Chrome OS 75 has been promoted to the stable channel as version 75.0.3770.102 (Platform version: 12105.75.0) for most Chromebook devices. This release introduces a new parental control feature that lets parents limit the time to their kids spend on Chrome OS devices, and it also enables kid-friendly Assistant for child accounts.
While still in beta, the support for Linux apps is improving with every release, and Chrome OS 75 introduces support for Linux apps to access Android devices over USB connections. Moreover, the Files app has been enhanced with support for third-party file provider apps, implementing the Android DocumentsProvider APIs.
The Slimbook Pro X bills itself as the ‘best Linux Laptop in the world’ — a bold claim, but does it hold up?
Well, on paper at least, it looks like it might.
The latest Linux portable from Spanish computer company Slimbook certainly sports enough muscle to give many well-known laptop a run for their money.
In fact, overall, the Slimbook Pro X looks better spec’d and costs less than the latest MacBook Air, seen by many as the ultimate on-the-go laptop.
So what makes the Pro X seemingly exceptional? Let’s take a look…
Red Hat Enterprise Linux 8 (RHEL 8) made its way into the market last month, which may have prompted a lot of people to expect the release of CentOS 8. according to recent reports, a major redesign is needed in the bundles; installer manufactures frameworks to make it ready to work with the more up to date working frameworks all the more proficiently. Here's all the info we've managed to scraped about the upcoming CentOS.
As indicated by the most recent reports, the fundamental form framework for the task has been finished, and at present, the group is focusing on the work of art. Additionally, the fabricate circles likewise need work to have the option to help the majority of the bundles of CentOS.
As shown with Gab and hate speech, violating Microsoft service agreements can have damning operational consequences for offending parties. But when it comes to providing the same services and more to government agencies that are actively separating refugee and immigrant families from their children at US borders while further holding them indefinitely concentration camps fit for no human (re: an act of genocide), Microsoft appears to have forgotten about their own service agreement. Despite such actions blatantly violating the same service agreement as Gab and virtually every acceptable code of ethics to boot, Microsoft is mum on the matter and continues to offer services to ICE, CBP, and their contractors to this day.
Although Microsoft has already taken some flack on an ethical basis for empowering these agencies with services such as server hosting and email while they simultaneously treat families and their children inhumanely, it seemingly went overlooked that these agencies are violating Microsoft’s own service terms. Sure, partaking in genocide isn’t directly outlawed in Microsoft’s service agreement, but exploiting, harming, or threatening harm to children is expressly prohibited and is something that Microsoft can help fix in short order by simply holding some our own government agencies to the same standard as a disgraced social nutwork.
Standards-compliant, cloud-native implementations based on open-source projects are possible thanks to the Cloud Native Computing Foundation (CNCF), which serves as the vendor-neutral home for many of the fastest-growing container-related projects. The foundation fosters collaboration between the industry’s top developers, end users and vendors.
While initially deployed in enterprise IT environments, cloud-native architectures and containers provide benefits that are equally desirable for industrial, energy and medical embedded systems located at a factory, hospital or remote site. Code reusability, efficient maintenance, platform independence and optimized resource utilization are just as important for devices and applications developed by small teams working to meet aggressive schedules, deployed across multiple hardware architectures based on a variety of processor architectures.
Organizations of all sizes are increasingly running their enterprise applications on top of cloud native infrastructure and more often than not, that infrastructure is Kubernetes.
Kubernetes is an open source effort originally started by Google five years ago and now operated as a multi-stakeholder effort under the direction of the Cloud Native Computing Foundation (CNCF).
The CNCF gained a major new supporter in June, with the addition of Apple as a Platinum End User Member. The platinum tier come swith a $370,000 annual fee that Apple will now fork over to the CNCF.
Apple isn't just a consumer and user of CNCF projects including Kubernetes, it's also an active contributor. Apple has made code contribution to the Kubernetes container orchestration project, Envoy proxy, Helm and the gRPC project as well. Apple joining the CNCF and being an active participant is a big deal not just for the brand recognition that they bring, but also because Apple was previously a very visible user of the rival Mesos orchestration system.
