-2013), I was informed (on 6-6-2013) that the investigation would not proceed, and the EPO granted me a medical committee (15/17-7-2013) with a delay of 10 months. [] So I withdrew my “offer” which had not been accepted at that time – at least the EPO never provided any hard proof to the contrary. Besides it had been made under compelling pressure. [] One of the two physicians of the medical committee declared that I was unfit for my then tasks, the other one had not decided yet at the time of the medical committee’s report on 9-9-2013. [] The EPO did not accept the withdrawal of my “offer” of retirement, i.e. I was #irregularly #dismissed on 19-9-2013. On 9 October 2013 the EPO also stopped the Medical Committee’s work, since I would have had “voluntarily retired”, as wrongly alleged. [] Now the #EPO simply tries to delay my cases on #medical #committee and #irregular #dismissal with the #Admin. #Tribunal of the #ILO (AT5-4532 and AT 5-4384), by restarting them in internal appeals even before any judgment by the #Tribunal.”

“It took Campinos nearly two months just to comply with an ILO ruling (after he was repeatedly pressured about it).”As readers may recall, last month we contacted Koch regarding her case after she had made some details about it public. She does not believe António Campinos gives hope to people in her position/situation, i.e. perhaps hundreds of EPO workers and ex-workers. It took Campinos nearly two months just to comply with an ILO ruling (after he was repeatedly pressured about it).

08.24.18

Links 24/8/2018: Intel’s Gag Backfires, Red Hat Takes Aim at VMware

Posted in News Roundup at 11:22 am by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

  • Microsoft Investigated For Alleged Bribery and Corruption in Hungary

    U.S. Justice Department and the Securities and Exchange Commission are investigating Microsoft for possible bribery and corruption in its pursuit of software sales in Hungary, the Wall Street Journal reported on Thursday.

  • Desktop

    • You want how much?! Israel opts not to renew its Office 365 vows

      Microsoft’s desire to move users into the exciting world of Office 365 subscriptions has been dealt a blow as the Israeli government took a look and said “no thanks.”

      In a statement given to The Register, the Israeli Ministry of Finance explained that it currently spends more than 100m Israel New Shekels (£21.3m) per year on Microsoft’s software products.

    • Big List of Most Popular Chromebook Brands Will Not Receive Linux Support Due to 3.14 Kernel

      It turns out that unfortunately a lot of Chromebooks with the Linux 3.14 kernel aren’t going to be getting any Linux app support from Google – including Google’s own Chromebook Pixel series. This is quite a blow to the Chromebook Linux community, as many developers were always working on backporting the essential kernel modules such as vsock, trying their best to make vsock backward compatible – though it turned out that vsock isn’t backwards compatible with Linux kernel 3.14, but the point remains.

    • Old Chromebooks won’t get Linux app support after all
    • Chromebooks with Linux kernel 3.14 & older won’t get Linux app support
    • Linux apps are NOT coming to many still-supported Chromebooks
    • Older Chromebooks including the 3-year-old Chromebook Pixel won’t get Linux apps
    • Linux Apps Won’t Come To Many Older Chromebooks Including the 2015 Pixel – But There’s A Catch
    • Linux Apps On Chrome OS To Require Kernel Version Above 3.14
    • Chromebook Linux support: not everyone’s invited to the party
    • Older Chromebooks may not run Linux programs due to outdated software

      Not all Chromebooks will support Linux software when the feature comes to Chrome OS later this year. So far, 14 devices may be excluded from the list including Google’s own Chromebook Pixel introduced in 2015. The current list, generated on Reddit, consists of four models from Acer, four models from Asus, two from AOpen, and more.

      Google revealed support for Linux software on Chrome OS during its developer conference earlier this year. The idea is for developers to test their Android- and web-based apps on Chromebooks. Linux would run inside a virtual machine designed specifically for Chrome OS, which is simply an emulated high-end computer running within your PC’s real-world system memory.

    • Organizing a Market for Applications

      The “Year of the Desktop” has been a perennial call to arms that’s sunken into a joke that’s way past its expiration date. We frequently talk about the “Year of the Desktop”, but we don’t really talk about how we would achieve that goal. What does the “Year of the Desktop” even look like?

      What it comes down to is applications—rather, a market for applications. There is no market for applications because of a number of cultural artifacts that began when the Free Software was just getting up on wobbly legs.

      Today, what we have is a distribution-centric model. Software is distributed by an OSV (operating system vendor), and users get their software directly from there via whatever packaging mechanism that OSV supports. This model evolved, because in the early-to-mid 1990s, those OSVs existed to compile the kernel and userspace into a cohesive product. Packaging of applications was the next step as a convenience factor to save users from having to compile their own applications, which always was a hit-or-miss endeavor as developers had different development environment from the users. Ultimately, OSVs enjoyed being gatekeepers as part of keeping developers honest and fixing issues that were unique to their operating system. OSVs saw themselves as agents representing users to provide high-quality software, and there was a feeling that developers were not to be trusted, as of course, nobody knows the state of their operating system better than they would.

  • Server

    • Aqua Security Open Sources Container Pen Test

      Aqua Security is trying to level the container security playing field by making available as an open source project an open source edition of a penetration testing tool designed specifically for container clusters.

      Rani Osnat, vice president of product marketing for Aqua Security, says kube-hunter is an automated penetration testing tool that developers and cybersecurity teams can employ to discover vulnerabilities within containers.

      That tool is designed to be run in two modes. Passive hunters run by default and are designed to execute a series of tests that probe for potential access points within your cluster. An active hunting mode then can be employed to execute additional tests against any weaknesses found with the passive hunter. Results from those tests are then shown on a website hosted by Aqua Security.

    • Getting started with Linux containers

      A major drawback of an OS-based model is that it is slow, and to deploy a new application, IT administrators might need to install a new server, which incurs operational costs and requires time.

      When every application has its own copy of the OS, operations are often inefficient. For example, to guarantee security, every application needs its own dedicated server, which results in lots of under-utilized hardware in the data center.

      A container is an isolated environment where the OS uses namespaces to create barriers. Linux containers have all the necessary components to run an application and make it easy to run a container on top of an operating system.

      From a hardware standpoint, containers utilize resources more efficiently. If there is still hardware capacity available, containers can use that and admins won’t need to install a new server.

  • Audiocasts/Shows

  • Kernel Space

    • UBIFS & OverlayFS Updates Hit The Linux 4.19 Kernel

      For the Linux 4.19 kernel there’s been a lot of F2FS performance enhancements and more, the new EROFS file-system, low-level Btrfs improvements, and more. Some of the file-system work less in the spotlight are the OverlayFS and UBIFS updates sent in this week.

      On the OverlayFS front it’s a fairly notable merge window. OverlayFS now has support for stack file operations and metadata-only copy-up. The stack file operation support alone will allow cleaning up some “hacks” in the kernel’s VFS code and other code improvements. The details on the OverlayFS work via this pull from a few days ago.

    • Linux 4.19 ARM Updates Bring Raspberry Pi Voltage Driver, Samsung Aires Phone Support

      Olof Johansson has sent in his usual batch of multiple pull requests updating the ARM hardware support, this time for the nearly-over Linux 4.19 kernel merge window.

      There is some good additions to the ARM hardware support in Linux 4.19 like the Raspberry Pi voltage driver as well as the Raspberry Pi Compute Module CM1 support in mainline, a few new SoCs, and various new hardware devices supported — including the $100 Chinese Pinebook ARM 64-bit laptop recently making rounds. Though not part of the Linux 4.19 cycle is anything more on the lack of NXP i.MX8 support and has us increasingly wondering not if Purism will make their Librem 5 ship goal for this Linux smartphone but how far they will be off that ship date… Their Librem 5 developer kits also appear to have not begun shipping yet.

    • Linux 4.19 Adds Deferred Console Takeover Support For FBDEV – Cleaner Boot Process

      While FBDEV has been on its last leg for years with some calling for its deprecation and encouraging instead DRM/KMS drivers rather than (mostly embedded vendors) focusing on FBDEV frame-buffer drivers, with Linux 4.19 the FBDEV subsystem is bringing a useful addition to the kernel.

      Hans de Goede, who has done a range of useful kernel contributions over the years at Red Hat from working out better Linux laptop power management to a cleaner boot process, has been working this summer on deferred console takeover support.

    • OpenRISC Continues Puttering Along With Linux 4.19 Improvements, New GCC Port

      While OpenRISC has been around longer than RISC-V as an open-source processor ISA, with not having as many commercial stakeholders involved, it hasn’t been off to the races as quickly, but it’s still marching to the beat of its own drum.

      OpenRISC developer Stafford Horne today sent in the kernel patches for the Linux 4.19 cycle. The only changes on the OpenRISC front for the Linux 4.19 cycle is work done by Christoph Hellwig to allow this CPU architecture code to use the kernel’s generic DMA interfaces.

    • Linux Foundation

      • Open Source Akraino Edge Computing Project Leaps Into Action

        The ubiquitous topic of edge computing has so far primarily focused on IoT and machine learning. A new Linux Foundation project called Akraino Edge Stack intends to standardize similar concepts for use on edge telecom and networking systems in addition to IoT gateways. The goal to build an “open source software stack that supports high-availability cloud services optimized for edge computing systems and applications,” says the project.

        “The Akraino Edge Stack project is focused on anything related to the edge, including both telco and enterprise use cases,” said Akraino evangelist Kandan Kathirvel, Director of Cloud Strategy & Architecture at AT&T, in an interview with Linux.com.

    • Graphics Stack

      • Patches Prep The Merging Of AMDKFD + AMDGPU Linux Drivers

        The plans talked about in early July for merging the AMDKFD driver into the AMDGPU DRM driver are moving ahead and out today are the initial patches working towards this merger.

        AMDKFD is the graphics vendor’s “Kernel Fusion Driver” with the name originating from the Fusion days and is the kernel bits needed for HSA/compute on Radeon graphics hardware.

    • Benchmarks

      • AMDGPU-PRO 18.30 Pro/Open vs. Upstream Mesa OpenGL/Vulkan Radeon Benchmarks

        Last week AMD released the AMDGPU-PRO 18.30 hybrid driver featuring their latest optional proprietary Linux driver components as well as the “all-open” driver stack option. Here are some initial benchmarks of that driver stack compared to what’s shipped by default in Ubuntu 18.04.1 LTS as well as the latest upstream Mesa/AMDGPU support.

        AMDGPU-PRO 18.30 was introduced with Ubuntu 18.04.1 LTS support as well as for Ubuntu 16.04.5 and RHEL/CentOS 6.10 and 7.5. AMDGPU-PRO doesn’t see new releases too often these days so also coming with 18.30 is the Radeon Pro WX 8200 graphics card support, CLI-based WattMan-like functionality, and other updates.

  • Applications

  • Desktop Environments/WMs

    • K Desktop Environment/KDE SC/Qt

      • The $99 Laptop That Can Run KDE Neon

        A $99 laptop that can run KDE Neon and the full Plasma desktop? I’m intrigued!

        But that’s exactly what KDE Neon’s Jonathan Riddell has shared word of on his blog, highlighting a new collaborative version of the distro designed for the Pinebook ARM laptop.

        “Blue Systems has worked together with the manufacturer of the Pinebook to create a showcase test image that runs well on these devices,” he writes.

      • Last week in Kube
      • Optimizing Kube’s storage

        Near the middle / end of my internship, I got to modify parts of the storage system in Sink, the library handling all the data of Kube.

        The goal was to both to speed up the storage and reducing disk space. These two goals often go hands in hand in databases, since smaller data means faster disk lookup, and more data put in memory, available for direct usage.

      • digiKam 6.0.0 beta 1 is released

        Dear digiKam fans and users, following the long stage of integrating a lots of work from students during the Summer of Code we are proud to announce the first beta of digiKam 6.0.0.

      • digiKam 6.0 Beta Brings Full Video File Management, Greater Camera Coverage

        Just over two years since digiKam 5.0 shipped, this Qt/KDE-aligned open-source photo management software has debuted its 6.0 beta release.

        The headlining feature of digiKam 6.0 Beta is that there is now full support for the management of video files, in a similar manner to digiKam’s photo management. The meta-data on video files are now fully extracted and the video files can be dealt with in the same manner as one would manage a photograph using this software.

      • I was at Akademy 2018!

        It was a very productive week of intense discussion and hacking. This year it was hosted by the Technical University of the beautiful City of Vienna.

    • GNOME Desktop/GTK

      • Fun with SuperIO

        While I’m waiting back for NVMe vendors (already one tentatively onboard!) I’ve started looking at “embedded controller” devices. The EC on your laptop historically used to just control the PS/2 keyboard and mouse, but now does fan control, power management, UARTs, GPIOs, LEDs, SMBUS, and various tasks the main CPU is too important to care about. Vendors issue firmware updates for this kind of device, but normally wrap up the EC update as part of the “BIOS” update as the system firmware and EC work together using various ACPI methods. Some vendors do the EC update out-of-band and so we need to teach fwupd about how to query the EC to get the model and version on that specific hardware. The Linux laptop vendor Tuxedo wants to update the EC and system firmware separately using the LVFS, and helpfully loaned me an InfinityBook Pro 13 that was immediately disassembled and connected to all kinds of exotic external programmers. On first impressions the N131WU seems quick, stable and really well designed internally — I’m sure would get a 10/10 for repairability.

      • Please welcome AKiTiO to the LVFS

        Over the last few weeks AKiTiO added support for the Node and Node Lite devices, and I’m sure they’ll be more in the future. It’s been a pleasure working with the engineers and getting them up to speed with uploading to the LVFS.

        In other news, Lenovo also added support for the ThinkPad T460 on the LVFS, so get any updates while they’re hot. If you want to try this you’ll have to enable the lvfs-testing remote either using fwupdmgr enable-remote lvfs-testing or using the sources dialog in recent versions of GNOME Software. More Lenovo updates coming soon, and hopefully even more vendor announcements too.

      • AKiTiO Thunderbolt Devices Begin Receiving Firmware Upgrade Support Under Linux

        AKiTiO is the latest hardware vendor beginning to allow for firmware upgrades in an easy and reliable manner under Linux.

        Red Hat’s Richard Hughes has shared that AKiTiO has begun supporting the Linux Vendor Firmware Service (LVFS) for distributing firmware updates to Linux users and the subsequent firmware upgrades being carried out by the fwupd utility.

  • Distributions

    • Intel ‘gags’ Linux distros from revealing performance hit from Spectre patches

      Open-source champion Bruce Perens has called out Intel for adding a new restriction to its software license agreement along with its latest CPU security patches to prevent developers from publishing software benchmark results.

      The new clause appears to be a move by Intel to legally gag developers from revealing performance degradation caused by its mitigations for Spectre and Foreshadow or ‘L1 Terminal Fault’ (L1FT) flaw speculative attacks.

      “You will not, and will not allow any third party to … publish or provide any software benchmark or comparison test results,” Intel’s new agreement states.

      The new term appeared with the fixes for ‘L1 Terminal Fault’ that were recently delivered to Microsoft and Linux distributions.

    • Intel Clears Up Microcode Licensing Controversy – Simpler License, Allows Benchmarking

      Over the past day online there has been lots of controversy following some high-profile sites reporting about Intel’s “un-friendly microcode license update” and its “ban on benchmarking”, among other catch phrases. It’s now been officially cleared up by Intel with a simpler license that doesn’t forbid benchmarking, allows distribution vendors to re-distributed these binary files to their users, and doesn’t have any other nastiness integrated into the legal text.

    • Perens: Intel Publishes Microcode Security Patches, No Benchmarking Or Comparison Allowed

      Bruce Perens looks at the license agreement for Intel’s latest CPU microcode update and does not like what he sees.

    • Intel Publishes Microcode Security Patches, No Benchmarking Or Comparison Allowed!

      UPDATE: Intel has resolved their microcode licensing issue which I complained about in this blog post.

    • Use Debian? Want Intel’s latest CPU patch? Small print sparks big problem

      At least one Linux distribution is withholding security patches that mitigate the latest round of Intel CPU design flaws – due to a problematic license clash.

      Specifically, the patch is Chipzilla’s processor microcode update emitted this month to stop malware stealing sensitive data from memory by exploiting the L1 Terminal Fault vulnerability in Intel’s silicon. The biz had released microcode in July that corrected the underlying problem mostly for server-grade CPUs; this latest fix now covers desktop processors.

      Ideally, Intel’s CPU microcode is updated by the motherboard firmware during boot. However, manufacturers may be slow to emit patches, so operating system kernels can also push updates to the chipset during startup. Since microcode updated in this way is discarded every time the power is cycled, it is up to the firmware and OS to reapply the update as early as it can during the boot process.

    • Debian Withholding Intel Security Patches, Linus Torvalds on the XArray Pull Request, Red Hat Transitioning Its Container Registry, Akraino Edge Stack Moves to Execution Phase, openSUSE Tumbleweed Snapshots Released and digiKam 6.0.0 Beta 1 Now Available

      Debian is withholding security patches for the latest Intel CPU design flaw due to licensing issues. The Register reports that the end-user license file Intel added to the archive “prohibits, among other things, users from using any portion of the software without agreeing to be legally bound by the terms of the license”, and Debian is not having it. See also Bruce Perens’ blog post on this issue.

    • Intel rips up microcode security fix license that banned benchmarking
    • Intel Statement on Benchmark Clause: “We Are Updating the License”
    • (Updated) Intel says no more benchmarks on Linux in new terms of microcode update
    • Intel catches heat for CPU benchmarking clause, responds to complaints
    • Intel Included Gag-Order In Microcode Update – Update: Gag-Order Removed
    • Updated: Intel Answers Complaints About Microcode Benchmarking Ban
    • Debian rejects Intel code update
    • Controversial T&C clause found in Intel’s latest microcode update
    • Intel EULA Agreement Forbids Linux Users From Sharing CPU Benchmarks of L1TF Performance Hit
    • Intel makes CPU benchmark publishing illegal after security patch
    • Intel backtracks on controversial benchmark clause, updating its T&Cs
    • Intel Puts Microcode Benchmarking Ban On Linux Distros; Retracts Later

      Well-known open-source programmer Bruce Perens has called out Intel for placing new restrictions on its software license agreement that prevents developers from publishing software benchmark results.

    • Intel EULA License prohibits benchmarks on new Linux microcode Patches

      Intel recently has provided its microcode updates for Linux distributions. The Register reports that Debian is rejecting a new Intel microcode update because of a new license term prohibiting the use of the CPU for benchmarks and profiling.

      There is a new license term applied to the new microcode: “You will not, and will not allow any third party to (i) use, copy, distribute, sell or offer to sell the Software or associated documentation; (ii) modify, adapt, enhance, disassemble, decompile, reverse engineer, change or create derivative works from the Software except and only to the extent as specifically required by mandatory applicable laws or any applicable third party license terms accompanying the Software; (iii) use or make the Software available for the use or benefit of third parties; or (iv) use the Software on Your products other than those that include the Intel hardware product(s), platform(s), or software identified in the Software; or (v) publish or provide any Software benchmark or comparison test results.”

    • Reviews

      • Quirky Linux: Pleasingly Peculiar

        Quirky Linux is a classic example of what makes Linux such a varied and useful operating system.

        Puppy Linux developer Barry Kauler earlier this month released Quirky Xerus 64 version 8.6, which comes packed with the latest innovations for doing Linux stuff differently.

        This latest in the “Xerus” series is a must-try if you like to push your computing experience envelope. It offers a slightly different approach to blending a traditional Linux desktop with the latest in usability options.

    • New Releases

      • Bodhi Linux 5.0.0 released with updated Ubuntu core 18.04 and a modern look

        The Bodhi Team have announced the fifth major release of their Linux distribution. Bodhi Linux 5.0.0 comes with an updated Ubuntu core 18.04 and an overall modern look for its Moksha Window Manager.

        Bodhi Linux was first released as a stable version seven years ago, as a lightweight Linux distribution based on Ubuntu and Moksha window manager. It uses a minimal base system allowing users to populate it with the software of their choice.

        Bodhi Linux 5.0.0 features disc images which have a fresh new look; a modified version of the popular ‘Arc Dark’ theme colorized in Bodhi Green. They have also included a fresh default wallpaper, login screen, and splash scenes as your system boots.

    • OpenSUSE/SUSE

      • Tumbleweed Snapshots Bring Changes for KVM, QEMU, Xen

        The most recent snapshot, 20180818, updated the kernel to version 4.18.0, which brought many changes for KVM (Kernel-based Virtual Machine). Mozilla Firefox 61.0.2 improved website rendering with the Retained Display List feature enabled and also fixed broken DevTools panels. The ffmpeg 4.0.2 package in the snapshot added conditional package configuration and AOMedia Video 1 (AV1) support. Netfilter project nftables was restored as the default backend with firewalld 0.6.1 and now nftables and iptables can co-exist after a bug fix with the ‘nat’ table form the 4.18 kernel. The Command Line Interface configuration utility for wireless devices known as iw added support in its 4.14 for all new kernel features of kernel 4.14. The HTTP client/server library for GNOME, libsoup 2.62.3, now uses an atomic-refcounting in classes that are not using GObject-refcounting. The Linux Kernel 4.16 or higher is needed for the strace 4.24 package, which implemented decoding of KVM vcpu (virtual central processing unit) exit reason as an option, and yast2-http-server 4.1.1 fixed PHP support by dropping php5 and using php7.

      • openSUSE Tumbleweed Is Now Powered by Linux Kernel 4.18, Introduces AV1 Support

        Even though it’s the holidays season and most developers take a break from all the heavy work they do all year, the OpenSuSE Tumbleweed operating system continues to receive some of the freshest updates, and this week it received a major kernel bump with the latest Linux 4.18 kernel series, which brings lots of new features.

        “The most recent snapshot, 20180818, updated the kernel to version 4.18.0, which brought many changes for KVM (Kernel-based Virtual Machine),” said Douglas DeMaio. “Netfilter project nftables was restored as the default backend with firewalld 0.6.1 and now nftables and iptables can co-exist after a bug fix with the ‘nat’ table form the [Linux] 4.18 kernel.”

    • Red Hat Family

      • Red Hat Enterprise Linux 7.6 Beta released with focus on security, cloud, and automation

        Red Hat has rolled out their Red Hat Enterprise Linux 7.6 beta in their goal of becoming the cloud powerhouse. This release focuses on security and compliance, automation, and cloud deployment features.

      • Red Hat’s Open Source Migration Service

        New service aims to help users avoid vendor lock-in and proprietary virtualisation silos

        Red Hat has rolled out a a new managed infrastructure migration service that aims to help enterprises shift to open source infrastructure.

        The service from the North Carolina-headquartered open source giant bundles together a range of existing and forthcoming Red Hat offerings into a three-step mechanism.

        This aims to help enterprises tackle legacy virtualisation infrastructure issues, from closed vendor systems to onerous licencing costs.

        James Labocki Director of Product Management at Red Hat told Computer Business Review that the rationale for the product was fundamentally simple.

      • Red Hat Virtualization hypervisor adoption considerations

        RHV offers centralized management with Red Hat Virtualization Manager and is integrated with Red Hat’s cloud tools, including Red Hat Ansible Automation and Red Hat CloudForms, which enables customers to orchestrate and automate events, handle reporting, and enforce compliance requirements.

        RHV also supports OpenStack Glance and Neutron, which means RHV works in private and hybrid cloud infrastructures. Simple network management protocol messaging handles third-party monitoring.

      • Red Hat Takes Virtualization Aim at VMware
      • Red Hat Takes Aim At VMware

        Red Hat thinks VMware is an anchor dragging enterprise IT departments down, and it’s looking provide wings to help them soar. The ruby-lidded guys are launching infrastructure migration tools and professional services to migrate “legacy virtualization solutions” (Red Hat’s euphemism for the V-team) to open source.

        In a blog post scheduled to go live Thursday, Red Hat Inc. (NYSE: RHT) takes aim at the financial cost of running these “legacy virtualization solutions,” and promises to help enterprises “cut costs and speed innovation through cloud-native and container-based technologies.” Red Hat says the cost of running legacy infrastructure starves enterprises of the resources needed for digital transformation. Red Hat is looking to fix that.

      • Red Hat Goals To Assist Firms Migrate To A Modern IT Infrastructure

        Business enterprises nowadays aren’t shy about their desire embrace “digital transformation,” and the companies that provide much of their information technology infrastructure are falling over themselves which is happening again and again.

      • How the Boston Children’s Hospital Is Innovating on Top of an Open Cloud

        Pienaar says that it’s very important that it is all open source and, again, not just because of the cost savings. Having been using Linux from the start of the project, he believes they wouldn’t have access to the different development environments and languages they’d want to use if they were tied to a proprietary cloud.

        “I very much am inspired by the idea that, with these open source approaches, we can build things that really affect data that has real connections to the world behind it,” Pienaar said.

        “Right now if we were trying to collaborate deep down into the Amazon cloud, I would imagine we would have to set up a licensing agreement with Amazon. I wouldn’t be able to download the Amazon Cloud to run up my own environment. And while the full power of ChRIS lies in its connection to the Mass Open Cloud, nothing stops you from downloading and running ChRIS right now on your laptop. The entire ChRIS is available. Your experience is identical — albeit your laptop might not quite muster the grade for heavy computing. Still, you can troubleshoot and develop to your own mini-but-complete ChRIS in totality and then with a click deploy to any number of other ‘ChRISes’ that live out on clouds.”

        [...]

        Both this use case and the medical ones follow an operational pattern of bringing in the data and code, running on the optimum numbers of data, and sharing the input data and the temporary data that are required for the application itself. ChRIS also has mechanisms that can facilitate visualizing the data for clinicians.

        The end goal is not to just make applications run faster on a single machine, but to open source data itself, while still remaining compliant to regulations like the U.S.’s HIPAA and Europe’s GDPR.

      • [PodCTL] PodCTL #46 – KubeVirt and Container Native Virtualization

        Does it feel like sometimes the new Kubernetes updates are only targeted at new, cloud-native applications? What about all those existing applications that aren’t microservices or are running in virtual machines today? Today’s show looks at the intersection of container, virtual machines and Kubernetes. We talk about the KubeVirt project and the work that Red Hat is doing with Container Native Virtualization. It’s a great look at how new Kubernetes capabilities like Customer Resource Definitions (CRDs) are allowing Kubernetes to expand it’s capabilities without making the core project less stable.

      • Eclipse MicroProfile and Red Hat Update: Thorntail and SmallRye

        With the name, we also changed versioning to come back to a more semantic version numbering. Thus the last release version of WildFly Swarm was 2018.5.0 and the first version of Thorntail (same code, different name) was 2.0.0.Final.

        Changing the version numbering makes it easier for us to communicate about new features and have better links to downstream project versions.

        You’ll find more information on the project renaming and versioning changes in this interview that Bob McWhirter gave to InfoQ.

      • Can I catch up with Linux containers?

        Cloud, Linux containers, and container orchestration (in the form of Kubernetes) are the topics I hear being discussed the most today. Most IT organizations are discussing DevOps and microservices. The will to deep dive into that pool of fresh new experiences is leading many organizations to rethink tooling, culture, and processes in-house. Businesses want all the benefits of this digital transformation, but are you really prepared for this new paradigm? Are you really ready for containers?

        In order to standardize environments, isolate processes or increase modularity, to be able to better produce code, services and provide maintenance, the solution that comes in handy is containers. A smaller footprint which is standardized and isolated while consuming the resources of the host was the perfect recipe. Click here to understand what containers are.

      • Transitioning the Red Hat container registry

        Red Hat has seen significant adoption of our container ecosystem since we began shipping Red Hat Enterprise Linux with support for Linux containers more than four years ago. To support our existing users and users to come, we will be transitioning our product portfolio and customers to a new container registry for Red Hat container images available at registry.redhat.io over the next year. We have several reasons to make this change, and we’re also taking a number of steps to make the move away from registry.access.redhat.com as minimally disruptive as possible.

      • Maxta Launches Hyperconverged (Un)Appliance for Red Hat Virtualization Pre-Configured on Intel® Data Center Blocks
      • Introducing Red Hat infrastructure migration solution: An enterprise-grade remedy designed for proprietary virtualization silo ills

        For many organizations, legacy virtualization solutions can stifle innovation and IT advancement, which can limit the path to hybrid cloud infrastructure, where workloads and resources span physical, virtual and cloud-based environments. The cost of maintaining these existing infrastructure investments can tie up a significant portion of IT budgets. Compounding this, Gartner states, “IT organizations with goals for “doing more with less” find it difficult to quantify, estimate and communicate the level of non-discretionary IT spending needed to sustain business transformation.” With the budget remaining, an organization can be forced to put digital transformation, the modernization of IT environments through digital technologies, on hold.

      • Finance

      • Fedora

        • Flock 2018

          A couple weeks ago I had the pleasure of traveling to Dresden, Germany to attend Flock, the annual gathering of Fedora contributors. This was my third Flock and it was fun and quite productive.

          One of the things I enjoyed about this year’s schedule was the built-in coffee breaks. Most conferences pack the schedule completely full with many simultaneous tracks, so that attending the “hallway track” means that you are missing talks. The built-in coffee breaks were such that there were no other scheduled activities, which was great for having sanctioned hallway track time. It was a great idea and I hope it is also incorporated into next year’s event.

        • IBus 1.5.19 is released

          IBus 1.5.19 is now released and it’s available in Fedora 29.

        • [ES] Docker Meetup 05 Panamá [Docker+Fedora]
        • Civility in a systemd World

          Let me just say that I don’t really know much of anything about systemd and as such, I’m not even sure I care. I know that people either like systemd or really, really, hate systemd and that there is a very slim slice of global users that don’t care one way or the other. I also know that literally everything in life can be turned into a punchline joke if you link it to systemd. You don’t even have to understand the specifics of the joke, you just know that if systemd is part of the punch line that you are supposed to laugh. Now after all that, here is the real reason for this post.

          I was listening to episode 262 of the Linux Unplugged podcast in which there is a discussion of Benno Rice’s BSDCan 2018 keynote called “The Tragedy of systemd. First, the discussion was really, really good and certainly thought provoking. I would highly recommend listening to the discussion. It was interesting enough that I had to go and actually find the keynote presentation and watch it in it’s entirety. Remember what I said at the start of this post, I don’t really know anything about systemd nor do I know if I even care. And yet I am willing to say it was a very good presentation.

    • Debian Family

      • Derivatives

        • Deepin OS 15.7 – Enjoy The Better Performance

          Deepin OS is among the most awesome Operating Systems in the world, period. The Debian-based distro has successfully won the hearts of everybody that I know has used it for over a day and its latest release (in the form of version 15.7) brings so many improvements I could have a field day reviewing them all.

          If you are not already familiar with this OS then don’t skip this article.

          Deepin OS is an open-source, Debian-based desktop distribution whose aim is to provide users with a beautiful, security-conscious, and user-friendly Operating System. It was initially based on Ubuntu until the release of its current major version, 15 when it switched to model Debian.

          As at the time of writing, it sits at #28 on Distrowatch and has a 9/10 rating out of 301 reviews with approx. 325 hits per day.

        • Canonical/Ubuntu

          • The Road to K8s/vSphere Integration

            Recently, Juju began supporting cloud-native features via “integrator” charms (e.g.: aws-integrator, gcp-integrator, openstack-integrator). These allow charms to request things like persistent storage from a cloud provider without having to shuffle your super-secret credentials around to all the applications in your deployment.

            The way an integrator charm works is simple: you entrust it (and only it) with your Juju credentials for a particular cloud and then relate it to charms that want to make cloud-native requests. The integrator will ensure appropriate roles are created, submit a request to the cloud, and then notify the requesting charm that enough data is available to start using the new resource.

            Lately I’ve been testing Canonical Kubernetes (CDK) on the VMware vSphere platform — to Juju, vSphere is supported like any other cloud. I really needed persistent storage for my pods and thought, “it sure would be nice if there was a vsphere-integrator that I could use for this.” So I wrote one.

          • Ubuntu/Debian Add LZ4-Compressed Initramfs Support, Will Auto Decide LZ4/XZ Choice

            Back in March was the discussion about Ubuntu 18.10 considering an LZ4-compressed kernel image (initamfs) by default while now action has been taken on this support and coming up with a new default.

            With the latest Ubuntu and Debian packages, compressing the initramfs using LZ4 is now supported. Ubuntu up to this point has been using the basic Gzip compression support. The benefit to using an LZ4-compressed image is much quicker decompression than alternative algorithms but it does mean a slightly larger file size.

  • Devices/Embedded

Free Software/Open Source

  • SD Times Open-Source Project of the Week: TransmogrifAI

    Salesforce is open sourcing a tool that aims to make it easier to build scaled machine learning systems for enterprises, TransmogrifAI.

    TransmogrifAI is a automated machine learning library for structured data that enables data teams to transform customer data into meaningful predictions, according to the company.

    Salesforce explained it has been using TransmogrifAI to power its Einstein AI platform, but it wants to open up the project to empower other developers to build machine learning solutions at scale.

  • Channeling Community Wisdom: Recent Open Source Momentum And What’s To Come
  • The “Sign-in with Facebook” problem and the open source solution

    Managing accounts, credentials and personal information on the Internet has become a nightmare. Almost every website today encourages users to register, or even requires them to do so to be able to access content. They usually want some combination of your email, a password, your name and date of birth. This information is always the same, yet you spend your time typing it again and again, then double checking it for mistakes and correcting typos before pressing Enter and being granted access.

    And you often reuse the same password that you already used for countless other websites, because there are only so many passwords that you can remember – until you find a website with an annoying password policy that your ordinary password does not meet, and then you have to add a punctuation symbol, a Greek letter and a B flat note played on a horn.

    Some people try to solve this by using password managers, such as the ones included in modern browsers – and then they have to remember and secure the password to their password manager, and there is no way to recover their accounts if they lose it; and if they end up using someone else’s device, or a PC in an Internet café, they cannot log in anywhere, as they do not know any of their passwords any more. So they will save their credentials on their mobile phone, which then gets stolen, putting all their online affairs at risk.

  • What is Qiskit, IBM’s open source quantum computing framework

    Researchers, scientists, academics, hobbyists, businesses – all of these groups are represented in the community of Qiskit, the open source framework based on IBM’s quantum computing programme that’s opening up access to real quantum computing in the cloud for everyone.

    Qiskit (Quantum Information Science Kit) is just over a year old, and it followed up the IBM Quantum Experience – IBM Q Experience for short – a program that put quantum computers on the cloud (for the first time) so researchers and developers could tinker with the almost brand-new field of computation.

    Since opening up the Q Experience, hobbyists have created games and composed music using real quantum computers, while scientists and researchers are using qubits to solve problems that were previously too difficult to solve.

  • Potential for Open Source for Health IT Software Development

    Open source development supports health IT software innovation as healthcare technology vendors and provider organizations work on improving the same source code.

    “Open source is a methodology on how to develop software,” Red Hat Director of Healthcare Craig Klein told HITInfrastructure.com. “The premise behind open source is you have a group of people collaborating on a particular piece of code. For example, if you have someone building an operating system, there may be one hundred thousand people contributing that particular piece of code from thousands of organizations.”

    The number of developers lends open source as an avenue for health IT innovation. Industry professionals are constantly improving on available source code and sharing their improvements with the open standards community.

    Open standards encourage competing implementations of the same standard, rather than creating competing platforms. This can benefit consumers, according to a report published by the Journal of Medical Internet Research.

  • FairEmail is an open source, privacy-friendly email app

    As they say, Big Data is Big Money, and it’s hard to get around online these days. There are even toggles in the operating system themselves that let you disable location services but will continue storing your location data on their servers. Thankfully, Android is open source and many have gone for the pure AOSP flavor without letting any of Google’s code touch their device. That’s why it was interesting when XDA Recognized Developer M66B released an email application called FairEmail with the goal of being privacy-friendly.

    FairEmail is open source, available on GitHub, and even has a testing program available in the Play Store (as of the writing of this article, the program is not live). Some would assume this means the application is light on features, but FairEmail is feature packed. Check out the full list of features below.

  • Web Browsers

    • Mozilla

      • Screenshots from the Console

        To access the command, open the Web Console via Tools → Web Developer → Console, type in :screenshot and press ENTER. A screenshot of the current document will be downloaded to your downloads directory.

      • These Weeks in Firefox: Issue 43
      • More on the RLS and a 1.0 release

        In my last post, I announced a release candidate for the RLS 1.0. There has been a lot of feedback (and quite a lot of that was negative on the general idea), so I wanted to expand on what 1.0 means for the RLS, and why I think it is ready. I also want to share some of my vision for the future of the RLS, in particular changes that might warrant a major version release.

      • Good First Bugs

        One great way (of many) to get started in software development, particularly in open source, is to find good first bugs. This is a class of software bugs (which should be called issues, since they’re not always bugs) that are easy to fix with little experience. It can also be a great way, once you have software development skills, to learn a new domain or set of tools. Many projects, even well funded ones, are very happy to receive community contributions, if nothing else it’s one other way they can provide opportunities to the community.

        At Mozilla we use bugzilla to track our bugs, and use the good first bug keyword to identify such bugs. You’re welcome to contribute patches for these bugs, and potentially have your work included in Firefox. You can also search by component, so the list of open good first bugs for the garbage collector is here and I’d be happy to help with any of these.

      • Let Firefox’s Side-View extension give you an edge for fantasy football, basketball, hockey and all the other sportsballs

        It’s that time of year again. When we find ourselves pouring over player rosters, reading frustratingly vague injury reports and trying to shake down our friends and colleagues to reveal how they’re planning to make their picks. Yes, with autumn just around the corner in the northern hemisphere it means that it’s time to make your fantasy sports league picks.

      • Share your favorite images and videos in VR with Mozilla Hubs

        Last April we released Mozilla Hubs, a VR chat system that lets you walk and talk in VR with your friends, no matter where in the world they are. Now we have a game changing new feature: you can share virtually any kind of media with everyone in your Hubs room by just pasting in a URL. Anything you share becomes a virtual object that everyone can interact with. From images to videos to 3D models, Hubs is the best way to collaborate across devices (laptops, phones, headsets) and OSes. Let’s look at a few details.

      • Thunderbird Monterail Themes Redux

        It just got easier to install the stylish Monterail themes in Thunderbird, the free and open source email client.

        The Monterail themes for Thunderbird were created last year by the open source community based on concept designs from a Polish design company.

        And they proved an instant hit.

      • Firefox DevEdition 62 Beta 18 Testday Results

        As you may already know, last Friday August 17th – we held a new Testday event, for Firefox DevEdition 62 Beta 18.

  • SaaS/Back End

    • New Mirantis Product Empowers Customers with Workload-Centric Cloud Configurations
    • Mirantis CEO: ‘Choose Your Cloud’ Using Open Source

      An update to Mirantis’ open source private cloud platform allows users to change their infrastructure to best suit individual workloads, Mirantis CEO Adrian Ionel says.

      The latest version of Mirantis Cloud Platform (MCP) is built around the idea of a tuned infrastructure stack — a pre-defined configuration template that can be edited using a tool called infrastructure model designer. This software is built on top of open source tools including Cookiecutter, Reclass, and Salt. It allows operations teams to define cluster configuration using declarative scripting.

  • CMS

    • Overview of Popular Static Site Generators

      All static page generators have a single and seemingly straightforward task: to produce a static HTML file and all its assets.

       

      There are many obvious benefits to serving a static HTML file, such as easier caching, faster load times, and a more secure environment overall. Each static page generator produces the HTML output differently.

  • Pseudo-Open Source (Openwashing)

  • BSD

    • FreeBSD & DragonFlyBSD Put Up A Strong Fight On AMD’s Threadripper 2990WX, Benchmarks Against Linux

      The past two weeks I have been delivering a great deal of AMD Threadripper 2990WX benchmarks on Linux as well as some against Windows and Windows Server. But recently I got around to trying out some of the BSD operating systems on this 32-core / 64-thread processor to see how they would run and to see whether they would have similar scaling issues or not like we’ve seen on the Windows side against Linux. In this article are FreeBSD and DragonFlyBSD benchmarks with the X399 + 2990WX compared to a few Linux distributions.

    • OpenSSH 7.8 released
    • DragonFlyBSD Gets Performance Tuning For Threadripper 2990WX Topology, Scheduler Tuning

      While it was just days ago that DragonFlyBSD lead developer Matthew Dillon got his hands on a Threadripper 2990WX 32-core / 64-thread “beast”, got it working under this long ago forked operating system from FreeBSD, and proceeded to exclaim with joy how powerful this system is, he’s now made it even better. Dillon has landed some additional kernel work to benefit the AMD Ryzen Threadripper 2990WX.

      On top of the kernel changes made at the end of last week to bring-up the 2990WX support, Matthew Dillon has now had the time to do some tuning to make this 64-thread system perform even faster. Hitting DragonFlyBSD Git overnight was a patch to update the AMD topology detection as seeing four nodes with eight cores and two threads per core, per node. Previously it was just exposed as a CPU with 32 cores and 2 threads per core.

      The DragonFly patch also now is able to expose how much memory is accessible from each node, an instability fix in the kernel’s scheduler when dealing with large core counts, and memory-on-node weighting in the scheduler.

  • Public Services/Government

    • Los Angeles County Officials Announce New Voting System For Upcoming Midterm Elections (VIDEO)

      The newly implemented system — named the Voting Solutions for All People (VSAP) Tally Version 1.0 — is designed to improve and secure the ways in which Vote-by-Mail (VBM) ballots are counted, according to officials.

      “This is a significant milestone in our efforts to implement a new voting experience for the voters of Los Angeles County,” said Dean C. Logan, registrar-recorder/county clerk. “The VSAP Tally System will ensure that new Vote-by-Mail ballots cast in the upcoming November election will be counted accurately and securely.”

      The newly redesigned packets necessary for VSAP are scheduled to be distributed on Oct. 9, and are set to include the new full-face ballot, return envelope, secrecy sleeve and an “I voted” sticker, according to officials.

    • L.A. County first in state certified to use open-source election technology

      A new vote tally system in Los Angeles County was approved Tuesday, making it the first publicly owned, open-source technology certified under the California voting systems standards.

      Certification of the Voting Solutions for All People Tally, made by California Secretary of State Alex Padilla, now allows the county to move forward with its newly redesigned vote by mail ballots for the Nov. 6 general election.

    • LA County will switch to all open source vote-counting machines

      California voting officials have certified an open source vote-counting package for use in the upcoming LA elections, in the first of a series of planned improvements to the County’s voting system (other plans include improved absentee voting ballots).

      It’s the first time in US history that vote-tallying will be done with open, public, universally auditable source-code. As an LA County resident, this makes me very happy.

    • Los Angeles County’s new ‘open source’ vote tallying system isn’t open source just yet
    • New Voting System Comes to LA County

      On Tuesday, California Secretary of State Alex Padilla certified Los Angeles County’s Voting Solutions for All People (VSAP) Tally Version 1.0, making it the first publicly-owned, open-source election tally system certified under the California voting systems standards.

      “With security on the minds of elections officials and the public, open-source technology has the potential to further modernize election administration, security, and transparency,” said Secretary of State Alex Padilla. “Los Angeles County’s VSAP vote tally system is now California’s first certified election system to use open-source technology. This publicly-owned technology represents a significant step in the future of elections in California and across the country.”

    • LA County gets open source election tally system

      California Secretary of State Alex Padilla has certified the first publicly owned, open-source election tally system under his state’s voting systems standards. Los Angeles County’s Voting Solutions for All People Tally Version 1.0 had to undergo rigorous functional and security testing by the secretary of state’s office and a certified voting testing lab.

      “Los Angeles County’s VSAP vote tally system is now California’s first certified election system to use open-source technology,” Padilla said. “This publicly-owned technology represents a significant step in the future of elections in California and across the country.” The certification of the VASP Tally solution allows Los Angeles County to move forward with its new redesigned VSAP vote-by-mail ballots for the November elections.

  • Licensing/Legal

    • Redis has a license to kill: Open-source database maker takes some code proprietary

      Database maker Redis Labs this week moved the Redis Modules developed by the company from the AGPL to a license that combines Apache v2.0 with Commons Clause, which restricts the sale of covered software.

      The licensing change means that house-made Redis Modules – RediSearch, Redis Graph, ReJSON, ReBloom and Redis-ML – are no longer open-source software, as the term is generally defined. Instead, they become “source available.”

      Practically speaking, the new license limits the ability of cloud providers to offer these Redis Modules to customers; Redis Labs presumably aims to be the sole seller of services incorporating these add-ons. The Redis database code, however, remains under the BSD license.

      Redis Labs is not the only company to make such a change. In May, Neo4j, which makes the Neo4j graph database, added the Commons Clause to its AGPL license.

  • Openness/Sharing/Collaboration

    • Open Data

      • Understanding Niamey’s flood risk through open source mapping, drones, and modeling

        For thousands of years, the Niger River has been the lifeblood for not only Niger, but also its neighboring countries in the Niger River Basin. Yet, even as many Nigeriens depend on the mighty waterway for food, water, and livelihoods, the Niger River also poses a severe flood risk to the West African country during the rainy season. In the third quarter of 2017, widespread flooding due to heavy rains claimed the lives of over 50 people and displaced nearly 200,000.

        Lying on the banks of the Niger River, the Nigerien capital Niamey is especially vulnerable to flood risk. Poorly planned development in the city, which has contributed to land degradation and soil erosion, has only exacerbated the risk. To make matters even worse, many parts of Niamey, which has seen its population balloon to over one million people, lack proper drainage infrastructure.

  • Programming/Development

    • Codeplay Outs SYCL-Based ComputeCpp 1.0, Running Parallel C++ Code On Multiple Platforms

      Codeplay, the company behind tools like clspv for running OpenCL C code on Vulkan, today released ComputeCpp 1.0.

      ComputeCpp 1.0 is built upon the Khronos Group’s SYCL 1.2.1 standard and is designed to write standard C++ code for heterogeneous systems that in turn can run across processors and accelerators from a variety of vendors — in effect, everywhere.

    • New podcast interview

      Apparently August 2018 is Shamelessly Shill Yourself Month. I appeared on the IT in the D podcast last week. A fun time was had by all–well, at least by me. And that’s the important thing, right? We talked about my books, decades of IT, SSH, ed, and general nerdery.

Leftovers

  • Passport queues vex airlines

    Airlines and airports are starting to worry that the queues could discourage flying for business. Austerity is a primary cause of the waits, according to Andrew Charlton of Aviation Advocacy, a research firm based in Geneva. Since the 2007-09 financial crisis, air traffic has increased and budgets for passport controllers have been slashed. The number of passengers going through Britain’s airports has risen by a quarter since 2012, for example, but its border force’s budget has fallen by a tenth. America’s international passenger numbers have risen three times faster than its border-patrol budget in the same period.

  • Hardware

    • Fujitsu Presents Post-K CPU Specifications

      Fujitsu today announced publication of specifications for the A64FX™ CPU to be featured in the post-K computer, a supercomputer being developed by Fujitsu and RIKEN as a successor to the K computer, which achieved the world’s highest performance in 2011. The organizations are striving to achieve post-K application execution performance up to 100 times that of the K computer.

      A64FX is the world’s first CPU to adopt the Scalable Vector Extension (SVE), an extension of Armv8-A instruction set architecture for supercomputers. Building on over 60 years’ worth of Fujitsu-developed microarchitecture, this chip offers peak performance of over 2.7 TFLOPS, demonstrating superior HPC and AI performance.

    • Fujitsu unveils details on Post-K Supercomputer processor powered by ARM

      Today Fujitsu published specifications for the A64FX CPU to be featured in the post-K computer, a future machine designed to be 100 times faster than the legendary K computer that dominated the TOP500 for years.

  • Health/Nutrition

    • STI which rots genitals found in UK for first time

      A sexually transmitted disease which can rot the genitals has been detected in the UK for the first time.

      Rare STI Donovanosis is usually only found in tropical countries but there have now been three recorded incidents in the UK.

      The nasty bug causes genital ulcers to grow and spread. If left untreated flesh in the groin literally starts to eat itself.

      And according to a Freedom of Information request, submitted by online pharmacy chemist-4-u.com, the rare sexually transmitted disease Donovanosis has been diagnosed three times.

      Twice in Bolton and once in a woman, between the age of 15 and 25, in Southport in the past 12 months.

    • Negotiators On UN TB Resolution May Have A Deal

      Negotiators for a United Nations declaration on tuberculosis, meeting intensively in New York this week, may have reached agreement today on a key sticking point related to intellectual property, innovation and access to new medicines, according to sources. An agreement, if accepted by other delegations, could allow the text to proceed to the high-profile High-Level Meeting scheduled to take place at the UN General Assembly next month.

    • SCOTUS petition on HIV drug patents poses reputational as well as legal risks for pharma companies [Ed: The patent trolls' lobby IAM worries that the public might find out that patent greed harms health because SCOTUS looks into this matter.]

      The AIDS Healthcare Foundation (AHF) last week announced it had filed a petition asking the US Supreme Court to review lower courts’ decisions to dismiss its attempts to invalidate patents protecting a Gilead HIV treatment. It has asked the high court to determine the circumstances under which a party can file suit for declaratory judgment. A favourable decision for the foundation could have significant ramifications for pharmaceuticals patent litigation, clearing the path for federal court invalidity suits to be launched prior to ANDA filing by a generic competitor and by a wider range of potential plaintiffs.

  • Security

    • Security updates for Thursday
    • The Untold Story of NotPetya, the Most Devastating [Windows] Cyberattack in History

      The result was more than $10 billion in total damages, according to a White House assessment confirmed to WIRED by former Homeland Security adviser Tom Bossert, who at the time of the attack was President Trump’s most senior cybersecurity-­focused official. Bossert and US intelligence agencies also confirmed in February that Russia’s military—the prime suspect in any cyberwar attack targeting Ukraine—was responsible for launching the malicious code. (The Russian foreign ministry declined to answer repeated requests for comment.)

    • Aussie gov bans Huawei and ZTE from supplying 5G kit

      The Australian government announced the ban on Thursday morning, just a day ahead of the country’s 5G auction, citing – unsurprisingly – concerns over national security.

    • Government Provides 5G Security Guidance To Australian Carriers
    • Kids at hacking conference show how easily US elections could be sabotaged

      The bad news is that it doesn’t really matter. While the actual risk of a hacker seizing thousands of voting machines and altering their records may be remote, the risk of a hacker casting the validity of an election into question through one of any number of other entry points is huge, and the actual difficulty of such an attack is child’s play. Literally.

    • Former Facebook security chief says it’s ‘too late’ to protect 2018 elections

      Facebook’s recently departed security chief says US government inaction has ensured that the upcoming midterm elections will be vulnerable to hacking and online manipulation campaigns.

    • Adobe Patches 2 Code Execution Vulnerabilities in Photoshop CC 2017 & 2018

      Hot off the discovery board is news of two important vulnerabilities that have been found in Adobe’s Photoshop CC versions 19.1.5 and prior for the 2018 edition and versions 18.1.5 and prior for the 2017 edition. The discovery of these vulnerabilities was made by a Fortinet security researcher, Kushal Arvind Shah, but nothing has been officially released in the level of detail expected for CVE vulnerabilities.

      It appears that a combined update has been rolled out through the Adobe Creative Cloud for the respective editions and versions of Adobe Photoshop CC 2018 / 2017 to patch the two found vulnerabilities. The flaws are seen to impact the said versions of the software on both the Windows operating system and the Apple Mac operating system.

    • New Mirai Variants Leverage Open Source Project [Ed: DarkReading looking to blame "Open Source" because yes, people can craft things with FOSS. Sometimes even malicious things.]

      Mirai, the IoT botnet responsible for enormous DDoS attacks in 2016, has continued to evolve: it’s now leveraging an open-source project named Aboriginal Linux to make cross-compiling the malicious code easier, more effective, and less prone to error.

    • Mirai leveraging Aboriginal Linux to target multiple platforms [Ed: Did Steve Ragan copy Catalin Cimpanu (below) or the other way around (almost identical spin)?]
    • Mirai IoT Malware Uses Aboriginal Linux to Target Multiple Platforms
    • Mirai botnet strikes again: This time it’s going after a specific open source project [Ed: So, long story short, devices with holes or hand-coded passwords in them are blamed on "Linux" and/or "Open Source"]
    • Vulnerability in OpenSSH “for two decades” (no, the sky isn’t falling!) [Ed: Responding to the likes of Catalin Cimpanu]

      The OpenSSH software came out of the super-security-conscious operating system project OpenBSD, the “free, functional and secure” operating system that boasts on its website that it’s suffered “only two remote holes in the default install, in a heck of a long time!”

      Compared to the average Linux distro, or Windows, or macOS, or pretty much any mobile phone you care to mention, that isn’t an idle boast, even if it’s not the sort of claim a traditional marketing department might go for.

    • Huawei slams Australia ban as being ‘politically motivated’

      Australia’s decision to ban Huawei Technologies from playing a role in the country’s 5G networks is “politically motivated, not the result of a fact-based, transparent, or equitable decision-making process”, a spokesperson from the company’s headquarters in Shenzhen says.

    • Huawei ban: China asks Australia to drop ‘ideological bias’

      The Chinese Government has told its Australian counterpart to get rid of its “ideological biases” and create a “fair environment” for business in the country in the wake of the 5G ban imposed on Chinese companies Huawei Technologies and ZTE Corporation.

    • Australia’s Huawei ban meant to please Uncle Sam

      For more than a few decades now, Huawei has been supplying telecommunications equipment to all parts of the world, 170 countries in all. Chances are that if there were any backdoors planted in that equipment, then some man or woman in some part of the world would have cottoned onto it.

    • Disable SMT/Hyperthreading in all Intel BIOSes

      Solving these bugs requires new cpu microcode, a coding workaround,
      *AND* the disabling of SMT / Hyperthreading.

      SMT is fundamentally broken because it shares resources between the two
      cpu instances and those shared resources lack security differentiators.
      Some of these side channel attacks aren’t trivial, but we can expect
      most of them to eventually work and leak kernel or cross-VM memory in
      common usage circumstances, even such as javascript directly in a
      browser.

      There will be more hardware bugs and artifacts disclosed. Due to the
      way SMT interacts with speculative execution on Intel cpus, I expect SMT
      to exacerbate most of the future problems.

    • Why the DNC Thought a Phishing Test Was a Real Attack [iophk: "turns out all the disinformation yesterday was just that -- disinformation; fat chance of the facts getting as much coverage though"]

      Lookout had alerted the DNC as well as DigitalOcean—the server company hosting the imposter—within hours of the fake site going live. The incident was initially touted as a success: A cyberespionage campaign thwarted before any data was stolen. Now, it instead raises questions about how a covert phishing simulation could have taken an understandably guarded group totally unaware.

    • Nearly half of English councils are using end of life server software

      Although the vast majority (between 88 and 94 per cent, depending on product) say that they intend to upgrade inside two years, by using such outdated software in the meantime, they continue to run the gauntlet of potential zero-day vulnerabilities with the power to bring down the entire infrastructure of the council.

    • Security updates for Friday
  • Transparency/Investigative Reporting

    • Reality Winner, who pleaded guilty to leaking [sic] secret U.S. report, gets 63-month sentence

      Reality Winner, 26, pleaded guilty in June to a single count of transmitting national security information. The former Air Force translator worked as a contractor at a National Security Agency’s office in Augusta, Georgia, when she printed a classified report and left the building with it tucked into her pantyhose. Winner told the FBI she mailed the document to an online news outlet.

    • Reality Winner, leaker of secret report on Russian election hacking, gets more than 5 years for espionage [sic]

      “The vulnerability of the American electoral system is a national topic of immense gravity, but it took Winner’s act of bravery to bring key details of an attempt to compromise the democratic process in 2016 to public attention,” The Intercept’s statement continues. “Reality Winner’s courage and sacrifice for the good of her country should be honored, not punished.”

    • NSA leaker who mailed doc outlining Russian hacking gets 5 years in prison
    • Download Chicago’s Parking Ticket Data Yourself

      ProPublica Illinois has been reporting all year on how ticketing in Chicago is pushing tens of thousands of drivers into debt and hitting black and low-income motorists the hardest. Last month, as part of a collaboration with WBEZ, we reported on how a city decision to raise the cost of citations for not having a required vehicle sticker has led to more debt — and not much more revenue.

      We were able to tell these stories, in part, because we obtained the city of Chicago’s internal database for tracking parking and vehicle compliance tickets through a Freedom of Information request jointly filed by both news organizations. The records start in 2007, and they show you details on when and where police officers, parking enforcement aides, private contractors and others have issued millions of tickets for everything from overstaying parking meters to broken headlights. The database contains nearly 28.3 million tickets. Altogether, Chicago drivers still owe a collective $1 billion for these tickets, including late penalties and collections fees.

    • A first-timer’s guide to anonymously leaking information via SecureDrop

      Well, meet The IT Cooler. For there is no computer, printer or phone which I cannot jinx with my innate inability to log on, download, upload or any load, more or less.

      So, let me be frank, being tasked, as a guinea pig, with uploading a document to ICIJ’s SecureDrop did not fill the chambers of my heart with sparkledust.

      No, dear reader, I sallied forth with four heavy chambers in the center of my chest, certain in the knowledge that SecureDrop and I would never be BFFs. Never, ever.

  • Environment/Energy/Wildlife/Nature

  • Finance

    • ‘We Don’t Want to See People Who Are Homeless in Our Cities’

      In the winter of 2017, seven people were arrested in Florida for the crime of serving food to homeless people in a public park. Media didn’t take much notice, though one wire report explained that while you might think feeding the hungry sounds good, it’s “actually a legally complicated matter that could violate laws and even send you to jail.”

    • Besieged Facebook Says New Ad Limits Aren’t Response to Lawsuits

      Facebook’s move to eliminate 5,000 options that enable advertisers on its platform to limit their audiences is unrelated to lawsuits accusing it of fostering housing and employment discrimination, the company said Wednesday.

      “We’ve been building these tools for a long time and collecting input from different outside groups,” Facebook spokesman Joe Osborne told ProPublica.