I have been bearish on IBM (NYSE:IBM) for several years. As more information is being disseminated and stored over the Internet, cloud computing has become all the rage. The company has been transitioning from mainframe computing to cloud computing. That transformation has been a long, arduous process. The company has stagnant to declining revenue growth, making it difficult to recommend the stock. Its acquisition of Red Hat (RHT) for $34 billion was expensive, but it could pay dividends down the line.
Almost 10 years after the Office of Management and Budget first directed agencies to begin moving to the cloud, those agencies no longer need to be told. They’ve seen the benefits, and cloud-first policies and the need to reduce datacenters are no longer the primary drivers. Experts say flexibility in application development and deployment, a better place to innovate in digital services, and enhanced security rank among the most common reasons.
But it can be a slow process, partly due to strict government requirements. Agencies need to meet requirements for security, uptime, disaster recovery, and workload portability with their hybrid cloud infrastructures..
As we kick off summer, we wanted to share some of the latest awards and recognition that Red Hat has received over the last few months. Since our last award roundup, Red Hat has been honored with more than 17 new accolades across our organization.
Since our founding 26 years ago, Red Hat has grown from a single product company to the world’s leading provider of enterprise open source software solutions and the first public open source company to generate more than $3 billion in revenue. Open source has revolutionized the software industry and it continues to be the driving force behind much of the technology innovation happening today. We see the following awards as a recognition of that journey.
But that is not the complete story. Netflix did not just seek the help of AWS because they have unlimited servers and data centers to provide. In fact, the huge costs of renting actual data centers can make it rather expensive to keep their monthly plans affordable for 150 million end users worldwide.
Open tools work best in the hands of open people. At Red Hat, we understand that tackling bold challenges—like digital transformation or application modernization—requires more than technology alone. It requires new ways of thinking, working, and problem-solving. That's why we're committed to helping organizations understand how they can embrace open principles to reshape their organizational cultures in productive and innovative ways.
So for Red Hat Summit in Boston, MA this year, members of the Open Organization community wanted to craft a unique experience that would help attendees understand the power of working openly. We wanted to create opportunities for visitors to share their culture- and process-focused challenges with us—not only so we could learn more about what's keeping people from being as innovative, agile and engaged as they'd like to be, but also so we could connect them with resources they could use to begin tackling those challenges.
This is the story of what we did, how we did it, and what we learned.
Noction provides a service which it claims can increase BGP efficiency by 30-50 per cent by splitting IP addresses into smaller chunks (overly simplified, but that'll get you through the explanation).
When that went wrong, it started misdirecting traffic. A lot of it was caught by failsafes from carriers, but Verizon, it appears, didn't have the necessary safeguards (a system called RPKI) and let the erroneous traffic go all over the internet.
Some information about software testing is just wrong. I'm not talking about opinions. I have lots of opinions and they differ from other peoples opinions. I'm talking about misinformation and old information that is no longer applicable.
I've ran across a few lateley that I want to address.
[00:27:50] This past weekend has seen a bit of dancing about whether Ubuntu will drop 32-bit libraries from the archive, ending up with a statement from Canonical about it saying they aren’t going to (and Valve have responded saying that they’ll continue to support Steam on Ubuntu, although that was after we recorded the show)
This week we’ve been at the Snapcraft Summit in Montreal, we bring you some command line love and go over all your feedback.
It’s Season 12 Episode 12 of the Ubuntu Podcast! Alan Pope, Mark Johnson and Martin Wimpress are connected and speaking to your brain.
Two new hosts join Joe to talk about a nice i3 implementation and an amazing arcade game written in Bash.
Plus a new segment called Distrohoppers, and a useful hidden feature of GNOME.
I'm announcing the release of the 4.14.131 kernel.
All users of the 4.14 kernel series must upgrade.