      Tuesday’s blog post announcing the elimination of categories that the company has described as “sensitive personal attributes” came four days after the Department of Justice joined a lawsuit brought by fair housing groups against Facebook in federal court in New York City. The suit contends that advertisers could use Facebook’s options to prevent racial and religious minorities and other protected groups from seeing housing ads.

      Raising the prospect of tighter regulation, the Justice Department said that the Communications Decency Act of 1996, which gives immunity to internet companies from liability for content on their platforms, did not apply to Facebook’s advertising portal. Facebook has repeatedly cited the act in legal proceedings in claiming immunity from anti-discrimination law. Congress restricted the law’s scope in March by making internet companies more liable for ads and posts related to child sex-trafficking.

  • AstroTurf/Lobbying/Politics

    • Find out who’s manipulating you through Facebook political ads with ProPublica’s free tool
    • Facebook: Iran has been posting hundreds of fake pages since 2011
    • Louisiana Senate President Sank Ride-Sharing Bill. His Close Pal Sells Insurance to Cabs.

      Gordy Dove has begged Uber and Lyft to make their ride-sharing services available in Terrebonne Parish, where he serves as parish president.

      The sprawling coastal parish of 112,000 people is not easily walkable, and Dove worries about how students at colleges in the area will get home from the bars after they’ve had a few drinks.

      But the big ride-sharing companies aren’t coming to places like Houma, the parish’s biggest city, or many other parts of Louisiana anytime soon. That’s because Louisiana does not have legislation in place allowing them to operate. The state is one of only five that lacks such a law, instead requiring the companies to go through the costly and time-intensive process of getting approval in each locality.

      A bill to change that has garnered widespread and bipartisan support. It was backed by the governor, a Democrat, and sponsored by the House speaker, a Republican. It had 56 co-sponsors from both parties — nearly 40 percent of the state’s lawmakers — in both chambers and from all corners of the state. It was favored by the potent Louisiana Association of Business and Industry and other economic development groups.

    • Mass Media Is The Enemy Of The People Like The Cage Is The Enemy Of The Bird

      They say that Corbyn is a secret Nazi who loves antisemitism over and over and over again like it’s a real thing despite the complete absence of anything remotely resembling facts or evidence, then publish op-eds by ostensibly terrified mothers citing “accusations of antisemitism in the Labour party making headline news virtually every day” as the basis for her fear of her three year-old daughter winding up like Anne Frank. And then when this unconscionable behavior sees Corbyn decrying the mass media and pushing for reforms, the British press responds with headlines like “Corbyn is following the Donald Trump playbook on persecuting the media”.

    • Distorting Past and Present: Reuters on Nicaragua’s Armed Uprising

      From April 18 until late July 2018, an armed insurrection in Nicaragua left hundreds of people dead. The uprising, backed enthusiastically by private media outlets in Nicaragua (in particular one of its largest circulating newspapers, La Prensa, and the TV network 100%Noticias), was also supported by local NGOs funded by the US government through the National Endowment for Democracy (NED). The Trump administration and others (the EU parliament, UN officials) publicly backed the opposition’s version of events, as did Amnesty international and Human Rights Watch. Nicaraguan President Daniel Ortega and his supporters were held responsible for the vast majority of the “protest”-related deaths, and Ortega (who had been re-elected in 2016) was pressured at first to resign outright, and later to hold “early elections.”

      I examined 45 Reuters news articles about the uprising in Nicaragua since April 18, as the London-based wire service, whose news articles are widely reprinted throughout English-language Western media, provides a good sense of the ostensible facts about the conflict as portrayed by corporate journalism. The story conveyed by Reuters is that the Sandinista government is opposed to democracy and human rights in Nicaragua, while the US government supports these things. Various other sources, which may provoke less distrust than a US government led by Donald Trump, were cited in support of this scenario. But a closer look at the picture presented by Reuters reveals numerous distortions about Nicaragua’s past and present.

  • Censorship/Free Speech

    • The Web-Hosting Service for Sex Workers, by Sex Workers, Against SESTA/FOSTA

      That need took on sudden urgency in 2018 when the Stop Enabling Sex Traffickers Act and the Allow States and Victims to Fight Online Sex Trafficking Act came into effect. Alternately referred to as SESTA, FOSTA, or both (SESTA/FOSTA), these laws empower federal and state law-enforcement agencies to target websites that supposedly facilitate sex trafficking. But the legislation’s definition of trafficking is so broad that it has also ensnared sex workers who rely on digital platforms for their safety and livelihood. Sites that had previously been used by sex workers to vet clients, such as Backpage, were seized by the federal government; others, like Craigslist’s “Personals” sections, voluntarily shuttered; and now all kinds of online service providers, from social networks to blogging platforms, are booting users suspected of engaging in sex work.

    • Pakistan records protest with Netherlands against blasphemous cartoon competition

      The Foreign Office (FO) on Monday called the charge d’affaires of the Netherlands to record a protest against the “announcement by the leader of Dutch Freedom Party and Parliamentarian Geert Wilders to hold a competition of blasphemous caricatures.”

    • Sacrilegious sketches: Govt urged to sever diplomatic ties with the Netherlands

      The JI members gathered outside Peshawar Press Club. They burnt the flag of the Netherlands and portraits of a Dutch politician to express anger against the sacrilegious act.

      They were also holding banners and placards inscribed with slogans, asking the government to end diplomatic ties with the Netherlands.

    • Ban Trump, Twitter and Free Speech

      Chief among those opposing ideas they want silenced are Donald Trump’s. His remarks — from the silly, labeled unpresidential, to the more extreme labeled racist/sexist/misogynist/hateful — have attracted a surprising group of otherwise intelligent people demanding he be shut up.

    • Forget About Social Media Content Moderation; Get Ready For Internet Infrastructure Content Moderation

      The big topic du jour, of course, has been about content moderation on social media. But that may only be just the very beginning of where all of this heads. It didn’t get that much attention, but last week Microsoft threatened to take down all of Gab.ai based on some (really awful) posts on that site. Gab, if you don’t know, is the social network “alternative” that claims to be free speech supporting (even if that’s a bit of an exaggeration), when it really has basically become the home to all the assholes who have been kicked off of Twitter. It’s generally a cesspool of idiocy, so it’s not clear what suddenly inspired Microsoft — which hosts Gab on its Azure cloud platform — to suddenly speak up.

      As we’ve noted many times in the past, Microsoft, like any company, has certain rights, including First Amendment rights for what speech lives on its own computers and who it associates with. But, we’re talking about a different kind of ballgame when we start getting to the infrastructure level, rather than just talking about content moderation at the edge provider level. This hearkens back to the big post I did nearly a year ago when Cloudflare stopped providing service to the Daily Stormer. As I noted at the time, there were no easy answers, and the situation is incredibly complicated. Simply kicking bad services off the internet doesn’t make their hatred/ignorance/stupidity go away (and sometimes allows it to fester in even darker corners, where it can’t be monitored or countered).

      [...]

      And, as I wrote in last year’s post about the Cloudflare situation, I’m a lot more worried about infrastructure players suddenly deciding that they should have an editorial say as well, as that seems well beyond what role they should be playing. Yes, again, they have every right to stop working with services they dislike, but we should be discussing the potential impact of infrastructure players as censors. With edge services, one point that is regularly brought up is that if you don’t like how a service is running you can just go to another one or build your own. But that gets a lot more complicated when you get to the infrastructure level where you can’t just “build your own” and the number of options may be greatly limited.

      [...]

      Indeed, infrastructure providers are the next battleground, and we should start thinking about what that means earlier, rather than waiting until everything is a total mess.

    • Protecting Free Speech in Fearful Times

      In the absence of (1) people “capable of deliberating and choosing on the basis of knowledge,” (2) access to “authentic information,” and (3) evaluation based on “autonomous thought,” Marcuse argued that democracy veered towards a form of totalitarianism (pp. 95, 97): Under democracy “with totalitarian organization,” he observed, “radically negative news” is relegated to “an obscure place” and commitments to impartiality and objectivity unintentionally foster “a mental attitude which tends to obliterate the difference between true and false, information and indoctrination, right and wrong” (97).

      Recent controversies remind us all too clearly that anyone interested in promoting free speech must contend with the possibility that some speakers will abuse their license to it by making unthinking or dangerous remarks that could weaken or demolish democracy. Milo Yiannopoulos and Alex Jones, for example, have made careers for themselves by manufacturing controversy in order to generate attention. Jones has said that decisions by Facebook and other social media platforms to limit his access are part of “a war on free speech.” Similarly, as Steve Coll has observed in the New Yorker, Donald Trump and his far-right allies have “vigorously exploited the neutrality of social-media platforms.”

  • Privacy/Surveillance

    • ICANN appeals German court injunction rejection

      The internet overseer says the court was wrong to rule that it did not “sufficiently explain” or provide a “credible reason” why it wanted to force one of its registrars to collect data on new registrants

    • Facebook violates Apple’s data-gathering rules, pulls VPN from App Store

      Facebook is the latest company to violate Apple’s new app guidelines surrounding data collection. According to a report by The Wall Street Journal, Facebook pulled Onavo Protect, a VPN app, from Apple’s App Store after the iPhone maker determined that Onavo violated its data-collection rules.

    • Facebook Removed Their Spying VPN From The App Store (But It’s Still on Google Play)

      Facebook removed Onavo—a free VPN run by the social networking company—from the iOS App Store today. The voluntary move by Facebook was prompted by discussions with Apple about privacy policy.

      Onavo promises to help “secure your personal details” on the product’s website, but the VPN service exists primarily so Facebook can monitor user activity on rival sites. In other words, Facebook uses it to spy on you.

    • Facebook Removes Data-Security App From Apple Store

      Facebook Inc. pulled its data-security app from Apple Inc.’s app store after the iPhone maker ruled that the service violated its data-collection policies, according to a person familiar with the matter.

    • Apple Removes Facebook’s VPN App From App Store

      Apple has removed Facebook’s VPN app Onavo Protect after it violated Apple’s data collection policies.

      As reported by The Wall Street Journal, Apple warned Facebook that the VPN app does not comply with the new privacy rules set up in June this year. The latest set of regulations are charted to limit the data harvested by third-party apps.

    • Don’t Shoot Messenger

      Late last week, Reuters reported that Facebook is being asked to “break the encryption” in its Messenger application to assist the Justice Department in wiretapping a suspect’s voice calls, and that Facebook is refusing to cooperate. The report alarmed us in light of the government’s ongoing calls for backdoors to encrypted communications, but on reflection we think it’s unlikely that Facebook is being ordered to break encryption in Messenger and that the reality is more complicated.

      The wiretap order and related court proceedings arise from an investigation of the MS-13 gang in Fresno, California and is entirely under seal. So while we don’t know exactly what method for assisting with the wiretap the government is proposing Facebook use, if any, we can offer our informed speculation based on how Messenger works. This post explains our best guess(es) as to what’s going on, and why we don’t think this case should result in a landmark legal precedent on encryption.

    • Chinese Surveillance State Is Basically The US Surveillance Apparatus Minus The Constitutional Rights

      Reuters has a long, detailed examination of the Chinese surveillance state. China’s intrusion into the lives of its citizens has never been minimal, but advances in technology have allowed the government to keep tabs on pretty much every aspect of citizens’ lives.

      Facial recognition has been deployed at scale and it’s not limited to finding criminals. It’s used to identify regular citizens as they go about their daily lives. This is paired with license plate readers and a wealth of information gathered from online activity to provide the government dozens of data points for every citizen that wanders into the path of its cameras. Other biometric information is gathered and analyzed to help the security and law enforcement agencies better pin down exactly who it is they’re looking at.

    • Who Is Answering My Queries: Understanding and Characterizing Interception of the DNS Resolution Path

      In this paper, we perform a large-scale analysis of on-path DNS interception and shed light on its scope and characteristics. We design novel approaches to detect DNS interception and leverage 148,478 residential and cellular IP addresses around the world for analysis. As a result, we find that 259 of the 3,047 ASes (8.5%) that we inspect exhibit DNS interception behavior, including large providers, such as China Mobile. Moreover, we find that the DNS servers of the ASes which intercept requests may use outdated vulnerable software (deprecated before 2009) and lack security-related functionality, such as handling DNSSEC requests. Our work highlights the issues around on-path DNS interception and provides new insights for addressing such issues.

    • Court rules that you need a warrant to read someone’s smart meter

      A US JUDGE has ruled that any data collected by smart meters is protected by the Fourth Amendment, meaning any examination of that data constitutes a government search requirement.

    • Chrome’s anonymous browsing feature isn’t as secret as we assumed

      A researcher from Vanderbilt University in Nashville, Tennessee found that although the data collected appears to be anonymised, in reality, Google can retroactively identify it from the usernames and other account data used during the session.

  • Civil Rights/Policing

    • Women don’t have penises

      In Britain it might soon be a crime to express this scientific fact.

      Is it now a crime to tell the truth in Britain? It’s heading that way. At the weekend it was revealed that Merseyside Police are making ‘enquiries’ into a trans-sceptical group that distributed stickers saying ‘Women don’t have penises’. Yes, that’s right: the police, the actual police, are investigating a group for expressing what the vast majority of people consider to be a biological, social, actual fact: that if you have a penis you are not a female. What next: arrest people for saying the sky is blue or that Piers Morgan is a muppet?

    • Rotherham: the silencing of Muslim voices

      Rotherham is a town whose very name has become synonymous with the horrific cases of Child Sexual Exploitation (CSE) which have occurred there in recent years. The media narrative around these cases – appalling crimes committed by a tiny minority of the population – is so powerful that it has been extremely difficult to challenge or even question. However as Islamophobia escalates to an unprecedented level with Boris Johnson’s comments emboldening the far right and racists and poisonous tropes of Muslims as terrorists and sexual predators sweep the country, it becomes particularly important to do so.

      Once a thriving town built round coal mines and steel, Rotherham today is a bleak place. The coal mines are closed and the steel industry is in decline. Unemployment is high. However, as many people emphasise, until six or seven years ago, racial violence had never been an issue. The comparatively small Pakistani community had lived cheek by jowl with white people. As playwright Emteaz Hussain puts it, “we were a working class community struggling to make ends meet, everyone lived in close proximity, and we naturally found a way of getting on.”

    • Alabama Abortion Decision Raises Alarms Ahead of Kavanaugh Hearings

      This week, a federal appeals court struck down Alabama’s ban on a safe, medically proven abortion method. The decision shows just how high the stakes are ahead of next month’s Senate confirmation hearings for Brett Kavanaugh, President Trump’s nominee to the Supreme Court.

      In recent years, anti-abortion politicians across the country have enacted hundreds of dangerous restrictions aimed at preventing women from obtaining abortions. Alabama has been at the forefront of this coordinated national campaign, with politicians there enacting a multitude of restrictions designed to make it impossible for a woman to get the medical care she needs.

      The latest legal battle concerned Alabama’s ban on dilation and evacuation (D&E) abortions. On Wednesday, the Eleventh Circuit Court of Appeals affirmed a lower court order invalidating the ban. The statute we challenged in the case, West Alabama Women’s Center v. Miller, made it a crime for physicians to provide D&E abortions. Had Alabama been permitted to enforce the ban, it would have prevented hundreds of women each year from being able to have an abortion, because D&E is the only outpatient procedure that is available after the earliest weeks of the second trimester. As the trial court that heard the case explained, the state could not “justify such a substantial obstacle to the constitutionally protected right to terminate a pregnancy.” The Eleventh Circuit judges affirmed that decision, explaining that their “role is to apply the law the Supreme Court has laid down,” and as a result of previous Supreme Court’s decisions, the Alabama statute plainly could not stand.

    • Michigan teacher who runs porn site under investigation

      The Michigan Court of Appeals had ruled that a public school teacher can’t be fired for private behavior that doesn’t adversely affect students, the Free Press reported at the time.

    • Looking at the Archives From the Time of the 1968 Democratic National Convention in Chicago and Seeing Familiar Themes

      This week, ProPublica Illinois reporter Mick Dumke wrote a column about the letters people sent to Chicago Mayor Richard J. Daley after the 1968 Democratic National Convention, held in the city, praising him for how he and the police handled protesters. Amid demonstrations, violence broke out, and Daley attacked the press for its coverage of those events.

      In one letter that touches on what the convention came to represent, a national simmering point of truth, facts, police violence and Chicago’s reputation, the manager of the Shannon Rovers Irish Pipe Band — the “official band of Chicago’s St. Patrick’s Day Parade” — thanked Daley and said “we regret” the “biased coverage of the television media.”

      “We will do whatever we can as individuals and as a band to keep Chicago where it should be — the leading city in the nation — in education, in economic growth and in social justice,” the letter read.

      An independent report found that police violence was “often inflicted upon persons who had broken no law, disobeyed no order, made no threat.” And it concluded that Chicago police and Daley specifically targeted journalists during the clashes.

    • When They Decide to Get You

      Alex Salmond’s jeopardy has caused me a dreadful shudder of recognition and empathy. I too was accused of hideous offences under a civil service disciplinary code and barred from taking any action to defend myself. I was not allowed to speak to anybody at all about the charges, and particularly not allowed to know the identity of my accusers, or to organise witnesses in my defence – which appears the exact procedure which Alex Salmond now, with absolute justice, complains of. These Civil Service disciplinary investigations are contrary to all rules of natural justice, and designed to facilitate executive stitch-ups, not to uncover the truth.

      As with Alex Salmond, some of the accusations against me were hideous – offering visas in exchange for sex, for example. They were so hideous that the mental anguish of not being permitted to take any normal steps to defend myself caused me a mental breakdown. I know what Salmond must be feeling. I received psychiatric treatment in St Thomas’ Hospital for a condition called “learnt helplessness” – meaning it was the dreadful experience of having things done to me which I was not permitted to take any normal steps to counter, which caused my clinical depression.

      The charges against me were entirely fake and entirely vexatious, even malicious, issued after I had objected to British complicity in torture in the “War on Terror”, which the government denied at the time, calling me a liar, though now admits. The charges were designed to destroy my reputation. You can read the full story in my book “Murder in Samarkand”, widely available in libraries. I believe it conveys the anguish that “learnt helplessness” can cause.

      To be plain, I was told not to reveal the existence of the charges to anybody at all and specifically forbidden from contacting witnesses. Nevertheless the charges were such obvious nonsense they eventually collapsed and I was found not guilty of all eighteen charges – but found guilty of breaking the order to keep the charges secret, in organising my defence. Not keeping the charges secret is the only disciplinary offence of which I was ever convicted.

      The extreme Kafkaesque nature of this is only increased by the fact that the government themselves had revealed the charges in the widest possible manner, by leaking them to the Daily Mail, in the effort to permanently ruin my reputation. A number of the charges were sexual, such as having a secret flat to entertain prostitutes – again, totally untrue, but great for the tabloids. The use of false sexual allegations to destroy threats to the political elite is routinely deployed – Alex Salmond joins Julian Assange, Tommy Sheridan (whose recent court victories against the Murdoch press went totally unreported), Scott Ritter and myself among recent victims of this tactic.

  • Internet Policy/Net Neutrality

    • California’s Resurrected Net Neutrality Bill Just Passed a Major Hurdle
    • Just Because The Internet Didn’t Implode The Day After Repeal Doesn’t Mean Killing Net Neutrality Was A Good Idea

      By now we’ve well established that the FCC ignored the public, ignored the experts, and ignored all objective data when it killed net neutrality rules at the behest of telecom monopolies.

      While the vote to kill the rules occurred last year, the rules didn’t technically die until last June 11. And one common refrain by Pai and pals (and many folks who don’t understand how the broken telecom market works) is that because the internet didn’t immediately collapse upon itself post-repeal in a rainbow-colored explosion, that the repeal itself must not be that big of a deal. For example, Ajit Pai tried to make that point again last week at an FCC oversight hearing that was severely lacking in the actual oversight department.

    • Verizon Incompetence and Greed Leaves Firefighters Throttled During Wildfire

      As part of the settlement, Verizon was forced to reimburse consumers to the tune of $1 million after a nine-month investigation found it was advertising wireless connections as “unlimited,” but then kicking users off of the Verizon Wireless network for “excessive use”—without disclosing the hidden limits of these connections.

      Ten years later and it’s not clear that Verizon has learned much of anything from the experience.

      The company made headlines again this week after a brief filed by net neutrality advocates highlighted that Verizon had throttled the “unlimited” data connection of the Santa Clara County Fire Department as it struggled to battle the Mendocino Complex Fire, one of the largest forest fires in California’s history.

    • Verizon’s Throttling of Fire Fighters Could Go Unpunished Because the FCC Repealed the Open Internet Order

      People are mad about the revelation that Verizon throttled the wireless service of the Santa Clara Fire Department in the middle of fighting a massive fire. In response, Verizon is making the very narrow claim that this wasn’t a clear violation of the 2015 Open Internet Order’s ban on throttling. That intentionally misses the point. The 2015 order, by reclassifying ISPs under Title II of the Federal Communications Act, would have likely made what happened with the fire department illegal.

      Under the 2015 Open Internet Order, the Federal Communications Commission did two things. First, it established that all broadband Internet service providers were common carriers subject to the federal laws that protect consumers, promote competition, and guard user privacy. Second, it established a set of “net neutrality” rules based on its Title II authority through the bright line rules of “no blocking, no throttling, no paid prioritization” as well as a general conduct rule.

    • History of Gopher
    • Internet Relay Chat, or IRC, turns 30

      Internet Relay Chat, better known by its acronym IRC, is celebrating a birthday. In fact this year the chat protocol is turning 30, University of Oulu, the birthplace of IRC, reports.
      IRC was developed in University of Oulu in Finland in the late 80s. The messaging platform was created in the Computer Science department as a replacement for their BBS-based messaging platform called MultiUser Talk, or MUT.

      In August of 1988, exact date unknown, Computer Science student Jarkko Oikarinen released IRC, both server and client software, that he had developed over the summer. The first server was run by a Sun-3 computer in the Department of Information Processing Science lab.

    • Internet chat system IRC turns thirty

      IRC (Internet Relay Chat) was born at the Department of Information Processing Science of the University of Oulu 30 years ago. Jarkko Oikarinen developed the internet chat system back in 1988 in addition to his summer job. Today, people are still using IRC.

    • Senate Commerce Committee Holds FCC Oversight Hearing to Discuss Net Neutrality and Rural Broadband Deployment

      Last week the Senate Committee on Commerce, Science, and Transportation held a hearing to conduct oversight of the Federal Communications Commission (FCC). Although there was the typical overblown bickering over the FCC’s action on net neutrality rules taken in recent months under FCC Chairman Ajit Pai that one might expect, much of the day’s hearing focused on the poor quality of current broadband coverage maps employed by the FCC in distributing subsidies as well as the need to improve rural broadband deployment to reach millions of Americans living in rural communities.

    • Karl Grossman on Space Force, Evan Greer on Net Neutrality Cyber Fraud

      This week on CounterSpin: A popular internet meme says, “I have a question about Space Force; when is Flint getting clean water?” But while social media reflect complaints that the Trump administration’s plans to “address space as a developing war-fighting domain,” as Defense Secretary Jim Mattis has it, will mean still more resources channeled away from social programs to Warmongering, Inc., that line of questioning has so far had little place in corporate media coverage.

      We’ll talk about the prospect of war in space with longtime FAIR associate Karl Grossman, journalism professor at State University of New York/College at Old Westbury, and author of the books Weapons in Space and The Wrong Stuff: The Space Program’s Nuclear Threat to Our Planet, among others.

  • DRM

    • GOG Launches FCKDRM to Promote DRM-Free Art and Media

      GOG, the digital distribution platform for DRM-free video games and video, has launched a new initiative designed to promote content without embedded DRM. While Digital Rights Management is seen by many companies as necessary to prevent piracy, GOG believes that its restrictions are anti-consumer and run counter to freedoms that should exist alongside content ownership.

  • Intellectual Monopolies

    • Japan to extend design patent term by five years in bid to spark corporate creativity

      The Japan Patent Office (JPO) will ask the country’s legislature to extend design patent protection to 25 years during its next session, according to a report in Nikkei. The policy change has a dual aim of making Japanese companies more brand-conscious and enhancing coverage for innovations that combine visual and technical features, such as user interfaces.

    • A 5G iPhone will cost Apple about $21 in licensing fees to Nokia, Qualcomm, and others

      Nokia on Wednesday announced a flat, 3 euro ($3.48) per-device licensing fee for its 5G standards-essential patents, according to VentureBeat. That contrasts with Ericsson, which is charging on a sliding scale between $2.50 and $5 based on the cost of a device.

      Qualcomm, however, is licensing its 5G patents at 2.275 percent of a single-mode phone’s total price, and 3.25 percent for multi-mode phones, albeit with a $400 price cap.

      A modern smartphone could potentially be saddled with over $21 in combined royalty payments. Around $13 will go to Qualcomm regardless of any current spats.

    • Copyrights

      • Movie Company Sues Post-Production Studio For $5 Million For Leaking ‘Kickboxer’ Film That Grossed $5k Domestically

        It is no revelation that film studios have been in a sustained freakout for years over films that leak to the internet before they hit the theaters. While the freakout is somewhat understandable (nobody wants to plan out a film release only to have the product appear in a way outside those well-laid plans), much of the reasoning in the freakouts has to do with claims that the leaks eat into the profits the company would generate at the theater. This reasoning has been debunked many times over, most notably by AAA movies that leak online still making a killing at the box office. What should be immediately apparent is that much of this is driven by emotion and outrage rather than anything resembling facts or clear-thinking.

08.23.18

Links 23/8/2018: Mesa 18.2 RC4 Released, Bodhi Linux 5.0.0 Released

Posted in News Roundup at 6:19 am by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

  • The Back to School sale is on!

    For some of you, it is a time to return your educational institution and continue the important process of learning about the world around you—maybe for some of you it is the first time being part of higher education, while some of you might be long-time academic researchers and associates. For those who are sick of their thick laptops weighing down on their backpacks and who would also want something with security in mind, what better way to start the school year than with a Purism laptop?!

  • Desktop

    • Google Makes it Easier to Run Linux Apps on Chromebooks

      Have you been patiently waiting for the ability to run Linux apps on your Chromebook since word of Crostini first surfaced?

      If so, your patience is about to be well rewarded.

      Google is preparing to roll out this exciting Chrome OS feature as part of its next OS update, giving more users the opportunity to install and run Linux apps on their Chromebook.

    • This Week In Chrome: #madebygoogle Chromebooks, Linux Apps And We Get A Facelift

      The “Crostini Project” that brought Linux apps to Chromebooks has seemingly accelerated in development as of late. What appeared to be a developer-centric experiment, has quickly spread to a large number of Chrome devices and has already moved into the Beta Channel of Chrome OS.

      You can now install Linux apps on dozens of Chromebook models by the flipping a switch in the Beta channel and executing a few simple lines of code. Even more exciting is the fact that support for Debian files is here meaning you can simply download the application file you want and double-click to install just like you would on any other OS.

      If that’s not enough, you can even install the Gnome Software Center and install apps from the “store.” All of these combined will surely bring Linux apps to the forefront of Chrome OS’s usability and versatility.

    • Chrome OS 69 Will Finally Bring Linux Apps to Chromebooks, Night Light Support

      Chrome OS is Google’s Linux-based operating system for Chromebook devices, and the tech giant is currently testing support for installing and running Linux apps on Chrome OS, a feature that will be introduced to the masses with the next stable release of the operating system, Chrome OS 69, though it’ll still be available in a beta form.

      “Linux (Beta) for Chromebooks allows developers to use editors and command-line tools by adding support for Linux on a Chrome device,” said Google in the release notes. “After developers complete the set up, they’ll see a terminal in the Chrome launcher. Developers can use the terminal to install apps or packages, and the apps will be securely sandboxed inside a virtual machine.”

    • My 3 favorite Linux releases

      For the 25th anniversary of the Linux kernel, I gave a 25 years of Linux in 5 minutes lightning talk at All Things Open in Raleigh. As we approach the kernel’s 27th anniversary, I’d like to take a stroll down memory lane and look back at the three releases that have been most significant to me.

    • Google confirms many older Chromebooks won’t get Linux apps, including the 2015 Chromebook Pixel

      Google announced earlier this year that Linux apps would eventually be supported on Chrome OS. The feature has been available for months in the Canary and Dev channels, and now works on a variety of Chromebooks from multiple manufacturers. A merged pull request on the Chromium Gerrit now confirms that any device running the Linux kernel 3.14 (or older) will never get Linux app support.

      For context, Linux apps on Chrome OS run in a protected container, to prevent malicious software from interfering with the main system. This container requires features only found in recent versions of the Linux kernel, like vsock (which was added in Linux 4.8). Chromebooks usually stick with whatever kernel version they are shipped with, and many popular models are running older versions too old for containers.

  • Kernel Space

    • Linux 4.18.4
    • Linux 4.17.18
    • Linux 4.14.66
    • Linux 4.9.123
    • Linux 4.4.151
    • Linus Torvalds On Linux 4.19: “This Merge Window Has Been Horrible”

      While Linux 4.19 is slated to have a lot of new features as we have been covering now the past week and a half, Linus Torvalds is upset with these big pull requests and some of them being far from perfect — to the extent of being rejected.

      “So this merge window has been horrible,” began Torvalds’ latest kernel mailing list post. He went on to explain how he is not going to pull XArray support for Linux 4.19. He got turned off when he was going to look at the code because the XArray pull request was based upon the libnvdimm tree, which were changes Torvalds decided against pulling this cycle anyhow due to code quality concerns. And it was not communicated in the pull request why the XArray pull request was based against the libnvdimm changes, which led to another one of Torvalds’ famous email blasts.

    • More Tablet Touchscreen Support & ThinkPad Calculator Key Support Come To Linux 4.19

      The x86 platform driver work was merged today for the Linux 4.19 kernel merge window.

      Unless you were affected by one of the quirky devices now fixed up by the platform-drivers-x86 work, it mostly comes down to a random collection of hardware fixes and improvements. The changes range from the ThinkPad ACPI driver enabling support for the calculator key on at least some Lenovo laptops to the ASUS WMI drivers recognizing the lid flip event on the UX360 ZenBook Flip.

    • F2FS Enables Discard By Default, Performance Enhancements

      Jaegeuk Kim, the creator and lead developer of the Flash-Friendly File-System (F2FS), has finally submitted the big feature updates slated for the Linux 4.19 kernel merge window.

    • The importance of being noisy

      Hundreds (at least) of kernel bugs are fixed every month. Given the kernel’s privileged position within the system, a relatively large portion of those bugs have security implications. Many bugs are relatively easily noticed once they are triggered; that leads to them being fixed. Some bugs, though, can be hard to detect, a result that can be worsened by the design of in-kernel APIs. A proposed change to how user-space accessors work will, hopefully, help to shine a light on one class of stealthy bugs.

      Many system calls involve addresses passed from user space into the kernel; the kernel is then expected to read from or write to those addresses. As long as the calling process can legitimately access the addressed memory, all is well. Should user space pass an address pointing to data it should not be able to access — a pointer into kernel space, for example — bad things can happen.

    • The mismatched mount mess

      “Mounting” a filesystem is the act of making it available somewhere in the system’s directory hierarchy. But a mount operation doesn’t just glue a device full of files into a specific spot in the tree; there is a whole set of parameters controlling how that filesystem is accessed that can be specified at mount time. The handling of these mount parameters is the latest obstacle to getting the proposed new mounting API into the mainline; should the new API reproduce what is arguably one of the biggest misfeatures of the current mount() system call?

      The list of possible mount options is quite long. Some of them, like relatime, control details of how the filesystem metadata is managed internally. The dos1xfloppy option can be used with the FAT filesystem for that all-important compatibility with DOS 1.x systems. The ext4 bsddf option tweaks how free space is reported in the statfs() system call. But some options can have significant security implications. For example, the acl and noacl options control whether access control lists (ACLs) are used on the filesystem; turning off ACLs by accident on the wrong filesystem risks exposing files that should not be accessible.

    • New Intel Caching Feature Considered for Mainline

      Reinette Chatre of Intel posted a patch for a new chip feature called Cache Allocation Technology (CAT), which “enables a user to specify the amount of cache space into which an application can fill”. Among other things, Reinette offered the disclaimer, “The cache pseudo-locking approach relies on generation-specific behavior of processors. It may provide benefits on certain processor generations, but is not guaranteed to be supported in the future.”

      Thomas Gleixner thought Intel’s work looked very interesting and in general very useful, but he asked, “are you saying that the CAT mechanism might change radically in the future [that is, in future CPU chip designs] so that access to cached data in an allocated area which does not belong to the current executing context wont work anymore?”

      Reinette replied, “Cache Pseudo-Locking is a model-specific feature so there may be some variation in if, or to what extent, current and future devices can support Cache Pseudo-Locking. CAT remains architectural.”

    • RT Microconference Accepted into 2018 Linux Plumbers Conference

      We are pleased to announce that the RT Microconference has been accepted into the 2018 Linux Plumbers Conference! The Real-Time patch (also known as PREEMPT_RT) has been developed out of tree since 2004. Although it hasn’t yet been fully merged, several enhancements came to the Linux kernel directly as the result of the RT patch. These include, mutexes, high resolution timers, lockdep, ftrace, RT scheduling, SCHED_DEADLINE, RCU_PREEMPT, cross-arch generic interrupt logic, priority inheritance futexes, threaded interrupt handlers, to name a few. All that is left is the conversion of the kernel spinning locks into mutexes, and the transformation is complete. There’s talk about that happening by the end of this year or early next year.

    • Linux Foundation

      • Building in the Open: ONS Europe Demos Highlight Networking Industry Collaboration

        LF Networking (LFN), launched on January 1st of this year, has already made a significant impact in the open source networking ecosystem gaining over 100 members in the just the first 100 days. Critically, LFN has also continues to attract support and participation from many of the world’s top network operators, including six new members announced in May: KT, KDDI, SK Telecom, Sprint, Swisscom; and Deutsche Telekom announced just last month. In fact, member companies of LFN now represent more than 60% of the world’s mobile subscribers. Open source is becoming the de facto way to develop software and it’s the technical collaboration at the project level that makes it so powerful.

        Similar to the demos in the LFN Booth at ONS North America, the LFN Booth at ONS Europe will once again showcase the top, community-led, technical demos from the LFN family of projects. We have increased the number of demo stations from 8 to 10, and for the first time, are showcasing demos from the big data analytics project PNDA, and demos that include the newly added LFN Project, Tungsten Fabric (formerly OpenContrail). Technology from founding LFN Projects FD.io, ONAP, OPNFV, and OpenDaylight will also be represented, along with adjacent projects like Acumos, Kubernetes, OpenCI, Open Compute Project, and OpenStack.

        Building on the Virtual Central Office demo shown at the OPNFV Summit last year, a team from Red Hat and 10+ participating companies, including China Mobile, have expanded to show a mobile access network configuration using vRAN for the LTE RAN and vEPC built in open source. Another demo showcasing collaboration from 10+ companies, Orange will showcase their Orange OpenLab which is based on several LFN projects. OpenLab allows for the management of CI/CD pipelines, and provides a stable environment for developers. Other operator-led demos include CCVPN (Cross Domain and Cross Layer VPN), from China Mobile and Vodafone, that demonstrates ONAP orchestration capability; and a demo from AT&T showcasing the design, configuration, and deployment of a closed loop instance acting on a VNF (vCPE).

      • ​Cloud Foundry survey finds top enterprise languages

        Programmers may love hot newer languages like Kotlin and Rust, but according to a Cloud Foundry Foundation (CFF) recent survey of global enterprise developers and IT decision makers, Java and Javascript are the top dog enterprise languages.

        [...]

        This is coming hand-in-glove with the growth of cloud-native development. Multi-cloud users, for example, report using more developer languages, but the majority uses Java and JavaScript, followed by 50 percent saying they use C++.

        The CFF’s results are confirmed by RedMonk’s recent language rankings. RedMonk also placed Java and JavaScript at the top tier of development languages. Java is alive and well.

        In contrast to CFF’s findings, however, RedMonk found Python and PHP used more frequently than C# and C++, but only marginally. As RedMonk’s Stephen O’Grady wrote, “the numerical ranking is substantially less relevant than the language’s tier or grouping.” All four of these languages are alive and well.

      • The Linux Foundation Is Changing The Fabric Of Networking
      • Windmill Enterprise Joins the Linux Foundation

        Windmill Enterprise, developer of the Cognida network and platform with a focus on enterprise blockchain innovation, joined the Linux Foundation this week, and two projects – the Linux Foundation Networking community and EdgeX Foundry.

        Windmill joins existing Linux Foundation members like AT&T, Google, IBM and DellEMC, and companies including Samsung and Analog Devices who are working collaboratively with the EdgeX Foundry community to address complex issues at the edge of IoT and Industrial IoT networks.

        When mobile blockchain meets edge computing, IoT and IIoT developers have a decentralized data management framework available. Despite their being thousands of projects using blockchain in service today in finance, healthcare and logistics, its application in mobile services including IoT remains nascent.

      • Open Metrics Project Comes to the Cloud Native Computing Foundation

        The Cloud Native Computing Foundation (CNCF) is expanding its roster, announcing that it has accepted the Open Metrics project as a Sandbox effort.

        The CNCF Sandbox is a place for early-stage projects, and it was first announced in March. The Sandbox replaces what had originally been called the Inception project level.

        With Open Metrics, Richard Hartmann, technical architect at SpaceNet, Prometheus team member, and founder of OpenMetrics, aims to bring useful metrics to cloud-native deployments. At its core, Open Metrics is an effort to develop a neutral metrics exposition format.

        “OpenMetrics does not limit or define what metrics to send, on purpose,” Hartmann told ServerWatch. “What it does do is define an efficient way to transport those metrics over the wire, and a flexible and powerful way to attach information to them: label sets.”

    • Graphics Stack

      • Collabora’s Mesa EGLDevice Work To Better Support Multiple GPUs

        As covered earlier this month, Emil Velikov at Collabora has been working on EGLDevice support for Mesa. These EGL extensions originally developed by NVIDIA are being pursued by Mesa developers for better dealing with the enumeration and querying of multiple GPUs on a system.

        Right now there is the DRI_PRIME environment variable to allow toggling between systems primarily with two GPUs (namely, Optimus notebooks have been the main use-case) but using EGLDevice support by the Mesa drivers the matter of GPU selection for OpenGL rendering can be made by the application/toolkit developer and for other scenarios like multi-GPU systems running without a display server.

      • NVIDIA 396.54 Linux Driver Released To Fix A OpenGL/Vulkan Performance Bug

        One day after announcing the GeForce RTX 2070/2080 series, NVIDIA has released a new Linux driver. But it’s not a major new driver branch at this time (that’s presumably coming closer to the 20 September launch date) with the Turing GPU support, but is a point release delivering a practical bug fix.

        The sole change listed in today’s NVIDIA 396.54 driver update is, “Fixed a resource leak introduced in the 390 series of drivers that could lead to reduced performance after starting and stopping several OpenGL and/or Vulkan applications.”

      • Why Linux’s Direct Rendering Manager Won’t Add A Generic 2D Acceleration API

        Daniel Vetter of Intel’s Open-Source Technology Center team has written his first blog post in a while on Linux graphics. In this latest post he is answering why there isn’t a 2D user-space API in the Direct Rendering Manager (DRM) code.

        While Linux DRM has advanced on many fronts in the past few years, it doesn’t offer any generic 2D acceleration API. The reasons for that come down to there being no 2D acceleration standard akin to OpenGL/Vulkan for 3D (granted, there’s OpenVG for vector graphics and some other limited alternatives, but nothing as dominant), each hardware blitter engine being different, and other complexities that make 2D acceleration harder than one might otherwise think.

      • Vetter: Why no 2D Userspace API in DRM?

        On his blog, Daniel Vetter answers an often-asked question about why the direct rendering manager (DRM) does not have a 2D API (and won’t in the future)…

      • Why no 2D Userspace API in DRM?

        The DRM (direct rendering manager, not the content protection stuff) graphics subsystem in the linux kernel does not have a generic 2D accelaration API. Despite an awful lot of of GPUs having more or less featureful blitter units. And many systems need them for a lot of use-cases, because the 3D engine is a bit too slow or too power hungry for just rendering desktops.

        It’s a FAQ why this doesn’t exist and why it won’t get added, so I figured I’ll answer this once and for all.

      • mesa 18.2.0-rc4

        The forth release candidate for the Mesa 18.2.0 is now available.

        As per the issue tracker [1] we still have a number of outstanding bugs blocking the release.

      • Mesa 18.2-RC4 Released Due To Open Graphics Driver Bugs

        The fourth release candidate of Mesa 18.2 is out today rather than the final release due to open blocker bugs still persisting.

        Mesa 18.2-RC4 ships with 18 fixes ranging from GLSL compiler fixes, RADV Vulkan driver fixes, some Intel i965 work, EGL on Android, and various other not too notable bug fixes.

      • NVIDIA Talks Up GeForce RTX 2080 Series Performance, But No Linux Mentions

        -
        On Monday NVIDIA introduced the GeForce RTX 20 series while today they have begun making some more performance details of these Turing-powered GPUs succeeding the GeForce GTX 1000 “Pascal” series.

        NVIDIA has posted about how with the RTX 2080 graphics card it’s now possible to game at 60 FPS at 4K with HDR capabilities. They have also shared some relative performance metrics of the GTX 1080 vs. RTX 2080 vs. RTX 2080 with select games where their deep-learning DLSS is supported.

      • NVIDIA RTX / Ray-Tracing Support For Vulkan Coming Soon

        Given Monday’s press conference by NVIDIA where they launched the RTX 20 series and much of the two-hour-long event was focused on ray-tracing for games, you may be wondering about the state of Linux affairs…

        While the GeForce RTX 20 series should work fine with NVIDIA’s proprietary Linux driver come 20 September, NVIDIA’s RTX ray-tracing technology is still largely tied to Windows and Direct3D 12. But they are working on bringing support for RTX to Vulkan API and that frees it up to be supported on Linux.

      • NVIDIA 396.54 Linux Drivers Show Up to 20% Performance Increase After Memory Leak Fix

        While just yesterday NVIDIA released their 396.54 Linux driver update which some may overlook, its actually a significant performance update for Linux gamers – so definitely do not miss out on this update if you’re a Linux gamer using an NVIDIA card. NVIDIA released this 396.54 update specifically to address a resource leak that was plaguing the drivers back to the 390 series, and the resource leak was lowering performance after Vulkan and OpenGL applications had stopped and started on the system – though NVIDIA hasn’t gone into specific details regarding exactly why this was happening.

    • Benchmarks

      • NVIDIA 396.54 Linux Driver Offers Big Performance Boost For Frequent Gamers

        Yesterday NVIDIA released the 396.54 Linux driver update and while from being another point release might feel like a mundane update hot on the heels of the GeForce RTX 2070/2080 series debut, it’s actually a significant driver update for Linux gamers. Here are some benchmarks showcasing the performance fix that warranted this new driver release.

        As mentioned in yesterday’s article, the 396.54 was released to fix a resource leak that had been existent going back to the 390 series driver. This resource leak could lead to lower performance after several OpenGL or Vulkan applications have started/stopped on the system… That’s about all of the details they’ve made public. But in knowing that it was performance related and that they began investigating this issue when seeing some differences in Phoronix benchmark results compared to past articles and spent several weeks analyzing the issue, I fired up the 396.54 Linux driver right away for some game benchmarking.

      • Vive la différence! Threadripper 2 on Linux and Windows 10

        Windows 10 is much better at dealing with multithreaded tasks but Linux has been optimized for both high core counts and NUMA for quite a while, so looking at the performance difference is quite interesting. Phoronix tested a variety of Linux flavours as well as Windows 10 Pro and the performance differences are striking, in some cases we see results twice as fast on Linux as Win10. That does not hold true for all tests as there are some benchmarks which Windows excels at. Take a look at this full review as well as those under the fold for a fuller picture.

  • Applications

  • Desktop Environments/WMs

    • K Desktop Environment/KDE SC/Qt

      • Akademy 2018 in lovely Vienna!

        Attending Akademy – the annual KDE contributors summit – is always a quite intense experience. This year it happened from 11th to 17th August in the lovely city of Vienna, Austria. It was a quite special edition. We got a higher number of attendees, including some people who have been doing KDE things for more than a decade but only now had the chance to show up and talking to people in-person. In addition, we changed the conference program a bit, moving the reports for the Working Groups from the KDE e.V. General Assembly (restricted to KDE e.V. members) to the general Akademy schedule. Also, this year we introduced four training sessions covering topics not exactly technical but of paramount important for a community like KDE: Non-violent Communication, Online Fundraising and Campaigning, Documentation writing for non-writers, and Public Speaking Training.

      • Best Service

        How often do you meet your laptop vendor in person? Last year, I picked up a KDE Slimbook, and the machine has been great, acting as my development-box-on-the-go for lots of KDE travels. It has a few stickers, and some scratches, and the screen had gotten a bit wobbly by now .. so, at this year’s Akademy I stopped by the Slimbook stand, admired the newer Slimbook II (alas, the old one isn’t written off yet), and mentioned the wobbly screen.

      • New Kirigami communication channels

        Kirigami used to have a Telegram channel as its main communication channel. this is of course not optimal being a closed service and many potential contributors not having an account on Telegram.

      • KDE Plasma on ARM Laptop Pinebook

        In the last few years, smartphone hardware has become powerful enough to drive conventional desktop software. A developing trend is to create laptops using hardware initially designed for smartphones and embedded systems. There are distinct advantages to this approach: those devices are usually very energy efficient, so they can yield a long runtime on a single battery charge; they’re also rather inexpensive and lighter than conventional laptops.

      • KDE neon Linux Operating System Is Now Available for Pinebook 64-Bit ARM Laptops
      • KDE Neon With Plasma Ported & Optimized For Low-Cost 64-bit ARM Laptop
      • KDE neon on the $100 Pinebook

        The KDE neon team has been working with the Blue Systems hardware enablement team and the Pinebook developers to create the KDE neon Pinebook Remix. It uses our Bionic images built for arm64 to create a full featured slick desktop that runs on the best value hardware. The Pinebook comes at a low price but it’s a full laptop useful for watching videos, browsing the web or coding on KDE software. This could open up whole new markets to getting KDE software, a school which previously could only afford a couple of computers could now afford enough for a classroom, a family which previously had to share one computer could now afford a laptop for the children to learn how to code on. It’s quite exciting. And with the KDE Slimbook, neon now covers all ends of the market.

      • More Laptops

        One of the things to come out of Akademy is the first community release of the KDE neon Pinebook Remix image. I’ve been carrying around the Pinebook for some time — since FOSDEM, really, where I first met some of the Pine folks. At Akademy, TL was back and we (that’s a kind of royal “we”, because TL and Rohan and Bhushan and other people did all the hard work) got around to putting the finishing touches on the Pinebook image.

    • GNOME Desktop/GTK

      • Virtualization, Remote Connection Made Simple Using GNOME Boxes

        GNOME Boxes is an application which makes virtualization super simple. Targeted to entry level users, gnome boxes has managed to eliminate too many configurations and settings changes needed to connect to a remote or virtual machine. There are other virtual machine client available in Linux universe but they are complex and sometimes dedicated to advanced users.

      • 4 Neat New GTK Themes for Your Linux Desktop

        The new Yaru/Communitheme theme might be the talk of the Ubuntu town right now, but it’s not the only decent desktop theme out there.

        If you want to give your Linux desktop a striking new look ahead of the autumn then the following quad-pack of quality GTK themes might help you out.

        Don’t be put off by the fact you will need to manually install these skins; it’s pretty to install GTK themes on Ubuntu 18.04 LTS above, providing you set hidden folders to show (Ctrl + H) in Nautilus first.

      • Getting Things GNOME

        When I last visited the question of to-do lists, I settled on a command-line utility, todo.txt. It’s reasonably versatile…but I’ve found that I don’t use it.

        The first reason is that I’d really prefer a graphical user interface, not a flat text display. But also, I’ve found that I want a hierarchical organizer. I tend to group tasks into categories, and I plan by dividing major tasks into subtasks.

        So I was intrigued when I noticed, quite by chance, that my time-tracker software (Hamster) will integrate with two task managers: Evolution and Getting Things GNOME! (GTG). I’ve always thought of Evolution as massive overkill, but I’d never heard of GTG, so I thought I’d give that a try.

      • GNOME 3.30 Brings Back Desktop Icons with Nautilus Integration, Wayland Support

        Earlier this year, the GNOME devs decided to remove the ability of the Nautilus (Files) file manager to handle desktop icons, stating with the GNOME 3.28 release, promising to bring it back as soon as possible through a new implementation in the form of a GNOME Shell extension.

        As expected, users were skeptical about the new implementation if it will offer them the same level of convenience that the previous method provided via the Nautilus file manager. We said it before and we’ll say it again, desktop icons are he to stay for many years and they are not going to disappear.

      • Desktop Icons For The GNOME Shell Are Back With Beta Extension
      • Desktop icons goes beta

        Today I have good news for “classic mode” users and those used to desktop icons.

      • GNOME’s New ‘Desktop Icons’ Extension Enters Beta

        Anyone hesitant of upgrading to GNOME 3.28 because of its decision to remove desktop icons need worry no more.

        A new extension for GNOME Shell brings desktop icons support back to the GNOME desktop.

        It works almost exactly as you’d expect: you can see icons on your desktop and rearrange them; double-click on files/folders/apps to open them; right-click on an empty part of the desktop create a new folders or open a folder in the terminal; and perform basic file operations like copy and paste.

      • New Videos & New Opportunities

        Flatpak 1.0 has released which is a great milestone for the Linux Desktop. I was asked at GUADEC whether a release video could be in place. In response, I spontaneously arranged to produce a voice-over with Sam during the GUADEC Video Editing BoF. Since then, I have been storyboarding, animating and editing the project in Blender. The music and soundscape has been produced by Simon-Claudius who has done an amazing job. Britt edited the voice-over and has lended me a great load of rendering power (thanks Britt!).

      • Getting back into Outreachy

        Outreachy is a great organization that helps women and other minorities get involved in open source software. (Outreachy was formerly the GNOME Outreach Program for Women.) I’ve mentored several cycles in Outreachy, doing usability testing with GNOME. I had a wonderful time, and enjoyed working with all the talented individuals who did usability testing with us.

        I haven’t been part of Outreachy for a few years, since I changed jobs. I have a really hectic work schedule, and the timing hasn’t really worked out for me. Outreachy recently posted their call for participation in the December-March cycle of Outreachy. December to March should be a relatively stable time on my calendar, so this is looking like a great time to get involved again.

        I don’t know if GNOME plans to hire interns for the upcoming cycle of Outreachy, at least for usability testing. But I am interested in mentoring if they do.

        Following conversations with Allan Day and Jakub Steiner, from GNOME Design, I’m thinking about changing the schedule we would use in usability testing. In previous cycles, I set up the schedule like a course on usability. That was a great learning experience for the interns, as they had a ramp-up in learning about usability testing before we did a big usability project.

  • Distributions

    • They should have called it Mirrorball

      TL;DR: there’s now an rsync server at rsync://images-dl.endlessm.com/public from which mirror operators can pull Endless OS images, along with an instance of Mirrorbits to redirect downloaders to their nearest—and hopefully fastest!—mirror. Our installer for Windows and the eos-download-image tool baked into Endless OS both now fetch images via this redirector, and from the next release of Endless OS our mirrors will be used as BitTorrent web seeds too. This should improve the download experience for users who are near our mirrors.

      If you’re interested in mirroring Endless OS, check out these instructions and get in touch. We’re particularly interested in mirrors in Southeast Asia, Latin America and Africa, since our mission is to improve access to technology for people in these areas.

    • New Releases

      • Bodhi Linux 5.0.0 Released

        Today I am very pleased to share the hard work of the Bodhi Team which has resulted in our fifth major release. It has been quiet the journey since our first stable release a little over seven years ago and I am happy with the progress this projected has made in that time.

        For those looking for a lengthy change log between the 4.5.0 release and 5.0.0, you will not find one. We have been happy with what the Moksha desktop has provided for some time now. This new major release simply serves to bring a modern look and updated Ubuntu core (18.04) to the lightning fast desktop you have come to expect from Bodhi Linux.

      • Lightweight Linux Distribution Bodhi Linux 5.0 Released

        It has been a few years of good progress for Bodhi Linux. It is always interesting to see what a lightweight Linux distribution has to offer.

      • Bodhi Linux 5.0 Promises a Rock-Solid Moksha Desktop on Top of Ubuntu 18.04 LTS

        Bodhi Linux developer Jeff Hoogland announced today the release and general availability of the final Bodhi Linux 5.0 operating system series for 32-bit and 64-bit platforms.

        Based on Canonical’s long-term supported Ubuntu 18.04 LTS (Bionic Beaver) operating system series, Bodhi Linux 5.0 promises to offer users a rock-solid, Enlightenment-based Moksha Desktop experience, improvements to the networking stack, and a fresh new look based on the popular Arc GTK Dark theme, but colorized in Bodhi Green colors.

      • Bodhi Linux 5.0 Arrives with Moksha Desktop Improvements

        The latest version of the lightweight Linux distribution includes a modest set of changes mainly concerned with aesthetics. The main lure for users will be the foundational upgrade to Ubuntu 18.04 LTS ‘Bionic Beaver’.

        “We have been happy with what the Moksha desktop has provided for some time now. This new major release simply serves to bring a modern look and updated Ubuntu core (18.04) to the lightning fast desktop you have come to expect from Bodhi Linux,” Bodhi developer Jeff Hoagland writes in his release announcement.

      • Bodhi Linux 5.0.0 now available with Ubuntu 18.04 base

        One of the best things about there being so many Linux distributions, is it can be fun to try them all. Believe it or not, “distro-hopping” is a legit hobby, where the user enjoys installing and testing various Linux-based operating systems and desktop environments. While Fedora is my reliable go-to distro, I am quite happy to try alternatives too. Hell, truth be told, I have more fun trying distributions than playing video games these days, but I digress.

        A unique distribution I recommend trying is the Ubuntu-based Bodhi Linux. The operating system is lightweight, meaning it should run decently on fairly meager hardware. It uses a desktop environment called “Moksha” which is very straightforward. The Enlightenment 17 fork is a no-nonsense DE that both beginners and power users will appreciate. Today, version 5.0.0 finally becomes available. This follows a July release candidate.

      • UBOS Beta 15: status LEDs, Pagekite and Staff improvements
      • UBOS Linux beta 15: status LEDs, Pagekite and Staff improvements

        Two important conferences are coming up:

        * the Nextcloud conference in Berlin, Germany, from August 23 to 30, and
        * the MyData.org conference in Helsinki, Finland, August 29-31.

        We’ll be at both, and just in time, we are proud to release UBOS beta 15!

        Here are some highlights:

        * Boot your Raspberry Pi from USB, not just an SDCard
        * The UBOS Staff has learned a very convenient new trick
        * UBOS now drives the LEDs on Intel NUCs and the Desktop Pi enclosure for the Raspberry Pi
        * Access your device from the public internet through Pagekite integration

        For more info, read the detailed release notes here: https://ubos.net/docs/releases/beta15/release-notes/

      • Freespire 4.0, Mozilla Announces New Fellows, Flatpak 1.0, KDevelop 5.2.4 and Net Neutrality Update

        Freespire 4.0 has been released. This release brings a migration of the Ubuntu 16.04 LTS codebase to the 18.04 LTS codebase, which adds many usability improvements and more hardware support. Other updates include intuitive dark mode, “night light”, Geary 0.12, Chromium browser 68 and much more.

      • Omarine 4.0 released!
    • Red Hat Family

      • Red Hat Enterprise Linux 7.6 Beta now available

        The hybrid cloud requires a consistent foundation and today, we are pleased to refine and innovate that foundation with the availability of Red Hat Enterprise Linux 7.6 beta. The latest update to Red Hat Enterprise Linux 7 is designed to deliver control, confidence, and freedom to demanding business environments, keeping pace with cloud-native innovation while supporting new and existing production operations across the many footprints of enterprise IT.

        As Red Hat’s Paul Cormier states, the hybrid cloud is becoming a default technology choice. Enterprises want the best answers to meet their specific needs, regardless of whether that’s through the public cloud or on bare metal in their own datacenter. Red Hat Enterprise Linux provides an answer to a wide variety of IT challenges, providing a stable, enterprise-grade backbone across all of IT’s footprints – physical, virtual, private cloud, and public cloud. As the future of IT turns towards workloads running across heterogeneous environments, Red Hat Enterprise Linux has focused on evolving to meet these changing needs.

      • Red Hat Enterprise Linux 7.6 Beta Updates Cockpit, Adds Podman
      • Red Hat Enterprise Linux 7.6 beta is out now
      • Red Hat Enterprise Linux 7.6 Enters Beta with Linux Container Innovations, More

        Red Hat announced today the availability of Red Hat Enterprise Linux 7.6 operating system for beta testing for Red Hat Enterprise Linux customers.

        Red Hat Enterprise Linux 7.6 is the sixth maintenance update in the Red Hat Enterprise Linux 7 operating system series, promising innovative technologies for Linux containers and enterprise-class hybrid cloud environments, new security and compliance features, as well as improvements in the management and automation areas.

        “The latest update to Red Hat Enterprise Linux 7 is designed to deliver control, confidence, and freedom to demanding business environments, keeping pace with cloud-native innovation while supporting new and existing production operations across the many footprints of enterprise IT,” said Red Hat in today’s announcement.

      • Open source key in federal IT modernization, adoption of emerging tech

        There’s no pause button for agencies as they modernize systems — they must maintain critical legacy services while developing new platforms, which can make modernization a doubly tough proposition.

        Open source technologies, however, can help to lighten that load, says Adam Clater, chief architect of Red Hat’s North American public sector business.

        “Open source in the current climate is very much on the tip of everyone’s tongue. As the federal government looks to dig themselves out of the technical debt and focus on modernization, as well as delivering new services to their end users, at the end of the day they do have to continue the business of the government,” said Clater. “There’s a very natural affinity toward open source technologies as they do that because open source technologies are really at the forefront of the innovation we’re seeing.”