The updated 4.14.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.14.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...
discovered Linux in 1993 and instantly recognized it as a Big Deal. Linux had a command line that was much more powerful than MS-DOS, and you could view the source code to study the Linux commands, fix bugs and add new features. I installed Linux on my computer, in a dual-boot configuration with MS-DOS. Since Linux didn't have the applications I needed as a working college student (a word processor to write class papers or a spreadsheet program to do physics lab analysis), I booted into MS-DOS to do much of my classwork and into Linux to do other things. I was moving to Linux, but I still relied on MS-DOS.
In 1994, I read articles in technology magazines saying that Microsoft planned to do away with MS-DOS soon. The next version of Windows would not use DOS. MS-DOS was on the way out. I'd already tried Windows 3, and I wasn't impressed. Windows was not great. And, running Windows would mean replacing the DOS applications that I used every day. I wanted to keep using DOS. I decided that the only way to keep DOS was to write my own. On June 29, 1994, I announced my plans on the Usenet discussion group comp.os.msdos.apps, and things took off from there...
LF Networking (LFN) and the GSMA today announced a partnership to create a common industry framework for Network Functions Virtualization Infrastructure (NFVi). Hosted by the GSMA and created with input from the Linux Foundation, the Common NFVi Telco Taskforce (CNTT) will operate as an open committee responsible for creating and documenting a Common NFVi Framework. An industry-aligned NFVi framework helps accelerate deployment across the entire telecommunications stack, from infrastructure to Virtual Network Functions (VNFs).
“Operators are undergoing a period of significant digital transformation by migrating their networks from a physical to a virtualized or cloud environment. However, this is a challenging and time-consuming process involving integrating multiple different vendors into a common infrastructure,” said Alex Sinclair, Chief Technology Officer, GSMA. “By following a common approach and framework, operators will vastly reduce the time and costs associated with integration and accelerate adoption and deployment.”
With the Linux kernel driver support for the upcoming "Navi" graphics cards only having been sent out last week for AMDGPU/AMDKFD, given it was more than 450 patches and more than 400 thousand lines of code (granted much of that automated header files), there was some risk it could be postponed given the imminent cut-off of new material to DRM-Next for Linux 5.3 given the rigid release cycle. Fortunately, that pull request has been honored.
So assuming Linus Torvalds has no objections to the code, this AMDGPU Navi support will be present in Linux 5.3. The Navi addition did regress earlier support, but fortunately that bug was quickly spotted and resolved. DRM co-maintainer David Airlie was content enough with pulling in the big AMDGPU code update overnight to DRM-Next.
Thanks to longtime open-source Linux graphics developer Daniel Stone, Wayland's Weston reference compositor now has support for the EGL_KHR_partial_update extension to provide for potentially better performance.
The EGL_KHR_partial_update extension was led by Arm years ago to allow for efficient partial updates of surfaces ready to be displayed and for ignoring surfaces that are unchanged between frames.
At least for the newest Intel Xeon "Cascade Lake" processors, the LLVM Clang compiler is running incredibly well compared to the long-standing GNU Compiler Collection (GCC). Overall, LLVM clang is now nearly at performance parity to GCC 9 and the in-development GCC 10 compilers. Here are some Linux compiler benchmarks using the dual Intel Xeon Platinum 8280 server built around the Gigabyte S3461-3R0.
Distros and embedded users should start using bzip2-1.0.7 immediately. The patches they already have for the bzip2's traditional build system should still apply. The release includes bug fixes and security fixes that have accumulated over the years, including the new CVE-2019-12900.
Once 1.1.0 is released, distributions should be able to remove their patches to the build system and just start using Meson or CMake. You may want to monitor the 1.1.0 milestone — help is appreciated fixing the issues there so we can make the first release with the new build systems!
We are happy to announce the release of bzip2 1.0.7.
This is an emergency release because the old bzip2 website is gone and there were outstanding security issues. The original bzip2 home, downloads and documentation can now be found at: https://sourceware.org/bzip2/
Nextcloud announces a new collaborative rich text editor called Nextcloud Text. Nextcloud Text is described as not "a replacement to a full office suite, but rather a distraction-free, focused way of writing rich-text documents alone or together with others." See the Nextcloud blog post for more details.