        Because of this, Clater says he’s seen a surge in adoption of open source technology in the federal government in recent years.

        “I think the government is ratcheting up their participation in open source communities,” he told FedScoop. “They’ve long been participants and contributors, but with Code.gov and the memorandum around open source and open sourcing of government code, I think they’re really leaning in as both a contributor and a consumer of open source while partnering with industry in a lot of that adoption.”

      • How open source should transform your product development strategy

        It’s a bit surprising that no one else seems to be following Red Hat’s lead. For a company that pulled in a very profitable $3 billion in its last fiscal year, and is on track to top $5 billion, Red Hat does a lot of things right. Perhaps most interestingly, however, is how it does product development.

        As Red Hat CEO Jim Whitehurst has said: “Five years ago we didn’t know the technologies we’d be using today, and we don’t know what will be big in five years time.” That’s true of all companies. What’s different for Red Hat, however, is how the company works with open source communities to invent the future.

      • Mozilla Announces Major Improvements to Its Hubs Social Mixed Reality Platform, Windmill Enterprise Joins The Linux Foundation, Cloud Foundry Survey Results, New Bodhi Linux Major Release and Red Hat Linux 7.6 Now Available

        Red Hat Linux 7.6 beta is now available. According to the Red Hat blog, “Red Hat Enterprise Linux 7.6 beta adds new and enhanced capabilities emphasizing innovations in security and compliance features, management and automation, and Linux containers.” See the Release Notes for more information.

      • Maxta, Red Hat, Intel Team Up for Hyperconverged ‘(Un)Appliance’

        Hyperconverged storage software maker Maxta on Aug. 22 introduced a new appliance with a specific function: to run its software on Red Hat Linux’ virtualization framework.

        This is a pre-configured system—called a Hyperconverged (Un)Appliance—consisting of Red Hat and Maxta software bundled together on Intel Data Center Blocks hardware. The joint package provides appliance-based hyperconvergence benefits without the disadvantages conventional systems have to endure, such as costs for refreshing, upgrading, VMware licensing and proprietary virtualization.

        Hyperconverged (Un)Appliances collapse servers, storage and networking into a single server tier that is used to run virtual machines and containers, Maxta said. Storage is configured automatically when VMs or containers are created, allowing administrators to focus on managing applications rather than storage.

      • Maxta Introduces Hyperconverged “(Un)Appliance” with Maxta and Red Hat Virtualization Pre-Configured on Intel® Data Center Blocks Hardware

        -Maxta Inc., a leading provider of hyperconvergence software, today introduced a Hyperconverged “(Un)Appliance” for Red Hat Virtualization, a pre-configured system of Red Hat Virtualization software and Maxta Hyperconvergence software bundled together on Intel® Data Center Blocks hardware. This joint solution provides all the advantages of appliance-based hyperconvergence without any of the disadvantages – there’s no refresh tax, no upgrade tax, no VMware tax, and no proprietary virtualization.

      • Ready to adapt: Providing applications and services worldwide easily and quickly

        The automobile industry is undergoing the biggest transformation in its 100-plus year history – and automotive trade is changing just as dramatically. Digitization has become at once a major competitive factor and a catalyst, influencing every company in the industry, while simultaneously proving to be a resource to be taken advantage of. Companies wishing to benefit from it should prepare to adapt organizationally, culturally, and technically while being able to manage the resulting changes.

        In many ways, digitization means that companies must orient themselves to the needs of the customers economically, strategically, and technically. This customer-centric focus runs through all value chains company-wide as well as the respective individual divisions of every company, from development and production to sales and service.

      • New Red Hat Product Security OpenPGP key

        Red Hat Product Security has transitioned from using its old 1024-bit DSA OpenPGP key to a new 4096-bit RSA OpenPGP key. This was done to improve the long-term security of our communications with our customers and also to meet current key recommendations from NIST (NIST SP 800-57 Pt. 1 Rev. 4 and NIST SP 800-131A Rev. 1).

        The old key will continue to be valid for some time, but it is preferred that all future correspondence use the new key. Replies and new messages either signed or encrypted by Product Security will use this new key.

      • Reducing data inconsistencies with Red Hat Process Automation Manager

        Managing data reconciliation through a specific process is a common necessity for projects that require Digital Process Automation (formerly known as Business Process Management), and Red Hat Process Automation Manager helps to address such a requirement. This article provides good practices and a technique for satisfying data reconciliation in a structured and clean way.

        Red Hat Process Automation Manager was formerly known as Red Hat JBoss BPM Suite, so it’s worth mentioning that jBPM is the upstream project that fuels Process Automation Manager. The blog post From BPM and business automation to digital automation platforms explains the reasons behind the new name and shares exciting news for this major release.

      • Finance

      • Fedora

        • Flatpak Linux app distributor is now ready for prime time

          The Flatpak framework for distributing Linux desktop applications is now in prodaction release, after three years of beta status. The framework, originally called XDG-app, is intended to make Linux more attractive to desktop app developers. Applications built as a Flatpak can be installed on just about any Linux distribution.

          The open source FlatPak can be used by different types of desktop applications and is intended to be as agnostic as possible when it comes the building of applications. There are no requirements for languages, build tools, or frameworks. Users can control app updates. Flatpack uses familiar technologies such as the Bubblewrap utility for setting up containers and Systemd for setting up Linux cgroups (control groups) for sandboxes.

        • Fedora 29 FESCO Approval Highlights from This Week, and Fedora 30 Release Schedule Confirmed

          The members of the Fedora Engineering and Steering Committee have not only recently approved the Fedora 30 release schedule proposal, they have just recently approved a handful of Fedora 29 features.

          Fedora 29 won’t be shipping until the end of October, but the Fedora 30 release schedule was confirmed to be around April 30th to May 7th of next year – the developers are planning on a massive and lengthy rebuild to occur around the end of January, then change checkpoint completion deadline by middle of February, beta freeze in early March, beta release towards the end of March, and the final freeze around the middle of April.

        • Fedora 30 Release Schedule Finalized, Aiming For A 30 April Debut

          While Fedora 29 isn’t shipping until the end of October, the release schedule for Fedora 30 was firmed up this week at the Fedora Engineering and Steering Committee meeting.

          The approved schedule is aiming for the Fedora 30 Linux release to happen on 30 April but with a pre-planned fallback date of 7 May.

        • Bodhi 3.9.0 released
        • PHP on the road to the 7.3.0 release

          Version 7.3.0beta2 is released. It’s now enter the stabilisation phase for the developers, and the test phase for the users.

          RPM are available in the remi-php73 repository for Fedora ≥ 27 and Enterprise Linux ≥ 6 (RHEL, CentOS) and as Software Collection in the remi-safe repository (or remi for Fedora)

        • Xfce 4.13 Approved For Fedora 29 Along With Other Late Change Proposals

          In addition to approving the Fedora 30 release schedule proposal, the members of the Fedora Engineering and Steering Committee have approved this week a number of Fedora 29 features.

        • Flock 2018 trip report

          A presentation from Jim Perrin and Matt Miller revealed that Fedora and CentOS dist-git will be tied together. This change will likely provide an opportunity to do crazy, awesome and beautiful stuff. But the key thing is to have a single dist-git deployment instead of 2 at start. Once that’s done, we may start thinking about what to do with it.

          Also Brian Stinson described the CI effort to validate all Fedora packages using CentOS CI infrastructure. Good updates, we seem to be getting really close to a system where all of us can write tests for their packages easily and run them on builds. Brian promised that short term we should be getting notifications from the pipeline and documentation. Can’t wait!

    • Debian Family

      • Debian Developers Discuss Process For Salvaging Packages

        While Debian has tens of thousands of packages in its archive and users often tend to cite the size of a package archive as one of the useful metrics for evaluating a OS/distribution or package manager’s potential, not all packages are maintained the same. In acknowledging that not all packages are maintained to the same standard and some ultimately slip through the cracks, Debian developers are discussing a salvaging process.

        Like other distributions, Debian has processes in place already for orphaning packages when a maintainer disappears or voluntarily gives up maintaining a particular package. But this proposed package salvaging process is for poorly maintained or completely unmaintained packages that aren’t in an orphaned state — the process to salvage a package to improve its quality would be “a weaker and faster procedure than orphaning.” The package maintainers could simply be preoccupied for a number of months, lost interest in the particular package and not pursued orphaning, etc.

      • Reasons Why Debian Is Crucial To Linux History

        That August 16, 1993, a young Ian Murdock announced on Usenet “the imminent completion of a new version of Linux which I will call Debian Linux Release.”
        Murdock, of course, had no idea that Debian would end up becoming an institution in the Linux world. This distribution, mother of many others (Ubuntu included), has completed 25 splendid years that have confirmed it as a crucial development in the world of Linux and Open Source.

      • Linux Vacation Eastern Europe 2018

        On Friday, I will be attending LVEE (Linux Vacation Eastern Europe) once again after a few years of missing it for various reasons. I will be presenting a talk on my experience of working with LAVA; the talk is based on a talk given by my colleague Guillaume Tucker, who helped me a lot when I was ramping up on LAVA.

        Since the conference is not well known outside, well, a part of Eastern Europe, I decided I need to write a bit on it. According to the organisers, they had the idea of having a Linux conference after the newly reborn Minsk Linux User Group organised quite a successful celebration of the ten years anniversary of Debian, and they wanted to have even a bigger event. The first LVEE took place in 2005 in a middle of a forest near Hrodna.

      • DebConf18 video work

        For personal reasons, I didn’t make it to DebConf18 in Taiwan this year; but that didn’t mean I wasn’t interested in what was happening. Additionally, I remotely configured SReview, the video review and transcoding system which I originally wrote for FOSDEM.

      • Derivatives

        • Looking for a new OS? Try these Debian Linux-based systems

          The Linux-based OS Debian is 25 years old, and during its lifetime this child of the 90s has spawned its own family of operating systems.

          Debian derivatives come in all shapes and sizes, from user-friendly Linux Mint to the macOS replacement Elementary OS to the privacy-centric Tails.

          This gallery rounds up some of the most notable and popular Debian derivatives, as highlighted by The Debian Project and DistroWatch.

        • Devuan is a Linux Distro Without systemd. Why Should You Use It?

          Devuan is a fork of the popular Debian Operating System upon which Ubuntu is based. It was first released in November 2014 with the aim of providing Linux users with a distro that doesn’t have the systemd daemon installed by default.

          Although Devuan started when Debian adopted systemd but didn’t have a stable release until last year, 2017 in line with the release of Debian 9.

          Because Devuan is virtually a replica of Debian except that it doesn’t use systemd, this article will be to highlight the differences between both OSes (starting with the most important,) so that you can see why you may prefer one over the other.

        • Canonical/Ubuntu

          • Ubuntu Server development summary – 21 August 2018

            The purpose of this communication is to provide a status update and highlights for any interesting subjects from the Ubuntu Server Team. If you would like to reach the server team, you can find us at the #ubuntu-server channel on Freenode. Alternatively, you can sign up and use the Ubuntu Server Team mailing list.

          • Flavours and Variants

            • After Adopting LXQt, Lubuntu Is Switching to Wayland by Default for Ubuntu 20.10

              Like its bigger brother Ubuntu and other official flavors, Lubuntu is still using the old X.Org Server by default, though nothing stops users to switch to Wayland if they want a more secure and capable display server for their computers, but that’s about to change in the coming years as Lubuntu will adopt Wayland by default.

              Ubuntu already tried to move to Wayland by default with the now deprecated Ubuntu 17.10 (Artful Aardvark) release, but it had to switch back to X.Org Server and put Wayland on the back seat as an alternative session, which users can select from the login manager, with the Ubuntu 18.04 LTS (Bionic Beaver) release.

  • Devices/Embedded

Free Software/Open Source

  • Will a new, open source Twitter replace the flawed old one?

    If you type Mastodon into Google around now you’ll probably happen upon a hairy chap called Brent Hinds who is apparently selling off his huge collection of guitars and amplifiers. For as well as being a prehistoric elephant, Mastodon is a beat combo and, latterly, a newish social network being promoted as “Twitter without the Nazis” or, less hysterically, “Twitter minus its bad bits”.

    Mastodon was launched in August 2016 and received a guarded welcome. People got the idea: Mastodon was community owned, open source, decentralised, no advertising, no tracking, and no hate speech (probably) sort of outfit.

    Unlike Twitter, Mastadon comprises software ‘instances’, so it’s a federation of little sites which self-administer. If you live mostly in one instance, that doesn’t stop you from following and being followed by members of other instances.

  • What is a ‘living’ application?

    Essentially open source Business Process Management (BPM) software company Bonitasoft has introduced its Bonita 7.7 iteration release.

    This is BPM software with Intelligent Continuous Improvement (ICI) and Continuous Delivery (CD) capabilities.

    The company says that its ICI play here is a route to building what it has called adaptable ‘living’ applications.

    A living application then being one that can deliver changes in terms of continuous improvement, continuous integration, continuous deployment and continuous connectivity.

  • Open-source tool simplifies DNS rebinding

    A new open-source tool designed to make DNS rebinding attacks easier has been released.

    The kit, dubbed ‘singularity of origin’, was launched last week by a team from NCC Group.

    It simplifies the process of performing a DNS rebinding attack, where an attacker is able to takeover a victim’s browser and break the single origin policy. This effectively allows an attacker to mask as the victim’s IP address and potentially abuse their privileges to access sensitive information.

    The tool was created with pentesters in mind, and to increase awareness for developers and security teams on how to prevent DNS rebinding, the tool’s creators said.

    NCC Group’s Gerald Doussot and Roger Meyer, who wrote the tool, told The Daily Swig: “Many developers think it’s safe to write software that has debug services listening only locally, but we’ve had several engagements where we were able to remotely compromise applications using DNS rebinding.

  • Open source community accelerates Akraino development for Edge Computing

    One of the most fascinating open networking projects to emerge earlier this year is the AT&T-initiated Akraino Edge Stack, which is being managed by the Linux Foundation. The objective of the Akraino project is to create an open source software stack that supports high-availability cloud services optimised for edge computing systems and applications.

    The project has now moved into its execution phase to begin technical documentation and is already backed and supported by a strong group of telecoms operators and vendors. They include Arm, AT&T, Dell EMC, Ericsson, Huawei, Intel, Juniper Networks, Nokia, Qualcomm, Radisys, Red Hat and Wind River.

  • Progress Open Sources ABL Code with Release of Spark Toolkit

    Progress, a provider of application development and digital experience technologies, has released the Progress Spark Toolkit, a set of open source ABL code and recommended best practices to enable organizations to evolve existing applications and extend their capabilities to meet market demands.

    Previously only available from Progress Services, the Spark Toolkit was created in collaboration with the Progress Common Component Specification (CCS) project, a group of Progress OpenEdge customers and partners defining a standard set of specifications for the common components for building modern business applications. By engaging the community, Progress says it has leveraged best practices in the development of these standards-based components and tools to enable new levels of interoperability, flexibility, efficiencies and effectiveness.

  • Open Source ABL code release with Spark Toolkit

    Progress has announced the release of Progress Spark Toolkit, a set of open source Advanced Business Language (ABL) code and recommended best-practices to enable organizations to evolve existing applications and extend their capabilities to meet market demands.

  • Foundries.io promises standardized open source IoT device security

    IoT devices currently lack a standard way of applying security. It leaves consumers, whether business or individuals, left to wonder if their devices are secure and up-to-date. Foundries.io, a company that launched today, wants to change that by offering a standard way to secure devices and deliver updates over the air.

    “Our mission is solving the problem of IoT and embedded space where there is no standardized core platform like Android for phones,” Foundries.io CEO George Grey explained.

  • Foundries.io delivers secure IoT
  • Foundries.io Launches microPlatforms for an Always-Secure Internet of Things

    Emerging from two years in stealth mode, Foundries.io™ today announced the world’s first commercially available, continuously updated LinuxⓇ and Zephyr™ microPlatform™ distributions for the embedded, IoT, edge and automotive markets. Supported by a newly announced partner program, these microPlatforms™ enable devices from light bulbs to connected cars to always be secure and updated to the latest available firmware, operating system and application(s).

  • Managed Linux and Zephyr distros for IoT offer OTA and container tech

    A Linaro spinoff called Foundries.io unveiled a continuously updated “microPlatforms” IoT service with managed Linux and Zephyr distros. The Linux platform is based on OE/Yocto and Docker container code.

    A Cambridge, UK based startup called Foundries.io, which is funded by Linaro and led by former Linaro exec George Grey, has launched a microPlatforms service with managed, subscription-based Linux and Zephyr distributions. The microPlatforms offering will target IoT, edge, and automotive applications, and provide continuous over-the-air (OTA) updates to improve security.

    The distributions are designed to work with any private or public cloud platform, with the microPlatform cloud service acting as an intermediary. The microPlatforms packages include firmware, kernel, services, and applications, “delivered continuously from initial product design to end-of-life,” says Foundries.io.

  • Foundries.io Tightens Edge, IoT Integration to Boost Security

    oundries.io emerged from stealth with the notion that tight integration and instant software updates are the best security for edge, embedded, and IoT devices.

    That philosophy is behind the company’s “microPlatforms” software that target devices running Linux or Zephyr distributions for the embedded, IoT, connected device, and edge markets. The Foundries.io platform allows for security and bug fix updates to be immediately sent to those devices. The software includes firmware, kernel, services, and application support, with Foundries.io handling the engineering, testing, and deployment of those updates.

  • Startup Drives Open Source to IoT

    A startup formed by members of Linaro wants to be the Red Hat of the Internet of Things, delivering configurations of Linux and the Zephyr RTOS for end nodes, gateways and cars. Foundries.io aims to provide processor-agnostic code with regular updates at a time when IoT developers have a wide variety of increasingly vendor-specific choices.

    “Today every IoT product is effectively a custom design that has to be tested and maintained, and we believe that causes huge fragmentation. Our concept is to make it as easy to update an embedded product as to update a smartphone, so you don’t need a security expert,” said George Grey, chief executive of Foundries.io.

  • State Certifies LA County’s New Open-Source Vote Tally System

    Los Angeles County’s open-source vote tally system was certified by the secretary of state Tuesday, clearing the way for redesigned vote-by-mail ballots to be used in the November election.

    “With security on the minds of elections officials and the public, open-source technology has the potential to further modernize election administration, security and transparency,” Secretary of State Alex Padilla said. “Los Angeles County’s VSAP vote tally system is now California’s first certified election system to use open-source technology. This publicly-owned technology represents a significant step in the future of elections in California and across the country.”

    The system — dubbed Voting Solutions for All People (VSAP) Tally Version 1.0 — went through rigorous security testing by staffers working with the secretary of state as well as an independent test lab, according to county and state officials.

  • LA County gets state approval of new vote-counting system using open source software
  • LA County OKs Open-Source Election System
  • LA County OKs Open-Source Election System

    California Secretary of State Alex Padilla’s office has certified the first open-source, publicly owned election technology for use in Los Angeles County — “a significant step in the future of elections in California and across the country.”

    The system is known as Voting Solutions for All People (VSAP) Tally Version 1.0. Its certification will allow Los Angeles County to use its newly designed Vote By Mail (VBM) ballots in the November election.

    County Registrar-Recorder/County Clerk Dean Logan, in the news release from Padilla’s office, said the new system will ensure accurate and secure counting of ballots.

    Logan’s office will begin distributing the new ballots on Oct. 9. Each voter’s packet will include a ballot, a postage-paid return envelope, a secrecy sleeve and an “I Voted” sticker.

    “As part of the certification process, the system went through rigorous functional and security testing conducted by the Secretary of State’s staff and a certified voting system test lab,” Padilla’s office said. “The testing ensured the system’s compliance with California and federal laws, including the California Voting System Standards (CVSS).”

  • State Certifies LA County’s New Open-Source Vote Tally System

    Los Angeles County’s open-source vote tally system was certified by the secretary of state Tuesday, clearing the way for redesigned vote-by-mail ballots to be used in the November election.

    “With security on the minds of elections officials and the public, open-source technology has the potential to further modernize election administration, security and transparency,” Secretary of State Alex Padilla said. “Los Angeles County’s VSAP vote tally system is now California’s first certified election system to use open-source technology. This publicly-owned technology represents a significant step in the future of elections in California and across the country.”

    The system — dubbed Voting Solutions for All People (VSAP) Tally Version 1.0 — went through rigorous security testing by staffers working with the secretary of state as well as an independent test lab, according to county and state officials.

  • 5 open source tools for container security

    As containers become an almost ubiquitous method of packaging and deploying applications, the instances of malware have increased. Securing containers is now a top priority for DevOps engineers. Fortunately, a number of open source programs are available that scan containers and container images. Let’s look at five such tools.

  • Salesforce Makes ML Library Available as Open Source Project

    It’s increasingly clear that when it comes to artificial intelligence (AI), many organizations will be able to leverage investments made by IT vendors that are being made available as open source code. The latest example of that trend is a decision by Salesforce to make TransmogrifAI, a machine learning library that makes it simpler to consume large amounts of structured data, available as open source code on GitHub.

    Shubha Nabar, senior director of data science for Salesforce Einstein, the AI platform developed by Salesforce, says the decision to make TransmogrifAI open source is driven by primarily by a desire to make AI technologies readily available and easily understandable.

  • Bolster your DevOps infrastructure with open source tools

    When we talk about DevOps, we typically mean managing software deliverables, not infrastructure. But the overall system sanctity is deeply coupled with infrastructure integrity. How many times have you heard “But it works on my system”? Or perhaps a misconceived admin changes the configuration of the production server and things don’t work anymore. Hence, it is essential to bring infrastructure into the proven DevOps practices of consistency, traceability, and automation.

    This article builds on my previous one, Continuous infrastructure: The other CI. While that article introduced infrastructure automation and infrastructure as a first-class citizen of the CI pipeline using the principles of infrastructure as code and immutable infrastructure, this article will explore the tools to achieve a CIi (continuous integration of infrastructure) pipeline through automation.

  • Open-Source Hybrid Analysis Portal Gets a Boost

    The free Hybrid Analysis malware research site used for investigating and detecting unknown malware threats now includes an accelerated search feature that roots out matches or correlations in minutes, rather than hours.

    CrowdStrike donated its Falcon MalQuery new rapid-search feature to the Hybrid Analysis community platform, which has some 100,000 active users worldwide. Hybrid Analysis was acquired in fall 2017 by CrowdStrike, and also employs CrowdStrike’s sandbox technology.

  • BlazeMeter Open Sources Plugin for Mainframe Testing

    BlazeMeter launched an open source plugin for continuous mainframe testing.

    The RTE plugin works with the company’s Apache JMeter, an open source Java application designed to load test functional behavior and measure performance.

    “Supporting IBM mainframe protocols TN5250 and TN3270, the JMeter RTE plugin simulates a mainframe terminal sending actions and keystrokes to the mainframe server,” the company said in a statement. “By using the plugin, developers and testers can simulate filling forms or calling processes, specify the position of fields on the screen and the text to set on them, and simulate the keyboard attention keys.”

  • If you have ambition, open source at scale is essential

    When your job is to provide the cloud infrastructure to run analytics and workloads across three that are more than 100 miles apart datacenters, sucking 100-plus petabytes from each daily, it’s no longer an even remotely credible option to buy it from Megavendor X. These days, the only place to find such software is on an open source repository somewhere.

    Which is exactly what Didi Chuxing, the Uber of China, did.

    [...]

    Five years ago, Cloudera cofounder Mike Olson wrote, “No dominant platform-level software infrastructure has emerged in the last ten years in closed-source, proprietary form.” In significant measure, this stems from the realities of operating at web-scale: The financial costs, never mind the technical costs, of trying to scale proprietary hardware and software systems are simply too high. Companies like Google and Facebook keep gifting genius creations to the open source community, driving innovation faster, well beyond the realm of proprietary firms’ ability to compete in data infrastructure.

  • Energy controls platform available in open source

    VOLTTRON is an innovative open source software platform that helps users rapidly develop and deploy new control solutions for a myriad of applications in buildings, renewable energy systems and electricity grid systems. Developed by Pacific Northwest National Laboratory with funding from the Department of Energy, VOLTTRON can be downloaded from the not-for-profit Eclipse Foundation that will steward it as an open source software platform. As part of this move, PNNL has joined the Eclipse Foundation, a global organization with more than 275 members.

    Flexible, scalable and cyber-secure, VOLTTRON offers paradigm-shifting capabilities for development of new analysis and management solutions for energy consumption optimization and integration of building assets with the electric grid. VOLTTRON provides the ability to shift energy demand to off-peak hours and manage a facility’s load shape to reduce stress on the grid.

  • Open source microservices management trends alter software delivery

    If you’re a business that uses a monolithic architecture, the adoption of microservices might cause some anxiety on your team. After all, there isn’t one comprehensive place to find answers to all the challenges that arise from managing today’s cloud-native apps, and there isn’t one single vendor that has all the answers.

    Fortunately, the open source community can offer some help. Trends in open source software point toward a future with a completely different approach to application management. If you’re willing to delve into and invest in today’s leading open source microservices projects, it’s possible to find everything you need to manage modern microservices applications in the cloud.

  • Web Browsers

    • Mozilla

      • Notes now uses Rust & Android components

        Today we shipped Notes by Firefox 1.1 for Android, all existing users will get the updated version via Google Play.

        After our initial testing in version 1.0, we identified several issues with the Android’s “Custom Tab” login features. To fix those problems the new version has switched to using the newly developed Firefox Accounts Android component. This component should resolve the issues that the users experienced while signing in to Notes.

      • Dweb: Serving the Web from the Browser with Beaker

        We work on Beaker because publishing and sharing is core to the Web’s ethos, yet to publish your own website or even just share a document, you need to know how to run a server, or be able to pay someone to do it for you.

        So we asked ourselves, “What if you could share a website directly from your browser?”

        Peer-to-peer protocols like dat:// make it possible for regular user devices to host content, so we use dat:// in Beaker to enable publishing from the browser, where instead of using a server, a website’s author and its visitors help host its files. It’s kind of like BitTorrent, but for websites!

        [...]

        Beaker uses a distributed peer-to-peer network to publish websites and datasets (sometimes we call them “dats”).

      • New in Hubs: Images, Videos, and 3D Models

        A few months ago, we announced an early preview release of Hubs by Mozilla, an experiment to bring Social Mixed Reality to the browser. Since then, we’ve made major strides in improving usability, performance, and support for standalone devices like the Oculus Go. Today, we’re excited to share our first big feature update to Hubs: the ability bring your videos, images, documents, and even 3D models into Hubs by simply pasting a link.

      • Getting cross border lawful access in Europe right

        Lawmakers in the EU have proposed a new legal framework that will make it easier for police in one country to get access to user data in another country (so-called ‘e-evidence’) when investigating crimes. While the law seeks to address some important issues, there is a risk that it will inadvertently undermine due process and the rule of law in Europe. Over the coming months, we’ll be working with lawmakers in Europe to find a policy solution that effectively addresses the legitimate interests of law enforcement, without compromising the rights of our users or the security of our communications infrastructure.

      • Mozilla files FTC comments calling for interoperability to promote competition

        Mozilla’s Internet Health Report 2018 explored concentration of power and centralization online through a spotlight article, “Too big tech?” Five U.S. technology companies often hold the five largest market capitalizations of any industry and any country in the world. Their software and services are entangled with virtually every part of our lives. These companies reached their market positions in part through massive innovation and investment, and they created extremely popular (and lucrative) user experiences. As a consequence of their success, though, the product and business decisions made by these companies move socioeconomic mountains.

        And, like everyone, tech companies make mistakes, as well as some unpopular decisions. For many years, the negative consequences of their actions seemed dwarfed by the benefits. A little loss of privacy seemed easy to accept (for an American audience in particular) in exchange for a new crop of emojis. But from late 2016 through 2017, things changed. The levels of disinformation, abuse, tracking, and control crossed a threshold, sowing distrust in the public and catalyzing governments around the world to start asking difficult questions.

        Since our “Too big tech?” piece was published, this trajectory of government concern has continued. The Facebook / Cambridge Analytica scandal generated testimony from Facebook CEO Mark Zuckerberg on both sides of the Atlantic. The European Commission levied a $5 billion fine on Google for practices associated with the Android mobile operating system. Meanwhile Republican Treasury Secretary Steve Mnuchin called for a serious look at the power of tech companies, and Democratic Senator Mark Warner outlined a 20 point regulatory proposal for social media and technology firms.

      • TenFourFox and legacy addons and their euthanasia thereof

        Presently TenFourFox uses Mozilla Addons as a repository for “legacy” (I prefer “classic” or “can actually do stuff” or “doesn’t suck”) add-ons that remain compatible with Firefox 45, of which TenFourFox is a forked descendant. Mozilla has now announced these legacy addons will no longer be accessible in October. I don’t know if this means that legacy-only addons will no longer be visible, or no longer searchable, or whether older compatible versions of current addons will also be no longer visible, or whatever, or whether everything is going to be deleted and HTH, HAND. The blog post doesn’t say. Just assume you may not be able to access them anymore.

        This end-of-support is obviously to correlate with the end-of-life of Firefox 52ESR, the last version to support legacy add-ons. That’s logical, but it sucks, particularly for people who are stuck on 52ESR (Windows XP and Vista come to mind). Naturally, this also sucks for alternative branches such as Waterfox which split off before WebExtensions became mandatory, and the poor beleaguered remnants of SeaMonkey.

      • Timeline for disabling legacy add-ons on addons.mozilla.org

        Mozilla will stop supporting Firefox Extended Support Release (ESR) 52, the final release that is compatible with legacy add-ons, on September 5, 2018.

        As no supported versions of Firefox will be compatible with legacy add-ons after this date, we will start the process of disabling legacy add-on versions on addons.mozilla.org (AMO) in September. On September 6, 2018, submissions for new legacy add-on versions will be disabled. All legacy add-on versions will be disabled in early October, 2018. Once this happens, users will no longer be able to find your extension on AMO.

        After legacy add-ons are disabled, developers will still be able to port their extensions to the WebExtensions APIs. Once a new version is submitted to AMO, users who have installed the legacy version will automatically receive the update and the add-on’s listing will appear in the gallery.

  • Education

  • Pseudo-Open Source (Openwashing)

    • SUSE, Microsoft team up for Azure-tuned Linux kernel

      By default, SUSE Linux Enterprise Server 15 instances on Azure will run on this custom-tuned kernel, although it can be easily switched back to the standard kernel using the package manager, Zypper.

    • Microsoft, SUSE collaborate on Linux kernel
    • SUSE and Microsoft Announce Enterprise Linux Kernel for Azure
    • Haiku Release R1/beta1, Flatpack v. 1.0.0, SUSE Updates Their Kernel to Boost Performance on Azure, Debian Receives Mitigation Updates to Vulnerability

      SUSE has had a long history with Microsoft, and it would seem that their relationship with the software giant continues with the Linux distribution’s updates to their kernel to boost performance on Azure.

    • Eclipse Foundation and IBM Partner to Help Fight Natural Disasters in New Global Open Source Software Initiative

      The Eclipse Foundation, the platform for open collaboration and innovation, today announced that it is joining the Call for Code initiative with Founding Partner IBM to use the power of open source software and a global collaborative community of developers to help people around the world better prevent, respond to, and recover from natural disasters.

      The Call for Code Global Challenge, created by David Clark Cause and powered by IBM, has more than 35 organizations asking developers to create solutions that significantly improve natural disaster preparedness and relief. This competition is the first of its kind at this global scale, encouraging developers worldwide who want to give back to their communities open software solutions that alleviate human suffering.

    • Why Redis Labs made a huge mistake when it changed its open source licensing strategy

      No, Redis is not proprietary after Redis Labs introduced a tweak to its licensing strategy. Yes, some modules from Redis Labs will now be under a weird new license hack that says, in essence, “Clouds, you’re not allowed to make money from this code unless you pay us money.” And yes, this hack was completely unnecessary in terms of open source evolution.

      You see, we already have ways to accomplish this. Not everyone likes strategies like Open Core, but they’re well-established, well-understood, and could have saved Redis Labs some headaches.

      [...]

      Let’s be clear: Redis Labs’ desire is rational and common to open source vendors. While Redis Labs didn’t touch the license for Redis Core (it remains under the highly permissive BSD), the company has slapped a “Commons Clause” onto otherwise open source software to make it…not open source. The rationale?

    • The Data Transfer Project

      Social networks are typically walled gardens; users of a service can interact with other users and their content, but cannot see or interact with data stored in competing services. Beyond that, though, these walled gardens have generally made it difficult or impossible to decide to switch to a competitor—all of the user’s data is locked into a particular site. Over time, that has been changing to some extent, but a new project has the potential to make it straightforward to switch to a new service without losing everything. The Data Transfer Project (DTP) is a collaborative project between several internet heavyweights that wants to “create an open-source, service-to-service data portability platform”.

      [...]

      Users will obviously need to authenticate to both sides of any transfer; that will be handled by authentication adapters at both ends. Most services are likely to use OAuth, but that is not a requirement. In addition, the paper describes the security and privacy responsibilities for all participants (service providers, users, and the DTP system) at some length. These are aimed at ensuring that users’ data is protected in-flight, that the system minimizes the risks of malicious transfers, and that users are notified when transfers are taking place. In addition, a data transfer does not imply removing the data from the exporting provider; there is no provision in DTP for automated data deletion.

      One of the advantages for users, beyond simply being able to get their hands on their own data, is the reduction in bandwidth use that will come because the service providers will directly make the transfer. That is especially important in places where bandwidth is limited or metered—a Google+ user could, for example, export their photos to Facebook without paying the cost of multi-megabyte (or gigabyte) transfers. The same goes for backups made to online cloud-storage services, though that is not really new since some service providers already have ways to directly store user data backups elsewhere in the cloud. For local backup, though, the bandwidth cost will have to be paid, of course.

      The use cases cited in the paper paint a rosy picture of what DTP can help enable for users. A user may discover a photo-printing service that they want to use, but have their photos stored in some social-media platform; the printing service could offer DTP import functionality. Or a service that received requests from customers to find a way to get their data out of another service that was going out of business could implement an export adapter using the failing service’s API. A user who found that they didn’t like the update to their music service’s privacy policy could export their playlists to some other platform. And so on.

    • KOGER Announces Open Source Client Portal Available for Financial Firms

      KOGER® Inc., a global financial services technology company, has announced the availability of an open-source client portal for financial institutions, asset managers, and fund administrators that works in tandem with the systems they already have in place.

  • Funding

    • Handshake Provides a Leg Up

      Handshake has recently awarded funds to many critical free and open source software projects. In particular Conservancy has been gifted $200K for our ongoing work to support software freedom by providing a fiscal home for smaller projects, enforcing the GPL and undertaking strategic efforts to grow and improve free software. Outreachy, the organization offering biannual, paid internships for under-represented people to work in free software (itself a member project of Conservancy) has also been awarded $100,000 from these funds.

      “We are grateful for this donation that will allow us to continue supporting people from underrepresented backgrounds in gaining focused experience as free software contributors and shaping the future of technology,” said Marina Zhurakhinskaya, Outreachy Organizer. Donations to the Outreachy general fund support program operations and increasing awareness of opportunities in free software among people from underrepresented groups in tech.

      [...]

      As a small organization, we are always working to do the most with what we have. The Handshake grant allows us to tackle some of the work that we would have otherwise had to put off to a later date. Unfettered donations give us the freedom to say yes to hiring contractors to help with tasks that we don’t have expertise for in house, they help us move up our timetables for critical infrastructure and they enable us to spend less time fundraising. These kinds of gifts are absolutely critical for Conservancy and for our frugal sister organizations in the free software community.

    • BackYourStack To Provide Open Source With Financial Security

      Open Collective has come up with an new initiative that makes it easy for companies to identify the open source projects that they depend on that also need funding and make a financial contribution. BackYourStack provides a new way for open source communities get paid for the work they do and become financially sustainable.

      [...]

      Open Collective lets its users set up pages to collect donations and membership fees where the funds required and the funds raised are explicitly shows and sponsors and the extent of their support is acknowledged. This page gives also access to an ongoing record of a project’s expenses where members can submit new expenses for reimbursement and its Budget facility allows income and expenditure to be tracked.

      According to its FAQs, so far Open Collective has raised $2,815,000 in funds for its members. It takes 10% plus credit card fees to cover the costs of running the platform and managing bookkeeping, taxes and the admin of reimbursing expenses and shares this commission with the host organizations that hold the money on behalf of member collectives.

  • BSD

    • DragonFlyBSD Now Runs On The Threadripper 2990WX, Developer Shocked At Performance

      Last week I carried out some tests of BSD vs. Linux on the new 32-core / 64-thread Threadripper 2990WX. I tested FreeBSD 11, FreeBSD 12, and TrueOS — those benchmarks will be published in the next few days. I tried DragonFlyBSD, but at the time it wouldn’t boot with this AMD HEDT processor. But now the latest DragonFlyBSD development kernel can handle the 2990WX and the lead DragonFly developer calls this new processor “a real beast” and is stunned by its performance potential.

      When I tried last week, the DragonFlyBSD 5.2.2 stable release nor DragonFlyBSD 5.3 daily snapshot would boot on the 2990WX. But it turns out Matthew Dillon, the lead developer of DragonFlyBSD, picked up a rig and has it running now. So in time for the next 5.4 stable release or those using the daily snapshots can have this 32-core / 64-thread Zen+ CPU running on this operating system long ago forked from FreeBSD.

  • FSF/FSFE/GNU/SFLC

    • Software Freedom Ensures the True Software Commons

      Proprietary software has always been about a power relationship. Copyright and other legal systems give authors the power to decide what license to choose, and usually, they choose a license that favors themselves and takes rights and permissions away from others.

      The so-called “Commons Clause” purposely confuses and conflates many issues. The initiative is backed by FOSSA, a company that sells materiel in the proprietary compliance industrial complex. This clause recently made news again since other parties have now adopted this same license.

      This proprietary software license, which is not Open Source and does not respect the four freedoms of Free Software, seeks to hide a power imbalance ironically behind the guise “Open Source sustainability”. Their argument, once you look past their assertion that “the only way to save Open Source is to not do open source”, is quite plain: “If we can’t make money as quickly and as easily as we’d like with this software, then we have to make sure no one else can as well”.

      These observations are not new. Software freedom advocates have always admitted that if your primary goal is to make money, proprietary software is a better option. It’s not that you can’t earn a living writing only Free Software; it’s that proprietary software makes it easier because you have monopolistic power, granted to you by a legal system ill-equipped to deal with modern technology. In my view, it’s a power which you don’t deserve — that allows you to restrict others.

      Of course, we all want software freedom to exist and survive sustainably. But the environmental movement has already taught us that unbridled commerce and conspicuous consumption is not sustainable. Yet, companies still adopt strategies like this Commons Clause to prioritize rapid growth and revenue that the proprietary software industry expects, claiming these strategies bolster the Commons (even if it is a “partial commons in name only”). The two goals are often just incompatible.

    • It may be poor man’s Photoshop, but GIMP casts a Long Shadow with latest update

      There appears to be no rest for Wilber as the GIMP team has updated the venerable image editor to version 2.10.6.

      We were delighted to see the arrival of the Straighten button in version 2.10.4, mainly due to our inability to hold a camera straight. Version 2.10.6 extends this handy feature to include vertical straightening, so the Leaning Tower of Pisa need lean no more. As before, the user must wield the Measure tool and either let GIMP automatically work out if straightening should be vertical or horizontal, or override the application.

      In a nod to East Asian writing systems, or just to those who feel the need for vertical text, GIMP has also gained a variety of vertical text options, including mixed orientation or the more Western style upright.

    • GNU Parallel 20180822 (‘Genova’) released

      GNU Parallel 20180822 (‘Genova’) has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/

      Quote of the month:

      GNU parallel is a thing of magic.

  • Openness/Sharing/Collaboration

    • Open Hardware/Modding

      • AMD Open-Sources “Rocprofiler” ROCm Profiler For GPU Hardware Perf Counters

        AMD developers have open-sourced rocprofiler for profiling the AMD GPU hardware performance counters under compute/OpenCL workloads.

        Rocprofiler consists of a library and tool for accessing the AMD graphics processor hardware performance counters. They anticipate that this profiler will be bundled as part of their upcoming ROCm 1.9 release, but it can be built today and used with their existing ROCm 1.8 releases.

      • RISC-V video
      • Fujitsu reveals the A64FX, an Arm-based supercomputer CPU

        Fujitsu has revealed details about its new high performance CPU, destined for the Post-K supercomputer. The A64FX is a Fujitsu designed Arm processor and is of particular note as it is the first to implement the Arm v8-A SVE architecture (SVE = Scalable Vector Extensions). Architectural details of the A64FX were shared at the Hot Chips 30 symposium yesterday evening in Cupertino, California. Fujitsu today emailed HEXUS a press release concerning further Post-K CPU specifications, yet to be shared on its website.

      • Fujitsu Presents Post-K CPU Specifications

        Fujitsu today announced publication of specifications for the A64FX CPU to be featured in the post-K computer, a supercomputer being developed by Fujitsu and RIKEN as a successor to the K computer, which achieved the world’s highest performance in 2011. The organizations are striving to achieve post-K application execution performance up to 100 times that of the K computer.

      • Fujitsu Unveils Details on Post-K Supercomputer Processor Powered by ARM

        Today Fujitsu published specifications for the A64FX CPU to be featured in the post-K computer, a future machine designed to be 100 times faster than the legendary K computer that dominated the TOP500 for years.

      • Fujitsu Reveals Details of Processor That Will Power Post-K Supercomputer

        Fujitsu has announced the specifications for A64FX, an Arm CPU that will power Japan’s first exascale supercomputer. The system, known as Post-K, is scheduled to begin operation in 2021.

  • Programming/Development

    • Python wriggles onward without its head

      At the third annual PyBay Conference in San Francisco over the weekend, Python aficionados gathered to learn new tricks and touch base with old friends.

      Only a month earlier, Python creator Guido van Rossum said he would step down as BDFL – benevolent dictator for life – following a draining debate over the addition of a new way to assign variables within an expression (PEP 572).

      But if any bitterness about the proposal politics lingered, it wasn’t evident among attendees.

      Raymond Hettinger, a Python core developer, consultant and speaker, told The Register that the retirement of Python creator Guido van Rossum hasn’t really changed things.

      “It has not changed the tenor of development yet,” he said. “Essentially, [Guido] presented us with a challenge for self-government. And at this point we don’t have any active challenges or something controversial to resolve.”

    • Introducing CI-Admin

      A major focus of recent developments in Firefox CI has been putting control of the CI process in the hands of the engineers working on the project. For the most part, that means putting configuration in the source tree. However, some kinds of configuration don’t fit well in the tree. Notably, configuration of the trees themselves must reside somewhere else.

    • This Week in Rust 248

      This week’s crate is wasm-bindgen-futures, a crate to make ECMAScript futures and Rust futures interoperate. Thanks to Vikrant for the suggestion!

    • CafeOBJ 1.5.8 released

      Some time ago we released CafeOBJ 1.5.8 with some new features and bugfixes for the inductive theorem prover CITP. We are still struggling with SBCL builds on Windows, which suddendly started to produce corrupt images, something that doesn’t happen on Linux or Mac.

    • digest 0.6.16

      digest version 0.6.16 arrived on CRAN earlier today, and was just prepared for Debian as well.

      digest creates hash digests of arbitrary R objects (using the ‘md5′, ‘sha-1′, ‘sha-256′, ‘sha-512′, ‘crc32′, ‘xxhash32′, ‘xxhash64′ and ‘murmur32′ algorithms) permitting easy comparison of R language objects.

  • Standards/Consortia

    • Broadband Forum automates, accelerates cloud-based access deployment

      The Broadband Forum today announced the first code release and documentation of its new Open Broadband project – Broadband Access Abstraction (OB-BAA) to enable standardized, automated and accelerated deployment of new cloud-based access infrastructure and services.

    • Broadband Forum unveils first Open Broadband release

      The Broadband Forum has announced the release of code and supporting documentation for Broadband Access Abstraction (OB-BAA), the first code release for the Open Broadband project.

      The code and documentation offer an alternative approach for telcos looking to upgrade networks ahead of the anticipated stress caused by the introduction of more accessible and faster connectivity. The aim is to facilitate coexistence, seamless migration and the agility to adapt to an increasingly wide variety of software defined access models.

      “OB-BAA enables operators to optimize their decision-making process for introducing new infrastructure based on user demand and acceptance instead of being forced into a total replacement strategy,” said Robin Mersh, Broadband Forum CEO. “By reducing planning, risks and execution time, investment in new systems and services can be incremental.”

      The Forum’s Open Broadband initiative has been designed to provide an open community for the integration and testing of new open source, standards-based and vendor provided implementations. The group already counts support from the likes of BT, China Telecom, CenturyLink and Telecom Italia, as well as companies such as Broadcom and Nokia on the vendor side.

    • Broadband Forum Creates an Open Source Project for Network Access Interoperability

      As a freely-published, open source project, BAA specifies northbound interfaces, core components, and southbound interfaces for functions associated with network access devices that have been virtualized.

      Robin Mersh, CEO of the Broadband Forum, said the BAA project is an Apache 2.0 licensed open source project. The code from the project resides on GitHub and contributors develop the work on BitBucket.

      Operators and equipment manufacturers involved in the project include Broadcom, BT, Calix, CenturyLink, China Telecom, Huawei, Nokia, Telecom Italia, Tibit Communications, the University of New Hampshire InterOperability Lab, and ZTE.

      The BAA code will immediately be integrated into another Broadband Forum initiative — its Cloud Central Office (CloudCO) project. CloudCO is a regular standards project. It’s developing a framework for transformation of the network from fixed function, through boxes, to software-defined networking.

Leftovers

  • Woman cons dozens of men into ‘date’ then sets them against each other

    At 6pm on Sunday, hundreds of men arrived at Union Square in Manhattan for what Aponte told them would be a one-on-one date where they would watch her friend DJ. Once they had formed an audience, each thinking the rest of the men were just there for a show, Aponte took to the stage, explained what was going on and started whittling down the guys with questions and challenges, saying that the winner would actually go on a date with her.

  • Science

    • Wikipedia, the Last Bastion of Shared Reality

      The culture wars are coming for the best utopian project of the early [I]nternet. Can it survive the informational anarchy that’s disrupted the rest of media?

    • What is Machine Learning?

      Advancements in computer technology over the past decades have meant that the collection of electronic data has become more commonplace in most fields of human endeavor. Many organizations now find themselves holding large amounts of data spanning many prior years. This data can relate to people, financial transactions, biological information, and much, much more.

      Simultaneously, data scientists have been developing iterative computer programs called algorithms that can look at this large amount of data, analyse it and identify patterns and relationships that cannot be identified by humans. Analyzing past phenomena can provide extremely valuable information about what to expect in the future from the same, or closely related, phenomena. In this sense, these algorithms can learn from the past and use this learning to make valuable predictions about the future.

    • A porn company promises to insert customers into scenes using deepfakes

      The company demoed the service with a pair of sample clips (link very much not safe for work). One blends the faces of two actresses and another swaps the background of a scene from a bedroom to a beach. It’s not the most advanced use of the technology, but the face-blending is relatively seamless, and it shows how accessible this sort of AI-powered video manipulation has become.

    • Naughty America Wants to Monetize Deepfake Porn

      This week, the company is launching a new service that allows customers to commission their own deepfake clips, which can include superimposing their own faces onto the bodies of porn performers, or incorporating porn stars into different environments. “We see customization and personalization as the future,” said the company’s CEO Andreas Hronopoulos in an interview with Variety.

  • Health/Nutrition

    • Preliminary Injunction Denied, But Two-Day TRO Granted Precluding Launch of Generic Estrogen Patch

      The court denied plaintiff’s motion for a preliminary injunction but granted plaintiff’s motion for a TRO precluding the launch of defendants’ generic transdermal estrogen product.

    • Can A Surge In Activism Defeat American Big Pharma?

      Not a day passes in America without news of a drug company raising prices on prescription drugs. Americans pay two to six times more for prescription drugs than those living in other developed countries, who earn the same income.

      People with chronic or life-threatening diseases, for whom drug costs are unaffordable, often skip treatment altogether. One quarter of all cancer patients chose not to fill a prescription due to cost, according to a 2013 study in the journal Oncologist. This is as drug prices for these conditions have skyrocketed. Humira for example, a widely used best-selling drug for rheumatoid arthritis, is now $2,700 per course of treatment, nearly three times what it costs in Switzerland.

      The vast majority of Americans support a wide range of measures to make drugs more affordable: 92% of Americans support laws allowing the federal government to negotiate lower prices for people on Medicare, the public welfare benefit scheme targeted at senior citizens. However, with two lobbyists per member of Congress and a lobbying services’ bill that oustrips every other industry, including defence, the odds are stacked against citizens in their fight against ‘big pharma’ over drug prices.

    • Is there a high chance of US and UK courts grappling with medicinal cannabis patents?

      The US and UK patent offices have granted a number of patents relating to the therapeutic use of cannabis derived products. Paradoxically, both the US and UK governments currently define cannabis and cannabis-derived products as having no medicinal benefit. Recent developments suggest that both governments may soon soften the legal definition of cannabis. This Kat takes the opportunity to ask, in view of the US and UK governments current position that cannabis has no medicinal use, how strong are the patents claiming the very same?

      [...]

      Recreational cannabis is subject to varying restrictions around the world. In the UK, the Misuse of Drugs Act 1971 categories cannabis and cannabinol as Class B drugs, meaning that unlicensed supply carries a maximum penalty of 5 years in prison and/or an unlimited fine. Cannabis has been fully legalized in certain US states (e.g. Colorado), and it will soon become fully legal to grow, possess and sell Cannabis in Canada.

      The legality of medicinal cannabis is distinct from that of recreational cannabis. The legislation governing whether licences can be awarded to supply a controlled substance for medical purposes is dependent on whether that substance is considered to have a proven medicinal effect. Cannabis was categorized by the UN Convention on Narcotic Drugs as a drug having “no medicinal benefit” (Schedule 1). Both the US and UK currently follow this classification.

  • Security

    • Three New Security Advisories Hit X.Org’s X11 Library

      It’s been a while since last having any big security bulletins for the X.Org Server even though some of the code-base dates back decades and security researchers have said the security is even worse than it looks and numerous advisories have come up in recent years. But it’s not because X11 is bug-free as today three more security bulletins were made public affecting libX11.

      Today’s security advisory pertains to three different functions in libX11 that are affected by different issues. The security issues come down to off-by-one writes, a potential out of boundary write, and a crash on invalid reply.

    • USBHarpoon: How “Innocent” USB Cables Can Be Manipulated To Inject Malware

      Back in 2014 Black Hat Conference, crypto specialists Karsten Nohl and Jakob Lell introduced the concept of BadUSB — a USB security flaw which allows attackers to turn a USB into a keyboard which can be used to type in commands.

      Now, a researcher from SYON Security has managed to build a modified USB charging cable that will enable hackers to transfer malware on your PC without you even noticing it. Behind the hood is the BadUSB vulnerability.

      [...]

      While BadUSB is gradually climbing the ladder towards the mainstream cyber attacks, people are also coming up with the corresponding firewalls to tackle the new age attacks.

    • Open Source ‘Kube-Hunter’ Does Kubernetes Penetration Testing

      Aqua Security released the open source kube-hunter tool for penetration testing of Kubernetes clusters, used for container orchestration.

      “You give it the IP or DNS name of your Kubernetes cluster, and kube-hunter probes for security issues — it’s like automated penetration testing,” the company said in an Aug. 15 blog post.

      The tool — with source code available on GitHub — is also packaged by the company in a containerized version, which works with the company’s kube-hunter Web site where test results can be seen and shared.

    • Get an open-source security multiplier

      Open-source solutions offer numerous advantages to development-savvy teams ready to take ownership of their security challenges. Teams can implement them to provide foundational capabilities, like “process logs” or “access machine state,” swiftly; no need to wait for purchasing approval. They can build custom components on top of open-source code to fit their company’s needs perfectly. Furthermore, open-source solutions are transparent, ‘return’ great value for dollars spent (since investment makes the tool better rather than paying for a license), and receive maintenance from a community of fellow users.

    • Is Open Source More Secure? Maybe Not [Ed: Cloud Academy is badmouthing FOSS and ignoring the fact that proprietary software has back doors in it, cannot be fixed by users]
    • Secure your open source components automatically, continuously, and silently[Ed: This site is posting promotional spam for this Microsoft partner that likes to badmouth FOSS in order to sell its proprietary software]
    • Security updates for Wednesday
    • Vulnerability Affects All OpenSSH Versions Released in the Past Two Decades

      A vulnerability affects all versions of the OpenSSH client released in the past two decades, ever since the application was released in 1999.

      The security bug received a patch this week, but since the OpenSSH client is embedded in a multitude of software applications and hardware devices, it will take months, if not years, for the fix to trickle down to all affected systems.

      [...]

      This bug allows a remote attacker to guess the usernames registered on an OpenSSH server. Since OpenSSH is used with a bunch of technologies ranging from cloud hosting servers to mandate IoT equipment, billions of devices are affected.

      As researchers explain, the attack scenario relies on an attacker trying to authenticate on an OpenSSH endpoint via a malformed authentication request (for example, via a truncated packet).

    • CVE-2018-5390 and “embargoes”

      A kernel bug that allows a remote denial of service via crafted packets was fixed recently and the resulting patch was merged on July 23. But an announcement of the flaw (which is CVE-2018-5390) was not released until August 6—a two-week window where users were left in the dark. It was not just the patch that might have alerted attackers; the flaw was publicized in other ways, as well, before the announcement, which has led to some discussion of embargo policies on the oss-security mailing list. Within free-software circles, embargoes are generally seen as a necessary evil, but delaying the disclosure of an already-public bug does not sit well.

      The bug itself, which Red Hat calls SegmentSmack, gives a way for a remote attacker to cause the CPU to spend all of its time reassembling packets from out-of-order segments. Sending tiny crafted TCP segments with random offsets in an ongoing session would cause the out-of-order queue to fill; processing that queue could saturate the CPU. According to Red Hat, a small amount of traffic (e.g. 2kbps) could cause the condition but, importantly, it cannot be done using spoofed IP addresses, so filtering may be effective, which may blunt the impact somewhat.

    • Meltdown strikes back: the L1 terminal fault vulnerability

      The Meltdown CPU vulnerability, first disclosed in early January, was frightening because it allowed unprivileged attackers to easily read arbitrary memory in the system. Spectre, disclosed at the same time, was harder to exploit but made it possible for guests running in virtual machines to attack the host system and other guests. Both vulnerabilities have been mitigated to some extent (though it will take a long time to even find all of the Spectre vulnerabilities, much less protect against them). But now the newly disclosed “L1 terminal fault” (L1TF) vulnerability (also going by the name Foreshadow) brings back both threats: relatively easy attacks against host memory from inside a guest. Mitigations are available (and have been merged into the mainline kernel), but they will be expensive for some users.

    • Researchers Blame ‘Monolithic’ Linux Code Base for Critical Vulnerabilities
    • Airmail 3.6 Fixes Potential URL Scheme Vulnerability

      Airmail has just released an update which patches a known security vulnerability in the e-mailing service. Security analysts recently discovered that the client was vulnerable to malicious exploits that could allow foreign and unauthorized persons to access and read sent and received emails in the context of a victim user. The patch released fixes the vulnerable channels that could have been exploited to gain such unwarranted access.

    • Ghostscript Vulnerability Could Cause Data Security Breach

      A vulnerability in the Ghostscript interpreter used to decipher Adobe Postscript and PDF documents online has come to light after a report by a Google security researcher, Tavis Ormandy, and a bothersome statement by Steve Giguere, an EMEA engineer for Synopsis. As the Ghostcript page descriptive language interpreter is the most commonly employed system in numerous programs and databases, this vulnerability has a mass range of exploit and impact if manipulated.

      [...]

      According to Giguere, this causes second tier delay as mitigation of this depends directly upon authors resolving the issue at its core as soon as it arises, firstly, but that on its own is no use if these resolved components are not uploaded to the web servers and applications that make use of them. The issues must be resolved at the core and then updated where they are directly being used for the sake of effective mitigation. As this is a two step process, it could provide malicious attackers with all the time that they need to exploit this type of vulnerability.

    • Microsoft Visual Studio C++ Runtime installers were built to fail

      Security researcher Stefan Kanthak claims the Microsoft Visual C++ Redistributable for Visual Studio 2017 executable installers (x86 and x64) were built with insecure tools from several years ago, creating a vulnerability that could allow privilege escalation.

      In other words, Redmond is distributing to developers executables that install its Visual C++ runtime, and these installer programs are insecure due to being created by outdated tools. They can be exploited by malicious software to execute arbitrary code. It’s not the end of the world – it’s more embarrassment than anything else, due to the reliance on out-of-date tools.

  • Defence/Aggression

    • Family of children Israel killed on Gaza beach reopen search for justice

      Four years after the massacre, Montaser still can’t play the game that brought him and his brothers joy. The sound of a football being kicked revives memories of bombs, shrieks and bloodshed, as well as a scene that he wants to shut out forever.

      “I still cannot forget. I was running quickly to flee the area. I survived, but I lost my brother and my cousins,” the 17-year-old recalls of a massacre that occurred just yards from the sparkling waters of the Mediterranean Sea.

      Montaser Bakr is the sole remaining survivor of the Bakr children who the Israeli military struck on July 16, 2014, while they played football on a Gaza beach at the height of the enclave’s last war, killing four children aged between nine and 11 years old.

    • Drone Strikes Remain Unchecked in the War on Terror
    • ‘Liberal’ MSNBC Runs All-Star Lineup of Awful Right-Wing Guests

      MSNBC is often described as the liberal version of Fox News, delivering unabashed left-leaning content for vociferously partisan viewers. But if you looked at MSNBC’s lineup of guests for August 15, you’d be hard pressed to find a more odious group of right-wing liars, warmongers and racists on Fox News or any other outlet.