Opera web browser 62 was released today with improved dark mode, design updates. Here’s how to install it in Ubuntu.
With the newest release of Opera 62, we have some interesting design updates on top of the changes we introduced in Reborn 3. We’d also like to show you a feature that will help you plan your holidays more easily.
Opera Software announced today the release Opera 62 web browser for all supported platforms, including GNU/Linux, macOS, and Microsoft Windows, a release that adds various design updates and some new features. Opera 62 is now available as the latest and most advanced version of the Chromium-based, cross-platform web browser that runs on desktops and mobile devices. This release introduces a new tool called Task Completer, which helps you easily plan your next vacation by allowing you to revisit the hotels you searched for on booking.com locally on the Opera Speed Dial. The Task Completer features is experimental and will be improved in future releases.
"We wanted to experiment with Task Completer in a context where retrieving previous search results is most important, such as travel. When we look for flights and book hotels we don’t always make instant decisions. Oftentimes, we want to go back to a specific hotel and show it to friends or loved ones traveling with us before we book," said Opera's Joanna Czajka.
Following on from the recent news that Double Eleven are the new developers of Prison Architect, as promised they just released a brand new update.
"Double Eleven has done an excellent job supporting Prison Architect on console since 2016 and the game’s community loves what they bring to the table," Steacy McIlwham, Product Manager for Prison Architect at Paradox Interactive, said. "We are confident in Double Eleven’s ability to continue improving upon an already great game and they have our full support."
[...]
Doesn't seem that GOG has the update for Linux just yet, but as mentioned it's live for Linux on Steam.
Today we have another interview for you, with Bearded Giant Games who are currently making the extreme space shooter Space Mercs.
I'm thoroughly confused and also slightly amused with Bird by Example, what the developer says is a "mock RPG where all the other occupants are horrifying birds who mimic your behaviour with deep learning".
I will admit currently the game goes a bit over my head, I don't quite get it. However, I've toyed around with it for a while and eventually it could be something special. There's something really unnerving about a group of really buff birds, that start copying you.
Seven Kingdoms: Ancient Adversaries, a proper classic RTS that's open source continues living on with a fresh release now available to download.
Originally released way back in the 90's, Enlight Software later decided to open source it in 2009 and since then it's seen quite a number of updates as well as a Linux port which works rather nicely.
Compatibility for this release should be no different to 0.74 and 0.74-2, so you should be able to upgrade without seeing any issues appear. They're also still working on the next major release with DOSBox 0.75, but some bugs are currently holding back a release.
I love DOSBox, before OpenXcom became fully playable for the classic X-COM experience I used it quite regularly. Cannon Fodder is also a rather guilty pleasure of mine, a true classic. What are some of your favourites you still play thanks to DOSBox?
As an unintentional side effect of Valve's latest sales event, the Steam Grand Prix, it seems a lot of users have begun cleaning out their Steam Wishlists.
Why? Well, it gives you the chance to win an item from your Steam Wishlist but only from the top three slots, it's not random. Valve's rules are pretty clear on how it all works but it still seems to have caused a lot of wishlist deletions. Removing games doesn't actually improve your chances, but likely will affect your future purchases of games you're no longer following as a result of it.
Hamster On Coke Games are at it again, with a new puzzle game on the way called OXXO that promises an experience that evolves as you play it.
They previously made Scalak, Zenge, PUSH, Art Of Gravity and more and their games are always quite highly rated. Personally, I played through Scalak back in 2018 and thoroughly enjoyed it so I'm happy to see more unique puzzle games from the same developer come to Linux.
Now that the dust has settled with the Linux version of The Colonists out in the wild, I spent some time playing it and came away quite impressed by it.
Earlier this week, Valve raised concerns around Ubuntu and Canonical’s plan to remove 32-bit software support. Valve said that it would need to drop support for the popular Linux distro if this happened and would need to begin recommending something else for users. Since then, Canonical has said that it will change plans and work to support certain 32-bit libraries based on community feedback, which means Valve will “likely be able to” continue supporting the OS.
In an update post on the Steam for Linux discussion board, Valve’s Pierre Loup provided some background on the situation and talked about why dropping 32-bit support would be an issue. While Steam itself could run in pure 64-bit environments, removing 32-bit support entirely would “leave the vast majority of the current Steam library inaccessible” without an additional compatibility layer. Valve has been investigating ways to avoid 32-bit system dependencies within Steam for a while now but if 19.10 released without any 32-bit compatibility, Valve would need to “fully complete such a system in the 19.10 release time frame” and would require “fundamental change in Steam’s runtime environment”. The end result would have been a confusing and messy experience for end users.
Within a month of Krita 4.2.1, we’re releasing Krita 4.2.2.
Some terminals like Tilix and Terminator offers the possibility to split the screen recursively, and I started to add the same thing to konsole. Konsole is usually said to be the swiss army knife of the terminal emulators, and if you didn’t try it yet, please do. We offer quite a lot of things that no other terminal emulator offer.
Cutelyst a Qt/C++ Web framework got a new release!
This release took a while to be out because I wanted to fix some important stuff, but time is short, I’ve been working on polishing my UPnpQt library and on a yet to be released FirebaseQt and FirebaseQtAdmin (that’s been used on a mobile app and REST/WebApp used with Cutelyst), the latter is working quite well although it depends ATM on a Python script to get the Google token, luckly it’s a temporary waste of 25MB of RAM each 45 minutes.
Last post I said that I was having some problems pushing my modifications to the git repo. I discovered that the official ROCS repository was recently moved to the KDE Gitlab repo, called KDE Invent, where I am working on a fork of the original ROCS repo.
It is a model that I have some knowledge, as I already worked with gitlab in a past internship and did some merge requests because of the Hacktoberfest (I like to win t-shirts). So I had to update my remote of the local repo and I sent my update to my remote fork branch, called improved-graph-ide-classes.
When I was modifying the code, I noticed some problems with the creation of random trees, but I am thinking what is the better way to fix this part. This problem lies in the relation of the algorithm and the edge types available to generate the tree. When using directed edges, the code is sometimes generating directed loops of size 2 in the graph.
Dependency freeze is two weeks (July 11) and Feature Freeze a week after that, make sure you start finishing your stuff!
We are very excited to share with you some of our best moments, achievements, and great conferences/events which happened throughout the year in our annual report.
The non-profit, which oversees development of the GNOME desktop and related projects, saw a major increase in its income thanks to a set of substantial donations — including $400,000 from handshake.org.
In total, the GNOME Foundation says it raised more than $1 million in income for the 2018 financial year. That’s a notable increase on the roughly $270k reported the year previous.
The uptick in funding enabled the foundation to “increase the] budget for events, hackfests, doubling of the funding for the Outreachy program, and hiring of new people in staff.“
Even with additional staff the foundations’ expenses were only up marginally on 2017, clocking in at just over $365,000.
As is the case for many projects in an open-source orbit the GNOME Foundation still relies on small contributions and donations from users.
The GNOME Foundation has issued their 2018 annual report that is particularly notable due to a massive rise in their income following two large donations.
The GNOME Foundation saw more than $1,073,797 in income for their 2018 fiscal year compared to $274k the year prior. This record-breaking revenue came via two large donations and should help out GNOME for years to come with their expenses only ticking up slightly to $365k.
Considering how resource intensive modern Linux desktops are particularly on OpenGL for compositing, it's quite an achievement that the Panfrost open-source Gallium3D driver for Arm Mali Bifrost/Midgard hardware can now run the GNOME Shell.
Alyssa Rosenzweig interning for Collabora had a summer goal, among others, of getting Panfrost working with GNOME. Well, not even to July, that goal has been realized in the latest Git development code.
Linux Kodachi operating system is based on Xubuntu 18.04 it will provide you with a secure, anti-forensic, and anonymous operating system considering all features that a person who is concerned about privacy would need to have in order to be secure. Kodachi is very easy to use all you have to do is boot it up on your PC via USB drive then you should have a fully running operating system with established VPN connection + Connection established + service running. No setup or knowledge is required from your side we do it all for you. The entire OS is functional from your temporary memory RAM so once you shut it down no trace is left behind all your activities are wiped out.
I am happy to let you know that new Slax version has been released.
The update to mariadb 10.4.6-1 and later changes configuration layout as recommended by upstream.
As Arch Linux we are working on reproducible builds for a while and have a continuous test framework rebuilding package updated in our repositories. This test does an asp checkout of a package and builds it twice in a schroot, we do not try to reproduce actual repository packages yet. In the end this is however what we want to achieve, giving users the ability to verify a repository package by rebuilding it on their own hardware.
As businesses are transforming their IT landscapes to support present and future demands, SUSE is providing the foundation for both their traditional and growing containerised workloads with the release of SUSE Linux Enterprise 15 Service Pack 1. Enterprises need the capability to design, deploy and run cloud-native, microservices-based applications as part of a DevOps approach. They must be able to deliver modern containerised applications with orchestration tools such as Kubernetes that enable secure and agile development and deployment from the edge to on-premise to hybrid to multi-cloud environments.
You may remember that we recently spoke about the Community Platform Engineering (CPE) team and the problem it is facing — our workload is growing faster than the team can scale to meet it. From June 10th to June 14th most of the CPE team members met face to face in the Red Hat office in Waterford (Ireland)
Perhaps the best known way the Fedora community pursues its mission of promoting free and open source software and content is by developing the Fedora software distribution. So it’s not a surprise at all that a very large proportion of our community resources are spent on this task. This post summarizes how this software is “packaged” and the underlying tools such as rpm that make it all possible.
[...]
From a quick look, dnfdragora appears to provide all of dnf‘s main functions.
There are other tools in Fedora that also manage packages. GNOME Software, and Discover are two examples. GNOME Software is focused on graphical applications only. You can’t use the graphical front end to install command line or terminal tools such as htop or weechat. However, GNOME Software does support the installation of Flatpaks and Snap applications which dnf does not. So, they are different tools with different target audiences, and so provide different functions.
This post only touches the tip of the iceberg that is the life cycle of software in Fedora. This article explained what RPM packages are, and the main differences between using rpm and using dnf.
Amid all the furore about the release of a certain new piece of hardware, some people may have missed that we have also released a new version of Raspbian. While this is required for Raspberry Pi 4, we’ve always tried to maintain software backwards-compatibility with older hardware, and so the standard Raspbian image for all models of Raspberry Pi is now based on Buster, the latest version of Debian Linux.
The launch of Raspberry Pi 4 brings not only new hardware but new software too: Raspbian ‘Buster’, a brand-new release – compatible, as always, with every Raspberry Pi model going right back to the pre-launch Alpha design – with a revamped, flatter user interface based on the upstream Debian ‘Buster’ Linux distribution.
Simon Long explains: “Due to the lack of obvious differences between Buster and Stretch, I wanted to do something to make it a bit more obvious that people actually had something new,” of his new interface design. When we moved from Jessie to Stretch, there was a similar lack of major differences, and people wondered whether or not they actually had the new version – I wanted to avoid that this time. Also, the overall UI design in terms of the appearance of buttons, controls, and the like really hasn’t changed significantly in the time I’ve been here – there have been some small tweaks, but it felt time for a change.”
While it was the launch of the Raspberry Pi 4 that snagged all the headlines this week, it wasn't the only new product to come out of the Raspberry Pi Foundation. The not-for-profit also released a new version of its Raspbian Linux distribution, dubbed 'Buster.' You need Buster to run Raspberry Pi 4, but it also works on and improves the experience for any older Raspberry Pi.
Over the past several months, we have shared with you several articles and tutorials showing how to accelerate application development so that a typically demanding, time-consuming process becomes an easier, faster and more fun one. Today, we’d like to introduce some additional tips and tricks. Namely, we want to talk about elegant ways you can streamline the final steps of a snap build.
[...]
Side by side with snap try, you can use the snapcraft pack command. It lets you create a snap from a directory holding a valid snap (the layout of the target directory must contain a meta/snap.yaml file). Going back to our previous example, you would alter the contents of your project directory, add assets (like libraries), and then pack those into a squashfs file.
When Canonical announced that, beginning with October's Ubuntu 19.10 release, 32-bit -computer support would be dropped, it didn't expect there would be much blowback. It was wrong. Developers and users, especially of Steam games, threw fits. So, Canonical, makers of Ubuntu Linux, reversed course and asserted it wouldn't drop 32-bit software support in Ubuntu 19.10 and 20.04 LTS after all.
So, everything's back to normal, yes? No.
True, Valve will continue to support Ubuntu. But Ubuntu will no longer be called out as "as the best-supported path for desktop users." Instead, Valve is re-thinking how it wants to approach distribution support going forward. There are several distributions on the market today that offer a great gaming desktop experience such as Arch Linux, Manjaro, Pop!_OS, Fedora, and many others.
Summer is here, so we’re having a Flock Party! Now until July 9th, join us on our website for discounts on laptops and desktops, and even more discounts with upgrades! To make our Flock Party even more colorful, we’ve enlisted the help of 17 parrots to hide out around our site. If you’re one of the first 10 to find them all and unscramble the code, we’ll have something special for you! Along with our parrot mania, we have info for you on hardware, Pop!_OS, firmware, and Thelio manufacturing. Read on to see what’s new in June!
We've known that Linux PC vendor System76 has been investing engineering resources into Coreboot support and while not yet ready for end-users, they are making progress. For once it's ready for their customers, they have also begun crafting a graphical user-interface for these firmware upgrades to Coreboot.
In System76's monthly news letter, they commented that their "open firmware" has entered testing on their Gazelle notebooks but remains in the early stages. As well, a UI element for managing firmware updates is being worked on and will be available through GNOME Settings. No word yet if System76 has decided to make use of Fwupd+LVFS, but in the past they've expressed various reasons for not doing so.
System76 / Pop! OS team, while you should be proud of the work you do for you users I think you are going the wrong way there. Working on fixes and including them early in your product is one thing, not upstreaming those fixes and using that for marketing you as better than your upstreams is a risky game. You might be overlooking that now, but divergence has a cost, as does not having good relationship with your upstreams.
Lubuntu is a community-developed project that relies on support from the community to continue development. There are specific costs we would like to address to take the burden off of specific contributors, their employers, and the Ubuntu project as a whole. Specifically, Altispeed Technologies has graciously provided hosting support for our Phabricator instance, forum, and other pieces of critical Lubuntu infrastructure. We would like to eventually move off of Altispeed’s infrastructure, or be able to pay for the infrastructure ourselves.
Additionally, Lubuntu Developers attend several major Linux conferences each year, specifically LinuxFest NorthWest, the Seattle GNU/Linux Conference, SouthEast LinuxFest, and others. Lubuntu would like to be able to support some of these conferences and trips to these conferences without relying so much on e.g. the Ubuntu Community Donations Funding.
In 2019, is there anything that the mighty, $35, credit card-sized Raspberry Pi computer can't do? It seems there isn't; recent Raspberry Pi projects include a functional smartphone, a computer vision kit, and even a movie projector for a more traditional home theater experience.
A Raspberry Pi (RPi) can even be turned into a server for virtual private networking (VPN). One of the many things you can tinker with on an RPi is data communications; this is one reason why they are often called "Swiss Army knives for hackers"—and not necessarily the malicious kind.
RPis can function as servers for many projects, and if you have more than one personal computing device on a personal network, the RPi can be put to work as a dedicated server. From Minecraft servers to website hosts to IRC to network printing operations, many of these projects involve a series of software installation and configuration steps, as is the case for the RPi VPN server you'll build in this tutorial.
Docker is a containerization platform that allows you to quickly build, test and deploy applications as portable, self-sufficient containers that can virtually run everywhere. In this tutorial, we will explain how to install Docker on Raspberry Pi and explore the basic Docker concepts and commands.
EVOC’s fanless, Linux-ready “M60-E” box PC offers a choice of Bay Trail or Skylake-TE CPUs with triple displays, up to 4x GbE, 8x USB, and 10x COM ports plus SATA, mini-PCIe, optional PCIe, and -20 to 60ââÆ support.
EVOC announced an expandable M60-E industrial computer that runs Linux 2.6, Windows, or VxWorks on a choice of Bay Trail or Skylake processors, much like the P15 and P17 panel PCs that EVOC announced earlier this year. The options include a quad-core, 2.0GHz Celeron J1900, and faster 6th Gen CPUs with a Intel H110 chipset: the dual-core, 2.7GHz Intel Core I3-6100TE and the quad-core, 2.3GHz Core I5-6500TE and 2.4GHz Core I7-6700TE.
Howchip, which last year launched a Nano-ITX form factor ExSOM-8895 DVK featuring Samsung’s octa-core Exynos 8895, has now unveiled a pair of similarly sandwich-style development kits based on compute modules running on 28nm Nexell processors. The NXP3220-based Scorpion3 DVK runs Linux 4.14 and the NXP4330Q-based Scorpion5 SDK runs Android 7.1. Both boards offer optional 8- and 10.1-inch capacitive touchscreens, and the Scorpion3 also has a 10.4-inch resistive touchscreen option.
Earlier this month, Google disclosed that a supply chain attack by one of its vendors resulted in malicious software being pre-installed on millions of new budget Android devices. Google didn’t exactly name those responsible, but said it believes the offending vendor uses the nicknames “Yehuo” or “Blazefire.” What follows is a deep dive into the identity of that Chinese vendor, which appears to have a long and storied history of pushing the envelope on mobile malware.
The important thing to know is that it’s well-established that the network effect enables the winning platforms to achieve massive scale and preclude competition. It’s a devastating combination that Gates calls “complete doom.” There’s a reason so many tech markets tend toward monopoly or duopoly, like Android and iOS, or Google search, or Facebook, or Uber and Lyft — the network effect makes it basically impossible to build a competitor because you can’t populate the network. And you can’t buy your way out of this problem: Microsoft famously paid app developers to write Windows Phone apps when there weren’t enough users to otherwise draw developer attention, and... it didn’t work.
Gates might be saying this to describe why Windows Phone didn’t succeed — it didn’t have the app ecosystem to compete with Apple and Android — but what he is describing is the exact reason regulating tech platforms is the subject of so much conversation around the world: you can’t count on competition to keep these companies in line, because it’s virtually impossible to build a competitor. Even Microsoft couldn’t do it!
Something I really like about the Firefox UX team is how we are all open to learning from each other. So, when one of my colleagues shared this specific image in our Slack channel, I knew it was OK to raise the question of why this picture is incorrect.
Last September we wrote about using GeckoView to bring Firefox’s rendering engine to Android as a reusable library. By decoupling the Gecko engine from the Firefox application, we’ve created a newer, faster, and more maintainable way to create Android applications. This approach leverages Gecko’s excellent performance, privacy, and support for cutting-edge web standards.
With today’s release of our GeckoView-powered Firefox Preview, we’d like to share an update on what we’ve accomplished and where GeckoView is going in 2019.
At Firefox, we’re passionate about providing solutions for people who care about safety, privacy and independence. For several months, we’ve been working on a new strategy for our Android products to serve you even better. Today we’re very happy to announce a pilot of our new browser for Android devices that is available to early adopters for testing as of now. We’ll have a feature-rich, polished version of this flagship application available for this fall.
[...]
With Firefox Preview, we’re combining the best of what our lightweight Focus application and our current mobile browsers have to offer to create a best in class mobile experience. The new application is powered by Firefox’s own mobile browser engine — GeckoView — the same high-performance, feature