      MSNBC kicked it off with Andrea Mitchell interviewing mercenary Erik Prince, the billionaire founder of private military contractor Blackwater USA and the brother of Trump administration Education Secretary Betsy DeVos.

      Firstly, Mitchell didn’t even get Prince’s credentials right, saying that his company Blackwater no longer exists. This is exactly what its marketing department wants you to believe: Blackwater rebranded as Xe Services following the massacre of 17 Iraqi civilians by Blackwater contractors in Nisour Square in 2007. In 2010, Prince sold Xe to a private equity firm run by a family friend, who changed the name to Academi, which later merged with rival private military contractor Triple Canopy in 2014 to form Constellis Holdings, which was in turn purchased by the private equity giant Apollo Global Management in 2016. Under the name Constellis, Blackwater is still going strong; earlier this year, Apollo was looking to sell it for between $2 billion and $2.5 billion.

  • Transparency/Investigative Reporting

    • Tweets from Assange’s mum fuel conspiracy theory on Clinton email leaks

      Julian Assange’s mother caused excitement on Twitter, saying an ex-DNC worker leaked the Clinton emails. Christine Assange deleted her post after followers concluded that she meant Seth Rich, who was killed in 2016.

      The story unfolded after Christine responded to a tweet claiming Julian Assange had given the then presidential candidate Donald Trump the “upper hand” by leaking the Clinton emails.

  • Finance

    • Tax Case Flips the Script for Democrats and the GOP. But What About for Jurists?

      In a dispute between states’ rights and the congressional power to tax, you would expect conservatives to line up with the states and liberals with Congress. As the battle lines are drawn in State of New York v. Mnuchin, a lawsuit filed last month by the states of Connecticut, Maryland, New Jersey and New York, it will be Republicans defending the power of Congress and Democrats rallying to the cause of the states.

      While well off most people’s radar, the case has the potential to disrupt President Donald Trump’s signature legislative achievement: last year’s massive tax cut. What remains to be seen — and will largely determine the outcome — is whether judicial conservatives align with Republicans (as they usually do) or defend the states’ rights doctrine at the heart of their legal thinking.

      The lawsuit attacks the tax cut passed at the end of last year by the Republican-controlled Congress, specifically its limits on the deductibility of state and local taxes. The law resulted in much higher federal taxes for many residents of high-tax states, most of which are governed by Democrats. Last month, the states brought suit in federal court in Manhattan challenging the constitutionality of this provision of the new law. The legal consensus is that the lawsuit is unlikely to prevail. But the strange bedfellows of this issue may be causing legal analysts to underestimate its chances.

  • AstroTurf/Lobbying/Politics

    • Paul Manafort trial: Jury unable to reach a verdict on 10 of 18 counts

      The jury in the financial fraud trial of former Trump campaign chairman Paul Manafort sent a second note to the court late Tuesday afternoon, informing the judge that there are 10 counts the jury cannot reach a verdict on. Judge T.S. Ellis III has decided there is “manifest necessity” to proceed and a verdict will be reached shortly on 8 of the counts. Judge Ellis will accept a partial verdict.

      Deliberations resumed deliberations Tuesday morning after finishing its third day of deliberations without reaching a verdict. Jurors deliberated until 6:15 p.m. Monday, later than usual, before being dismissed for the day.

    • Warren proposes ban on lawmakers owning individual stocks
    • Trump to announce NAFTA ‘handshake’ deal on Thursday: report

      The Trump administration is reportedly planning to announce this week that it has reached an agreement with Mexico in its renegotiation of the North American Free Trade Agreement (NAFTA).

    • To The US Media, A “Regime” Is Any Government At Odds With The US Empire

      The function of “regime” is to construct the ideological scaffolding for the United States and its partners to attack whatever country has a government described in this manner…

    • The Limits of Elizabeth Warren

      Senator Elizabeth Warren at the National Press Club in Washington on Tuesday launched into a blistering attack on unfettered corporate power in America but waffled when asked about military spending and Israel’s recent brutal reaction to Palestinian resistance.

      Warren outlined with great specificity a host of proposals for eliminating financial conflicts, closing revolving doors between business and government and reforming corporate structures.

      She pilloried former Congressman Billy Tauzin for having done the pharmaceutical lobby’s bidding by preventing a bill for expanded Medicare coverage to include a program to negotiate lower drug prices. “In December of 2003, the very same month the bill was signed into law, PhRMA — the drug companies’ biggest lobbying group — dangled the possibility that Billy could be their next CEO,” Warren said.

      “In February of 2004, Congressman Tauzin announced that he wouldn’t seek re-election. Ten months later, he became CEO of PhRMA — at an annual salary of $2 million,” Warren said. “Big Pharma certainly knows how to say ‘thank you for your service.’”

    • Michael Cohen and Paul Manafort: Two Cases That Shook the Trump World — “Trump, Inc.” Podcast Extra

      In April, we published an investigation into Michael Cohen’s past. The “Trump, Inc.” episode, reported by our partners at WNYC, traced how so many of Cohen’s associates over the years have been convicted of crimes, disbarred or faced other legal troubles.

      But — at the time of the episode — the president’s former lawyer had himself never been convicted, or even accused of a crime.

      Well, it’s time for an update. Cohen pleaded guilty Tuesday to eight felony counts, including tax fraud, lying to a bank and campaign finance violations. The same hour he was pleading guilty, a federal jury found another former Trump aide guilty: Paul Manafort, the erstwhile campaign chairman. Also eight counts. Also bank and tax fraud.

    • Lanny Davis: Trump “Corrupted Our Democracy,” He “Directed” Michael Cohen To Do A “Criminal Act”

      Lanny Davis, attorney for Michael Cohen, told ABC News’ George Stephanopoulos Wednesday that his client has information that would be “of interest” to special counsel Robert Mueller.

      “I can tell you that it’s my observation that what he knows that he witnessed will be of interest to the special counsel,” Davis told Stephanopoulos.

      Davis also named President Trump as the ‘candidate’ tied to Cohen’s campaign finance case. He said his client was “directed” “to do a criminal act” by Trump, calling the crime what he was told to do with two women, Stormy Daniels and Karen McDougal. Davis said there is evidence that Russians are complicit with Wikileaks and members of the Trump campaign help “facilitated that conspiracy.”

  • Censorship/Free Speech

    • Facebook is rating the trustworthiness of its users on a scale from zero to 1 [Ed: phasing in censorship while blaming "users" for it]
    • Facebook Assigns “Zero To 1” Rating Based On Your “Trustworthiness”

      In the unceasing fight against fake news, Facebook has started to assign a reputation score to its user based on their “trustworthiness,” reports Washington Post.

      The new rating tool revealed by Tessa Lyons, product manager and currently fighting misinformation on Facebook, is among the many other behavior clues that Facebook continuously take into consideration “as it seeks to understand risk.”

    • Facebook Fueled Anti-Refugee Attacks in Germany, New Research Suggests

      When you ask locals why Dirk Denkhaus, a young firefighter trainee who had been considered neither dangerous nor political, broke into the attic of a refugee group house and tried to set it on fire, they will list the familiar issues.

      This small riverside town is shrinking and its economy declining, they say, leaving young people bored and disillusioned. Though most here supported the mayor’s decision to accept an extra allotment of refugees, some found the influx disorienting. Fringe politics are on the rise.

      But they’ll often mention another factor not typically associated with Germany’s spate of anti-refugee violence: Facebook.

      Everyone here has seen Facebook rumors portraying refugees as a threat. They’ve encountered racist vitriol on local pages, a jarring contrast with Altena’s public spaces, where people wave warmly to refugee families.

    • Facebook Is Driving Increasing Attacks On Refugees In Germany, Study Finds

      Two Researchers from the University of Warwick, named Karsten Miller and Carlo Schwarz, have conducted a study which analyzed the anti-refugee attacks in Germany. Some of the factors that were considered for the study included wealth, demographics, political support, newspaper sales, number of refugees, past crimes against refugees and the number of protests.

      The pattern that emerged suggested that the towns where Facebook usage was higher than the average were more involved in the anti-refugee attacks.

    • Dutch Government Prosecuting Dutch Citizen For Insulting Turkish President Recep Erdogan

      Turkey’s president Recep Erdogan is the pettiest of tyrants, ruling with an iron fist and an easily-bruised ego. In addition to snuffing out dissent in his own country with a combination of arrests and intimidation, Erdogan and his government scour the planet for non-Turkish citizens who have offended Lord Gollum.

      This doesn’t just take the form of content removal requests and site blocking. It also means actual arrests of foreign citizens residing in other countries. Germany’s government was shocked to find an old law on its books — one that forbade insulting foreign states — being used against one of its own, a German comedian who wrote an immensely unflattering poem about the Turkish dictator. The government gave in at first before swiftly excising the law.

      The same can’t be said about the Netherlands, another country with bad laws Erdogan is more than happy to exploit to silence criticism. This makes things a little easier for the Turkish government. The last time it punished a Dutch citizen for criticizing the Turkish president, it had to wait for the journalist to visit the country before arresting her.

      This time the Dutch government is going to be doing the punishing. Erdogan has spoken and, rather than being greeted with laughter followed by a dial tone, the Dutch government appears to be moving forward with a local prosecution.

    • That Facebook Will Turn to Censoring the Left Isn’t a Worry—It’s a Reality

      On August 6, a number of giant online media companies, including Facebook, YouTube, Apple, Spotify and Pinterest, took the seemingly coordinated decision to remove all content from Alex Jones and his media outlet Infowars from their platforms.

      Jones, perhaps the internet’s most notorious far-right conspiracy theorist, has claimed that the Sandy Hook shooting was a hoax, the Democratic Party is running a child sex ring inside a DC pizzeria and that the Las Vegas shooting was perpetrated by Antifa. Despite or perhaps because of such claims, his website Infowars has built up an enormous following: 3 million Americans, almost 1 percent of the population, visited the site in July 2018, according to Alexa.

      [...]

      Unfortunately, Facebook immediately used this new precedent to switch its sights on the left, temporarily shutting down the Occupy London page and deleting the anti-fascist No Unite the Right account (Tech Crunch, 8/1/18). Furthermore, on August 9, the independent, reader-supported news website Venezuelanalysis had its page suspended without warning.

      The site does not feign neutrality, offering news and views about Venezuela from a strongly left-wing perspective. But it’s not uncritical of the Venezuelan government, either, and provides a crucial English-language resource for academics and interested parties on all sides wishing to understand events inside Venezuela from a leftist perspective, something almost completely absent in corporate media, which has been actively undermining elections (FAIR.org, 5/23/18) and openly calling for military intervention or a coup in the country (FAIR.org, 5/16/18).

    • Once Again, Court Rejects Silly Claims That YouTube Provided Material Support For Terrorists

      For the past few years we’ve been covering a whole series of cases, most of them filed by (I’m not making this up) a silly law firm by the name of 1-800-Law-Firm, trying to argue that various big internet companies provided material support to ISIS or other terrorists, and therefore owe tons of money to surviving relatives of people killed by ISIS or other terrorist organizations. There have been lawsuits against Twitter, Facebook and Google/YouTube. So far, all of these lawsuits have failed miserably — as they should.

      Even if the plaintiffs could show that these platforms actively enabled terrorists to use their platform (which they do not, as all of them proactively look to remove terrorist related content), none of the cases makes an even half-hearted attempt to connect the (very unfortunate) deaths of their relatives to any actual content on these platforms. The lawsuits are basically “these bad people use Twitter/Facebook/YouTube, these people killed my relative, thus, those platforms owe me millions of dollars.” That, of course, is not how the law works.

    • Court Dismisses Defamation Lawsuit Over Steele Dossier

      You may have noticed that an awful lot of news broke yesterday concerning a wide variety of legal cases all touching on the President. Most of the coverage, of course, went to the two big cases: the guilty verdict against former campaign chair Paul Manafort and the guilty plea by former Trump personal lawyer Michael Cohen. There were some other cases with breaking news as well, including a judge in New York rejecting Trump’s attempt to dump a lawsuit filed against his private security team for apparently beating up some protesters. Also, in a (frankly, very weak) defamation lawsuit filed by former Apprentice contestant Summer Zervos, apparently Trump has refused to submit to discovery requests, leading Zervos’ legal team to file a motion to compel him to respond.

      Most of those cases don’t cover the kinds of things we usually talk about (the defamation case being the exception — but at this stage, there really isn’t that much worth commenting on). However, there was yet another case loosely involving the President that is something we’d talk about and which concluded late Monday (though, the news broke on Tuesday as well). And that involved a defamation case filed by three Russians against Christopher Steele, author of the so-called “Steele Dossier.” Back in October of last year, three Russians, Mikhail Fridman, German Khan and Peter Aven, who are all involved with Alfa-Bank, sued Fusion GPS and its founder Glenn Simpson in federal court for defamation. That case is still waiting for a ruling on both a Motion to Dismiss and an Anti-SLAPP Motion.

      However, while all of that was going on, the same three Russians filed a very similar case in the DC Superior Court (the equivalent of a state court, rather than federal court). That case was filed in April of this year, and while the federal court is still dilly dallying around on it, the state court dismissed the case on anti-SLAPP grounds (which rendered a related Motion to Dismiss moot.).

    • Facebook begins rating users on how trustworthy they are at flagging fake news

      One of those is this trust rating. Facebook didn’t tell the Post everything that went into the score, but it is partly related to a user’s track record with reporting stories as false. If someone regularly reports stories as false, and a fact-checking team later finds them to be false, their trust score will go up; if a person regularly reports stories as false that later are found to be true, it’ll go down.

    • John Calder, British Publisher Who Fought Censorship, Dies at 91

      John Calder, an independent British publisher who built a prestigious list of authors like Samuel Beckett and Heinrich Böll and spiritedly defended writers like Henry Miller against censorship, died on Aug. 13 in Edinburgh. He was 91.

      Alessandro Gallenzi, who bought Mr. Calder’s publishing company in 2007 and continues to sell books under his name, confirmed the death.

      Mr. Calder’s refined literary palate — sometimes at odds with his admittedly uneven commercial acumen — led him to bring out books in Britain by Eugène Ionesco, Marguerite Duras, Alain Robbe-Grillet, Claude Simon, William S. Burroughs and Nathalie Sarraute.

    • Publisher John Calder was a ‘towering figure in the fight against censorship’
    • Censorship machines removed my article warning people about censorship machines

      A few days ago, about a dozen articles and campaign sites criticizing EU plans for copyright censorship machines silently vanished from the world’s most popular search engine. Proving their point in the most blatant possible way, the sites were removed by exactly what they were warning of: Copyright censorship machines.

      Among the websites that were made impossible to find: A blog post of mine in which I inform Europeans about where their governments stand on online censorship in the name of copyright and a campaign site warning of copyright law that favors corporations over free speech.

      [...]

      After the EFF uncovered further fraudulent removals by Topple Track and TorrentFreak covered the story, Google reportedly terminated its trusted partnership with the company. But still, as of this writing, my blog post remains unlisted on Google Search. Incredibly, not even when a company is exposed for issuing abusive takedowns are the websites they’ve previously ordered removed reinstated. Each individual author must actively put up a fight to restore the findability of their free speech. [Update: The page seems to be back in the Google index now.]

    • Blockchain tech has the power to fight censorship — but it can help fake news stay forever

      Although a lot of people use ‘blockchain’ as a synonym to bitcoin, the possibilities this tech offers go far beyond cryptocurrencies.

      In its core, blockchain is a decentralised database of data where nothing can be added or modified without the consent of all the participants.

      Publiq, which describes itself as a non-profit foundation, uses blockchain technology to create a new, decentralised environment for content publishing. Their aim is to bypass centralised management of the media sector and give authors the freedom to publish their content without any external intervention. As a bonus, blockchain technology helps authors retain copyright and monetise their work.

      Publiq is founded on blockchain, which means no one can modify content at any stage of its publishing and sharing. Dr. Christian de Vartavan, adviser and global ambassador at Publiq, compares the principle of blockchain technology to an old-fashioned bill spike: you pile up the bills by sticking them on the spike one by one, and you can’t remove or modify any of the previous bills unless you take everything off, which is simply impossible with blockchain.

    • Society Is Made Of Narrative. Realizing This Is Awakening From The Matrix.

      Without mental narrative, nothing is experienced but sensory impressions appearing to a subject with no clear shape or boundaries. The visual and auditory fields, the sensation of air going in and out of the respiratory system, the feeling of the feet on the ground or the bum in the chair. That’s it. That’s more or less the totality of life minus narrative.

      When you add in the mental chatter, however, none of those things tend to occupy a significant amount of interest or attention. Appearances in the visual and auditory field are suddenly divided up and labeled with language, with attention to them determined by whichever threatens or satisfies the various agendas, fears and desires of the conceptual identity construct known as “you”. You can go days, weeks, months or years without really noticing the feeling of your respiratory system or your feet on the ground as your interest and attention gets sucked up into a relationship with society that exists solely as narrative.

      “Am I good enough? Am I doing the right thing? Oh man, I hope what I’m trying to do works out. I need to make sure I get all my projects done. If I do that one thing first it might save me some time in the long run. Oh there’s Ashley, I hate that bitch. God I’m so fat and ugly. If I can just get the things that I want and accomplish my important goals I’ll feel okay. Taxes are due soon. What’s on TV? Oh it’s that idiot. How the hell did he get elected anyway? Everyone who made that happen is a Nazi. God I can’t wait for the weekend. I hope everything goes as planned between now and then.”

      On and on and on and on. Almost all of our mental energy goes into those mental narratives. They dominate our lives. And, for that reason, people who are able to control those narratives are able to control us.

    • European lawmaker writes post warning about dangers of automatic copyright filters, which is taken down by an automatic copyright filter

      Julia Reda is the Member of the European Parliament who has led the fight against Article 13, a proposal to force all online services to create automatic filters that block anything claimed as a copyrighted work.

      Reda has written copiously on the risks of such a system, with an emphasis on the fact that these filters are error-prone and likely to block material that doesn’t infringe copyright.

    • Automated Filter Removed Parliament Member’s Article Warning About Censorship By Automated Filters

      Last week, Tim Cushing had a post about yet another out of control automated DMCA notifier, sending a ton of bogus notices to Google (most of which Google removed from its search engine index, since the sender, “Topple Track” from Symphonic Distribution was a part of Google’s “Trusted Copyright Program,” giving those notices more weight). The post listed many of the perfectly legitimate content that got removed from Google’s index because of that rogue automated filter, including an EFF page about a lawsuit, the official (authorized) pages of Beyonce and Bruno Mars, and a blog post about a lawsuit by Professor Eric Goldman.

    • Facebook Suspended a Latin American News Network and Gave Three Different Reasons Why

      On August 13, Facebook shut down the English-language page of Telesur, blocking access for roughly half a million followers of the leftist media network until it was abruptly reinstated two days later. Facebook has provided three different explanations for the temporary disappearing, all contradicting one another, and not a single one making sense.

      Telesur was created by Venezuela’s then-President Hugo Chávez in 2005 and co-funded by hemispheric neighbors Cuba, Bolivia, Nicaragua, and Uruguay — Argentina pulled support for the web and cable property in 2016. As a state-owned media property, it exists somewhere on the same continuum as RT and Al Jazeera, though like the former, Telesur has been criticized as a nakedly partisan governmental mouthpiece, and like the latter, it does engage in real news reporting. But putting aside questions of bias and agenda, Telesur does seem to exist on a separate plane than, say, Infowars, which exists primarily to peddle its particular, patently false genre of right-wing paranoia fan fiction packaged as news (and brain pills), as opposed to some garden-variety political agenda. Unlike RT, Telesur hasn’t been singled-out for a role in laundering disinformation for military intelligence purposes, nor is it a hoax factory, à la Alex Jones.

    • Alex Jones was an Easy Censorship Precedent – Predictably Other Dissent is Following
    • Before You Talk About How Easy Content Moderation Is, You Should Listen To This

      For quite some time now, we’ve been trying to demonstrate just how impossible it is to expect internet platforms to do a consistent or error-free job of moderating content. Especially at the scale they’re at, it’s an impossible request, not least because so much of what goes into content moderation decisions is entirely subjective about what’s good and what’s bad, and not everyone agrees on that. It’s why I’ve been advocating for moving controls out to the end users, rather than expecting platforms to be the final arbiters. It’s also part of the reason why we ran that content moderation game at a conference a few months ago, in which no one could fully agree on what to do about the content examples we presented (for every single one there were at least some people who argued for keeping the content up or taking it down).

      On Twitter, I recently joked that anyone with opinions on content moderation should first have to read Professor Kate Klonick’s recent Harvard Law Review paper on The New Governors: The People, Rules and Processes Governing Online Speech, as it’s one of the most thorough and comprehensive explanations of the realities and history of content moderation. But, if reading a 73 page law review article isn’t your cup of tea, my next recommendation is to spend an hour listening to the new Radiolab podcast, entitled Post No Evil.

      I think it provides the best representation of just how impossible it is to moderate this kind of content at scale. It discusses the history of content moderation, but also deftly shows how impossible it is to do it at scale with any sort of consistency without creating new problems. I won’t ruin it for you entirely, but it does a brilliant job highlighting how as the scale increases, the only reasonable way to deal with things is to create a set of rules that everyone can follow. And then you suddenly realize that the rules don’t work. You have thousands of people who need to follow those rules, and they each have a few seconds to decide before moving on. And as such, there’s not only no time for understanding context, but there’s little time to recognize that (1) content has a funny way of not falling within the rules nicely and (2) no matter what you do, you’ll end up with horrible results (one of the examples in the podcast is one we talked about last year, explaining the ridiculous results, but logical reasons, for why Facebook had a rule that you couldn’t say mean things about white men, but could about black boys).

    • Richie Greenberg Raises Tech Censorship Awareness at Twitter’s Headquarters

      On Friday, August 17th, a group of people gathered at Twitter’s headquarters in San Francisco to raise awareness about censorship at big tech companies.

      They gathered at the corner of Market and 10th streets in San Francisco. Onlookers can see the volunteers in neon vests holding hand-written signs.

      [...]

      Once shadowbanned, the user would be limited in certain abilities, making it harder to gain new followers.

    • Social media companies must disclose censorship

      Millions of Americans use social media to get their news, and that number is growing rapidly by the year. But when they log on, they don’t always get the full story.

      Powerful social media companies are filtering the information that users receive on their platforms. As a result, the picture we get of politics is partial and distorted, like a carnival mirror.

      Last month, Vice reported that Twitter was limiting the visibility of conservative accounts.

      Some tweets from these accounts did not appear in searches, and the accounts themselves were made more difficult to find through the search feature. This “shadow ban” made it harder for users to get information about certain public officials — or even to learn that their presence existed.

    • Censorship in the age of Netflix

      The Indian state has an expansive legal toolkit when it comes to censorship of content, encompassing cinema, broadcast media, books, and newspapers and news magazines. Even live dramatic performances do not escape the possibility of censorship, thanks to the truly anachronistic Dramatic Performances Act and its various state government avatars. Essentially, if the government believes you are up to no good, there are laws on the books which they can use to stop you regardless of whether your chosen vehicle is a prurient pantomime, a blasphemous book, or a mischievous movie.

      Confining ourselves to moving images (which are more heavily regulated than any other type of content), we are all familiar with the Censor Board – officially known as Central Board of Film Certification – and the delicate dance that Indian filmmakers play when it comes to obtaining the ubiquitous CBFC certificate we see before every film. Some of us are even familiar with the content code that all television channels in India need to comply with.

    • House Majority Leader Kevin McCarthy Is At It Again with Bullshit Censorship Claim

      Twitter rant about the online “censorship” of “conservatives” might be that he’s the dumbest person ever elected to Congress.

    • Pelosi mocks McCarthy for tweet complaining of censorship
    • House speaker hopefuls Kevin McCarthy and Nancy Pelosi trade tweet blows over Twitter censorship
    • GOP House Majority Leader Kevin McCarthy had technical difficulties with his Twitter ‘censorship’ complaint
    • Republican Kevin McCarthy Accused Twitter Of Censoring Conservatives, Turns Out He Just Had His Settings Wrong
    • Nancy Pelosi Mocks GOP Leader Kevin McCarthy for Not Knowing How Twitter Works
    • Facebook apologizes to right-wing group PragerU after being accused of censoring its videos
    • Facebook apology after censorship isn’t enough, says Prager: ‘The Left doesn’t believe in free speech’
    • Pakistan lifts state media censorship for complete editorial independence
    • Imran Khan Thanks Navjot Sidhu, Has Message For His Critics In India
    • India – New Pak PM Imran Khan’s Biggest Foreign Policy Challenge
    • First act of Imran Khan’s government: remove censorship on state radio and television
    • Political censorship lifted from PTV, says information minister
    • Pakistan PM Imran Khan lifts censorship of state TV, radio: Minister
    • Information Minister notifies to end political censorship of state media
    • PTI government lifts political censorship on PTV, Radio Pakistan
    • “Complete Editorial Independence”: Pakistan Lifts State Media Censorship
    • No political censorship on state-owned media: info minister Fawad Chaudhry
    • PTI govt ends decades-old political censorship on PTV
    • Info minister says has ended political censorship of state TV
    • Censorship on state-run media lifted: Fawad

      Information Mini­ster Fawad Ahmed on Tuesday announced that the Pakistan Tehreek-i-Insaf-led government had lifted political censorship on state-run news organisations.

      In a statement posted on Twitter, the minister said that both Pakistan Television (PTV) and Radio Pakistan would now enjoy complete editorial independence over the content they produce.

    • EU set to impose tough new rules on social media companies

      The European Commission is reportedly planning to bring in new laws that will punish social media companies if they don’t remove terrorist content within an hour of it being flagged.

      The news comes courtesy of the FT, which spoke to the EU commissioner for security, Julian King, on the matter of terrorists spreading their message over social media. “We cannot afford to relax or become complacent in the face of such a shadowy and destructive phenomenon,” he said, after reflecting that he doesn’t think enough progress had been made in this area.

      Earlier this year the EU took the somewhat self-contradictory step of imposing some voluntary guidelines on social media companies to take down material that promotes terrorism within an hour of it being flagged. In hindsight that move seems to have been made in order to lay the ground for full legislation, with Europe now being able to claim its hand has been reluctantly forced by the failure of social media companies to do the job themselves.

      So long as the legal stipulation if for content to be taken down when explicitly flagged as terrorist by police authorities it should be pretty easy to enforce – indeed it could probably be automated. But legislation such as this does pose broader questions around censorship. How is ‘terrorist’ defined? Will there be a right of appeal? Will other organisations be given the power to demand content be taken down? Will this law be extended to other types of contentious content?

    • A New Report Details Pro-Trump Censorship of Liberty University’s Student Paper

      A rift between the Liberty University president and an on-campus newspaper indicates that campus free speech battles are not solely an issue for liberal colleges. Jerry Falwell, Jr., the president of one of the largest Christian universities in America, is a very vocal supporter of Republicans and conservatives and that support has crossed over to his college’s identity. Earlier in the month, Falwell invoked his students to criticize Attorney General Jeff Sessions for not supporting President Trump enough, citing their low attendance at a 2016 event as proof that they did not back Sessions. Now World Magazine alleges that Falwell played a direct role in censoring the political views of Liberty’s Champion, the on-campus paper. The alleged censorship mostly applied to criticisms of Trump.

      In one allegation, Falwell reportedly directed staffers in 2016 to state the presidential candidate for which they were voting. At another point, Falwell told another editor to not run former Sports Editor Joel Schmieg’s column disavowing Trump’s “locker room talk” controversy. Schmieg then attempted to share his thoughts on Facebook, but later resigned when a faculty adviser communicated to him that he should refrain from repeating the action in the future. According to World Magazine, Schmieg said, “I didn’t feel comfortable being told what I couldn’t write about by President Falwell.”

    • FreeWeibo is working towards a censorship-free China

      China’s internet has always been heavily censored by its government. The heavy censorship, also know as The Great Firewall, restricts users from searching or sharing certain phrases and words online — like pictures of Winnie the Pooh — to ‘protect’ Chinese citizens, or so the government says.

      Understandably, not everybody is happy with the ridiculously outdated policy. That why activists at GreatFire created FreeWeibo — a search engine that collects censored and deleted posts originally posted on Sina Weibo (China’s answer to Twitter).

    • A majority of Google employees are content with offering a censored search engine in China
    • Chasing the China market and enduring censorship
    • An anonymous poll of Google insiders shows how divided employees are over China
    • If Google goes to China, will it tell the truth about Tiananmen Square?
    • This chart shows how divided tech workers are over Google’s reported new Chinese search engine
    • Google workers protest China plan secrecy
    • Behind the fight over Google’s China project, a battle for the company’s soul
    • In China, Google must go by any other name
    • Google backs out of working with the Pentagon, but is still considering helping China censor its people
    • The Censorship of Youtube and Facebook with David Pakman and Andrew Austin

      On this Project Censored show Mickey, Chase and their guests discuss how Internet titans like Facebook and Youtube are censoring what users can post, and what the response to such censorship might be. David Pakman is the host of the David Pakman Show, available on Free Speech TV, Youtube, and radio. Andrew Austin is a Professor of Democracy and Justice Studies at the University of Wisconsin, Green Bay. Nolan Higdon is a professor of communications and history at multiple campuses in the San Francisco Bay area, is a long time contributor to Project Censored, and is an occasional co-host of this program.

    • Censorship of student journalism must stop
    • What Countries Have the Strictest Internet Censorship Regulations?

      Many of us take the benefits of the Internet for granted, and it’s hard to imagine life without the connectivity it provides. And yet, for some people, living with a heavily censored and restricted Internet connection is their routine, and there’s pretty much nothing they can do about it that can’t land them in trouble with their governments. Let’s take a look at how the Internet works in some parts of the world.

      [...]

      China is another country notorious for the way it treats Internet access, and the situation is quite challenging for anyone who wants to visit a large number of popular websites. Many Western sites are prohibited, or tightly regulated, and various specific types of content are not allowed to be viewed by anyone. As can be expected, the government keeps a close eye on the activities of all its citizens, and you can often about someone getting punished because they’ve decided to speak out against them openly.

  • Privacy/Surveillance

    • Defend encryption in Australia

      The Australian Government have released a draft Bill [The Assistance and Access Bill 2018] designed to compel device manufacturers and service providers to assist law enforcement in accessing encrypted information. Although apparently developed to allow government agencies access to criminals’ encrypted communications, the Bill also grants broad, sweeping powers to government agencies that will harm the security and stability of our communications and the internet at large.

    • Does the CIA plan to assassinate Duterte?

      President Duterte’s statement alleging that the Central Intelligence Agency (CIA) plans to assassinate him is not as crazy as it sounds.

      [...]

      Here are just a few examples of CIA’s covert ops against world leaders, as cited by the Guardian: “Earlier well-documented episodes include Congo’s first prime minister, Patrice Lumumba of Congo, judged by the US to be too close to close to Russia. In 1960, the CIA sent a scientist to kill him with a lethal virus, though this became unnecessary when he was removed from office in 1960 by other means.”

      “Other leaders targeted for assassination in the 1960s included the Dominican
      dictator Rafael Trujillo, president Sukarno of Indonesia, and president Ngo Dinh Diem of South Vietnam. In 1973, the CIA helped organise the overthrow
      of Chile’s president, Salvador Allende, deemed to be too left wing: he died on the day of the coup.”

      The CIA was reportedly involved not only in the killings of political leaders (usually done by military or opposition forces the spy agency was assisting), but also in the many coup d’etats and rebellions in South American countries, including Chile, Bolivia, Haiti, Panama, Peru, Argentina, El Salvador, Brazil, Guatemala, Uruguay, and Venezuela.

    • ‘The CIA is listening & may kill me’: Duterte mulls ditching his smartphone

      Philippines President Rodrigo Duterte is thinking of dumping his smartphone over fears that the CIA is constantly eavesdropping on his conversations and might use his private information to eventually assassinate him.

      “I know, the US is listening. I’m sure it’s the CIA, it’s also the one who will kill me,” Duterte said in Cebu City on Tuesday, rejuvenating fears that Washington may seek his demise over his independent foreign policy and willingness to obtain weapons from other global suppliers.

      To avert possible smartphone intrusion by outside powers, which Duterte said could include “Russia, China, Israel, and maybe Indonesia,” the 73-year-old leader is considering going back to using a basic cellphone, with which eavesdropping and interception is harder.

    • Central Florida police, fire departments embrace drones despite privacy concerns
    • Win! Landmark Seventh Circuit Decision Says Fourth Amendment Applies to Smart Meter Data

      The Seventh Circuit just handed down a landmark opinion, ruling 3-0 that the Fourth Amendment protects energy-consumption data collected by smart meters. Smart meters collect energy usage data at high frequencies—typically every 5, 15, or 30 minutes—and therefore know exactly how much electricity is being used, and when, in any given household. The court recognized that data from these devices reveals intimate details about what’s going on inside the home that would otherwise be unavailable to the government without a physical search. The court held that residents have a reasonable expectation of privacy in this data and that the government’s access of it constitutes a “search.”

      This case, Naperville Smart Meter Awareness v. City of Naperville, is the first case addressing whether the Fourth Amendment protects smart meter data. Courts have in the past held that the Fourth Amendment does not protect monthly energy usage readings from traditional, analog energy meters, the predecessors to smart meters. The lower court in this case applied that precedent to conclude that smart meter data, too, was unprotected as a matter of law. On appeal, EFF and Privacy International filed an amicus brief urging the Seventh Circuit to reconsider this dangerous ruling.

    • Duterte again accuses CIA of wanting him dead and bugging his phone

      President Duterte has again claimed the CIA wants to kill him and has accused the US spy agency of bugging his telephone conversations.

      Speaking at a government conference in Cebu today (Tuesday, August 21), he said: “I know, the US is listening. I’m sure it’s the CIA. It’s also the one who will kill me.”

    • Duterte: CIA could be listening to my conversations

      President Rodrigo Duterte on Tuesday said the United States’ Central Intelligence Agency (CIA) could be listening to his phone conversations, as he revived his allegations that the agency was out to kill him.

    • Report: Nakasone Recommends Keeping NSA, CyberCom Under Same Head

      General Paul Nakasone, head of the National Security Agency (NSA) and U.S. Cyber Command (CyberCom), recommended keeping the agencies under the same leader for the next two years, according to a report by the Washington Post. The Post’s sources noted that Nakasone believes CyberCom still needs intelligence support from NSA. When asked for comment by MeriTalk, NSA media relations officer Chris Augustine responded: “As NSA Director General Paul M. Nakasone has acknowledged publicly, NSA confirms that General Nakasone has completed his 90 Day assessment on the status of the dual hat arrangement. He provided this to the Secretary of Defense and the Chairman of the Joint Chiefs of Staff for their review.”

    • FBI Tried To Get Google To Turn Over Identifying Info On Hundreds Of Phone Owners

      This is the sort of rummaging the Constitution is supposed to prevent. It’s understandable the FBI needed some assistance tracking down robbery suspects, but this grab for a wealth of information about 45 hectares of people milling about minding their own business, isn’t. And this sort of thing isn’t limited to the FBI. As was covered here earlier this year, the Raleigh PD did the same thing at least four times during criminal investigations in 2017.

      In this case, hundreds of people would have been swept up in the dragnet. Certainly, some post-acquisition data sifting would have occurred to narrow it down to people/devices near the location of robberies when they occurred. But whatever happens after info is obtained cannot be used to justify the original acquisition. This warrant never should have been signed.

      If there’s any good news coming out of this, it’s that Google either didn’t hand over the info requested or didn’t have the info requested on hand.

    • Documents Bare How Federal Researchers Went to Absurd Lengths to Undo Problematic Tattoo Recognition Research

      In response to an EFF investigation that uncovered deeply troubling research practices by the National Institute for Technology & Standards (NIST), a senior federal scientist stripped off his clothes, had another scientist draw all over his skin with washable markers, and then posed for the camera. Those images—obtained by EFF through a Freedom of Information Act lawsuit—illustrate federal officials’ absurd reaction to an EFF investigation that showed the research exploited prisoners while bypassing ethical oversight measures.

      As EFF revealed in 2016, NIST researchers partnered with the FBI on a multi-year program to advance the state of the art of tattoo recognition technology—computer algorithms that automatically identify someone by their tattoos and even identify the meaning of those tattoos. NIST documentation explicitly stated that one goal was to use this automated technology to identify a subject’s “affiliation to gangs, sub-cultures, religious or ritualistic beliefs, or political ideology”—raising major First Amendment concerns. In addition, EFF’s research discovered that NIST researches had used—and distributed to corporate and institutional researchers—images of thousands of prisoners’ tattoos without their consent and without going through the ethical oversight process that protects prisoners from being unwitting research subjects. Following EFF’s report, NIST scrambled to retroactively change the nature of the research by removing all references to religion from its already published materials and redacting tattoo images previously available on its website.

    • Google is being sued over ‘privacy-invading’ location data collection

      “Despite users’ attempts to protect their location privacy, Google collects and stores users’ location data, thereby invading users’ reasonable expectations of privacy, counter to Google’s own representations about how users can configure Google’s products to prevent such egregious privacy violations.”

      The whole shebang kicked off last week when a report from the Associated Press (AP) uncovered evidence of data collection by Google using another telemetry. When asked to explain itself, it said that it was possible to turn off location tracking more fully, using a completely erroneously labelled as ‘Web and App Activity’.

    • In France, Smart City Policing is Spreading Like Wildfire

      In March, we started unveiling what is surrounding the Orwellian project
      “Smart City™” in Marseille. But, as it turns out, Marseille is but a tree hiding the forest, as predictive policing and police surveillance centers boosted by Big Data tools are proliferating all over France. Nice is a good illustration: The city’s mayor, security-obsessed Christian Estrosi, has partnered with Engie Inéo and Thalès — two companies competing in this thriving market — for two projects meant to give birth to the “Safe City™” in Nice. Yet, in the face of the unhindered development of these technologies meant for social control, the president of the CNIL (France’s data protection agency) seems to find it urgent to… follow the situation. Which amounts to laisser-faire.

    • Police Bodycams Can Be Hacked to Doctor Footage

      As they proliferate, police body cameras have courted controversy because of the contentious nature of the footage they capture and questions about how accessible those recordings should be.

      But when it comes to the devices themselves, the most crucial function they need to perform—beyond recording footage in the first place—is protecting the integrity of that footage so it can be trusted as a record of events. At the DefCon security conference in Las Vegas on Saturday, though, one researcher will present findings that many body cameras on the market today are vulnerable to remote digital attacks, including some that could result in the manipulation of footage.

      Josh Mitchell, a consultant at the security firm Nuix, analyzed five body camera models from five different companies: Vievu, Patrol Eyes, Fire Cam, Digital Ally, and CeeSc. The companies all market their devices to law enforcement groups around the US. Mitchell’s presentation does not include market leader Axon—although the company did acquire Vievu in May.

      In all but the Digital Ally device, the vulnerabilities would allow an attacker to download footage off a camera, edit things out or potentially make more intricate modifications, and then re-upload it, leaving no indication of the change. Or an attacker could simply delete footage they don’t want law enforcement to have.

    • Researcher Says Police Body Cameras Are An Insecure Mess

      The promise of transparency and accountability police body cameras represent hasn’t materialized. Far too often, camera footage goes missing or is withheld from the public for extended periods of time.

      So far, body cameras have proven most useful to prosecutors. With captured footage being evidence in criminal cases, it’s imperative that footage is as secure as any other form of evidence. Unfortunately, security appears to be the last thing on body cam manufacturers’ minds.

    • The NSA Continues to Violate Americans’ Internet Privacy Rights

      An upcoming federal appeals case could restore crucial privacy protections for millions of Americans who use the internet to communicate overseas.

      A federal court will be scrutinizing one of the National Security Agency’s worst spying programs on Monday. The case has the potential to restore crucial privacy protections for the millions of Americans who use the internet to communicate with family, friends, and others overseas.

      The unconstitutional surveillance program at issue is called PRISM, under which the NSA, FBI, and CIA gather and search through Americans’ international emails, internet calls, and chats without obtaining a warrant. When Edward Snowden blew the whistle on PRISM in 2013, the program included at least nine major internet companies, including Facebook, Google, Apple, and Skype. Today, it very likely includes an even broader set of companies.

    • Giving Privacy Badger a Jump Start

      When new users try Privacy Badger, they often get confused about why Privacy Badger isn’t blocking anything right away. But that’s because Privacy Badger learns about trackers as you browse; up until now, it hasn’t been able to block trackers on the first few sites it sees after being installed.

      With today’s update, however, new users won’t have to wait to see Privacy Badger in action. Thanks to a new training regimen, your Badger will block many third party trackers out of the box.

      [...]

      Using Selenium for automation, our new training regimen has Privacy Badger visit a few thousand of the most popular websites on the Web, and saves what Privacy Badger learns. Then, when you install a fresh version of Privacy Badger, it will be as if your Badger has already visited and learned from all of those sites. As you continue browsing, your Badger will continue to learn and build a better understanding of which third parties are tracking you and how to block them.

      Every time we update Privacy Badger, we’ll update the pre-trained list as well. If you already use the extension, these updates won’t affect you. After you install Privacy Badger, it’s on its own: your Badger uses the information it had at install time combined with what it learns from your browsing. Future updates to the pre-trained list won’t affect your Badger unless you choose to reset the tracking domains it’s learned about. And as always, this learning is exclusive to your browser, and EFF never sees any of your personal information.

  • Civil Rights/Policing

    • Mother held in Dubai after wine row ‘sent bomb and death threats’

      She told BBC Radio Kent she had “never expected to get all of this”, with a bomb threat even made to her home.

    • No Immunity For ICE Attorney Who Submitted A Forged Document In A Deportation Hearing

      Love will be held personally responsible for violating the rights of an immigrant seeking naturalization. The record shows Lanuza was exactly the kind of person we want to welcome to the US — a person who was useful, productive, and by all accounts a model citizen. The only thing he was missing was the citizenship. And an ICE lawyer tried to take it all away and separate Lanuza from his family by submitting a forged document into evidence. The brazen dishonesty is shocking. The capricious cruelty of this move — completely unwarranted by Lanuza’s behavior during his decade in the US — is what really sticks in your throat.

    • Whistleblowers — RT Interview

      In the wake of anoth­er appar­ently vic­tim­ised whis­tleblower emer­ging from the US intel­li­gence com­munity, here is an inter­view on the sub­ject on RT…

    • Torture, missing evidence and procedural violations: how to make a terrorism case against 21 Russian Muslims

      In late July, a court in Ufa, capital of Bashkortostan, reached a final ruling in one of the largest cases concerning the Islamist party Hizb ut-Tahrir in recent years. Alleged and real members of the organisation, which is banned in Russia, have been targeted consistently over the past 15 years: since 2003, there were at least 50 trials concerning Hizb ut-Tahrir – and no less than 300 people have been convicted (mostly in Tatarstan and Bashkortostan) as a result.

      On this occasion, some 21 people were sentenced to between five and 24 years imprisonment. According to the investigation, the crimes of these men included reading certain books, as well as holding meetings and discussions about Islam. The defendants were charged under two articles of Russia’s Criminal Code: on terrorist organisations and on attempts to overthrow the constitutional order.

    • Arnold Ahlert: Reality Winner Reveals Deep-State Rot

      While the American Left was plumbing the depths of its ideologically induced ignorance by conflating John Brennan’s constitutional rights with his revoked security clearance, a shining example of Deep State rot has remained largely below the radar. On June 26, Reality Winner, a 26-year-old NSA contractor arrested for leaking classified information to a news outlet, pleaded guilty as charged. Last Thursday, it was revealed the virulently anti-Trump Georgia woman faces sentencing Aug. 23. According to the prosecutors’ court filings, Winner will receive the “longest sentence served by a federal defendant for an unauthorized disclosure to the media.”

    • Former NSA Contractor Faces “Longest Sentence” Ever Under Espionage Act

      A woman in Georgia is facing what some observers are calling “the longest sentence” ever imposed on someone convicted of leaking sensitive federal data to news outlets.

      Reality Winner — an ex-NSA contract employee — is the young woman looking at spending 10 years in federal prison, should the judge impose the harshest possible penalty at her sentencing hearing scheduled for August 23.

      Winner has been incarcerated since June after being charged and convicted of passing to The Intercept a classified NSA document detailing Russian attempts to meddle in the 2016 presidential election. Winner was eventually identified as the source of the document and was apprehended and convicted.

    • More Than 500 Children Are Still Separated. Here’s What Comes Next.

      It’s been nearly one month since a federal court ordered the Trump administration to reunite separated families, but hundreds of children are still waiting. In fact, as of 12:00 pm on August 16, 565 immigrant children remained in government custody.

      For 366 of those children, including six who are under the age of five, reunion is made all the more complicated by the fact that the government already deported their parents — without a plan for how they would be ever be located.

      After forcefully rejecting the government’s assertion that the ACLU is solely responsible for finding deported parents — rather than say, the administration who deported them — the court has ordered both us and the administration to create a plan to locate and reunite deported parents with their children.

  • Internet Policy/Net Neutrality

    • Apple sued over claims website is inaccessible to visually impaired users

      Mendez, said to be a proficient user of the Jobs Access With Speech (JAWS) screen reading program, visited the Apple website earlier this month but encountered “multiple access barriers” that denied “full and equal access to the facilities, goods, and services offered to the public,” such as being able to browse and purchase products, make service appointments, or learn of the facilities available in Apple Stores in New York, the city where Mendez is resident.

      The filing provides a long list of issues with the website that it believes needs fixing, in order to comply with the ADA, in relation to screen readers. The list includes the lack of alternative text for graphics, empty links containing no text, redundant links, and linked images missing alternative text.

    • A new Class Action Lawsuit has been filed against Apple on behalf of those that are Legally Blind or Visually Impaired

      Further into the lawsuit they note: …”simple compliance with the WCAG 2.0 Guidelines would provide Plaintiff and other visually-impaired consumers with equal access to the Website, Plaintiff alleges that Defendant has engaged in acts of intentional discrimination.”

    • 22 states jointly petition the Federal Circuit appeals court to reinstate Net Neutrality

      The Attorneys General of New York, California, Connecticut, Delaware, Hawaii, Illinois, Iowa, Kentucky, Maine, Maryland, Massachusetts, Minnesota, Mississippi, New Mexico, North Carolina, Oregon, Pennsylvania, Rhode Island, Vermont, Virginia, Washington, and the District of Columbia have filed suit in the U.S. Court of Appeals for the D.C. Circuit, asking it to reinstate the Network Neutrality rules killed by Trump FCC Chairman Ajit Pai.

      The states argue that the FCC broke the rules that require administrative agencies to act on the basis of evidence, rather than whim or ideology. The Net Neutrality rule that Pai destroyed was passed after extensive consultation and an open, rigorous comment process, with hearings and other fact-finding activities.

    • 23 Attorneys General Urge Appeals Court To Restore Net Neutrality

      As expected, Mozilla, 22 State attorneys general, INCOMPAS, and numerous consumer groups this week asked a U.S. appeals court to reinstate FCC net neutrality rules. The state AGs, led by New York Attorney General Barbara Underwood, filed a lawsuit back in January attempting to overturn the repeal, arguing that the decision will ultimately be a “disaster for New York consumers and businesses.” Mozilla and a few other companies also filed suit, as well as consumer groups including Free Press and Public Knowledge.

    • Verizon Throttled The ‘Unlimited’ Data Plan Of A Fire Dept. Battling Wildfires

      We’ve long discussed how Verizon (like most U.S. cellular carriers) has a terribly-difficult time understanding what the word “unlimited” means. Way back in 2007 Verizon was forced to settle with the New York Attorney General after a nine-month investigation found the company was throttling its “unlimited” mobile data plans after just 5GB of data usage, without those limits being clearly explained to the end user. Of course Verizon tried for a while to eliminate unlimited data plans completely, but a little something called competition finally forced the company to bring the idea back from the dead a few years ago.

      But the company’s new “unlimited” data plans still suffer from all manner of fine print, limits, and caveats. That includes throttling all video by default (something you can avoid if you’re willing to pay significantly more), restrictions on tethering and usage of your phone as a hotspot or modem, and a 25 GB cap that results in said “unlimited” plans suddenly being throttled back to last-generation speeds as slow as 128 kbps. In short, Verizon still pretty clearly has no damn idea what the word unlimited actually means, nor does it much care if this entire mess confuses you.

    • EFF Tells the FTC Why We Need Better Competition and Consumer Protection Policies for Tech Companies

      The Federal Trade Commission (FTC) is wondering whether it might be time to change how the U.S. approaches competition and consumer protection. EFF has been thinking the same thing and come to the conclusion that yes, it is. On August 20, we filed six comments with the FTC on a variety of related topics to tell them some of the history, current problems, and thoughtful recommendations that EFF has come up with in our 28 years working in this space.

      Back in June 2018, the FTC announced it was going to hold hearings on “competition and consumer protection in the 21st century” and invited comment on 11 topics. As part of our continuing work looking at these areas as they intersect with the future of technology, EFF submitted comments on six of the topics listed by the FTC: competition and consumer protection issues in communication, information, and media technology networks; the identification and measurement of market power and entry barriers, and the evaluation of collusive, exclusionary, or predatory conduct or conduct that violates the consumer protection statutes enforced by the FTC, in markets featuring “platform” businesses; the intersection between privacy, big data, and competition; evaluating the competitive effects of corporate acquisitions and mergers; the role of intellectual property and competition policy in promoting innovation; and the consumer welfare implications associated with the use of algorithmic decision tools, artificial intelligence, and predictive analytics.

      Our goal in submitting these comments was to provide information and recommendations to the FTC about these complicated areas of Internet and technology policy. The danger is always that reactionary policies created in response to a high-profile incident may result in rules that restrict the rights of users and are so onerous that only established, big companies can afford to comply.

  • Intellectual Monopolies

    • High-stakes gambling with a bad hand

      Scientific Games Corp was handed a dead loss judgment for $305 million in a recent professional gambling antitrust case, which stemmed from patent misuse in an earlier lawsuit over an automatic card shuffler. This monopoly-beating jackpot will be divided among Shuffle Tech LLC, DigiDeal Corp, Aces Up Gaming, Inc and Poydras-Talrick Holdings LLC, which had claimed that Scientific Games’ patent infringement lawsuit against them was based on patents that Scientific Games knew were unenforceable.

    • Nokia reveals licencing charges for access to its 5G patents

      Nokia holds a swathe of patents for its intellectual property that will be essential for the rollout of next generation mobile networks

    • Hologic Wins $4.8M in Jury Verdict After Judge Determines Assignor Estoppel BarredPatent Invalidity Defenses

      On July 27th, a jury verdict entered in the District of Delaware awarded $4.8 million in lost profit and reasonable royalty damages to Marlboro, MA-based medical technology company Hologic Inc. after the jury determined that two of its patents were infringed by Redwood City, CA-based medical device company Minerva Surgical. At issue in the case was a technology marketed by Minerva to treat women dealing with abnormal uterine bleeding (AUB).

    • Abstraction, Filtration, and Comparison in Patent Law

      Last April, I had the good fortune to participate in a symposium at Penn Law School. The symposium gathered a variety of IP scholars to focus on the “historic” kinship between copyright and patent law. That kinship, first identified in Sony v. Universal Pictures, supposedly shows parallels between the two legal regimes. I use scare quotes because it is unclear that the kinship is either historic or real. Even so, there are some parallels, and a collection of papers about those parallels will be published in the inaugural issue of Penn’s new Law & Innovation Journal.

    • Request for Attorney Fees of $1.3 Million Reduced to $100 Thousand Due to Heavily Redacted Billing Records

      The court awarded defendant only $100,000 of its claimed $1.3 million in attorney fees under 35 U.S.C. § 285 because defendant failed to present sufficient evidence to support its fee claim.

    • Barcelona Court of Appeal considers that the “ex re ipsa” doctrine applies to patent matters

      Upon reading the title of this blog entry, readers may be wondering what the “ex re ipsa” doctrine involves. It therefore may be worth clarifying that it is a legal doctrine applied, for example, to cases dealing with damages, where the damage is presumed to have been caused (“causality”) when it is inherent to the activity that is the object of the complaint.

    • AIPPI appoints Arno Hold as executive director

      Hold was the Dean of external relations, member of the president’s board and lecturer on international trade at the University of St Gallen

    • EUIPO publishes 436 page survey on pre-Directive EU trade secrets protection

      The AmeriKat has been noticeably whiskers down in her day job over the past few months. But now, with the frenzy of a new Court term still several weeks away, she has taken the relatively quiet opportunity to review the much awaited publication of the EU IPO’s report entitled “The Baseline of Trade Secrets Litigation in the EU”. This report was commissioned by the EU IPO in order to prepare the future report that will assess what impact the EU Trade Secrets Directive has had (see previous Kat posts here). That report is to be published before 9 June 2021 (just think, 2021…what might be in store for us then?).

    • PCT Collaborative Search And Examination (CS&E) Pilot Project Run By The IP5 Offices

      On 1 July 2018, the IP5 Offices (EPO, KIPO, USPTO, JPO and SIPO) launched a pilot project to test a collaborative approach to international searches under the PCT, particularly with a view to assessing user interest for such a new PCT product and also look at the expected efficiency gains for the participating offices.

      In short, a PCT application filed in English can be entered in the pilot, with the EPO as ISA for example. If it is accepted by the EPO, the EPO will conduct its normal search and examination of the application. Before sending their report the EPO will send the application and its provisional search and examination to colleagues in each of the other four offices, who will review the report and comment on it and possibly update the search using their own resources.

    • With the strongest speech recognition portfolio, specialist operator Nuance holds off big tech players

      Boston-based computer software business Nuance Communications has the most grants and the highest quality patents related to speech recognition technologies, a new analysis examining the IP landscape of the field has revealed. In a report released earlier this month, IP analytics platform Relecura looked at more than 100,000 published patent applications (over half of which are granted) related to speech recognition technologies. Of these, over 33,500 have been filed in the US, compared to approximately 25,000 in China and 15,000 in Japan.

    • Trademarks

      • Dressing up a brand against lookalikes: part two

        Fashion brands may find it difficult to protect their designs under traditional methods of IP protection (for more information, please see “Dressing up a brand against lookalikes: part one”). Part two of this update looks at the more unconventional method of trade dress protection and highlights previous key trade dress cases in Russia.

      • Heaven Hill sues Bob Dylan-owned whiskey brand in trademark spat

        Attorneys for a well-known Kentucky bourbon maker are knock, knock, knockin’ on Bob Dylan’s door.

        Heaven Hill Distillery has filed a trademark infringement lawsuit against Heaven’s Door Spirits, a whiskey line co-owned by Dylan that was released earlier this year.

        The company’s name is a reference to Dylan’s 1973 song Knockin’ on Heaven’s Door.

        The lawsuit, filed Friday in U.S. District Court in Louisville, argues that the Bardstown-based company was founded by the Shapira family shortly after prohibition ended in the 1930s and has used the trademark for more than 80 years.

        A Heaven Hill attorney sent a cease-and-desist letter to Chicago-based Heaven’s Door in April, saying the start-up distillery’s use of its trademark “will create a likelihood of confusion” with the Kentucky bourbon brand’s products.

      • Heaven Hill Distillery Knocks On Bob Dylan’s Door Over His Heaven’s Door Whiskey For Trademark Infringement

        Trademark disputes in the alcohol industries are often times absurd enough to make the comments section question whether everyone involved was simply drunk. While I’m sure the lawyers on all sides tend to be sober, every once in a while you read a claim in a big-boy legal document that makes you pause and wonder. And, then, sometimes the dispute centers around a public figure punning off his own notoriety, making the trademark claims extra ludicrous.

        Meet Bob Dylan. Bob used to be a counterculture folksinger hero that eschewed the trappings of materialism and sang as one of the original social justice warriors. Present day Bob sings songs on car commercials and owns a Whiskey brand. And, hey, Bob’s allowed to make money, no matter how jarring this might be to those born decades ago. His Heaven’s Door Whiskey is, sigh, allowed to exist. It’s also allowed to fight back against the absurd trademark lawsuit brought by Heaven’s Hill Distillery over its logo and trade dress.

      • Has the CJEU quietly changed the conditions for safe harbour availability?

        This referral from Estonia was made in the context of proceedings that a collecting society, SNB-REACT, had initiated against an individual, Deepak Mehta, concerning the latter’s alleged liability for infringement of the IP rights of 10 trade mark owners.

        According to SNB-REACT, Mehta had allegedly registered a number of IP addresses and internet domain names, which unlawfully used signs identical to the trade marks owned by SNB-REACT members, together with websites unlawfully offering for sale goods bearing such signs.

        Mehta, however: (1) denied that he had registered the IP addresses and domain names challenged by the claimant; (2) even if he owned 38,000 IP addresses, he had rented them to third-party companies; and (3) this activity should be regarded as akin to that of a service providing access to an electronic communications network, together with an information transmission service, being – as a result – eligible for the safe harbour protection under the Estonian provisions corresponding to Article 12 to 14 of the E-Commerce Directive.

    • Copyrights

      • New Report Calls For Copyright For Public Benefit In Digital Era

        The report, “Creative Markets and Copyright in the Fourth Industrial Era: Reconfiguring the Public Benefit for a Digital Trade Economy,” was authored by Prof. Ruth L. Okediji, the Jeremiah Smith, Jr. professor of law at Harvard Law School.

        The report suggests that the rise of emerging technologies such as “big data, robotics, machine learning, and artificial intelligence (AI)” calls for “a more radical conception of global copyright norms” in order to “preserve, and even advance, public benefit in an era of digital trade.”

      • ROM sites are falling, but a legal loophole could save game emulation

        But what if there might be a middle ground that could thread the needle between the legality of original cartridges and the convenience of emulated ROMs? What if an online lending library, temporarily loaning out copies of ROMs tied to individual original cartridges, could satisfy the letter of the law and the interests of game preservation at the same time?

        What if such a library already exists? In fact, it has for 17 years.

« Previous Page« Previous entries « Previous Page · Next Page » Next entries »Next Page »

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts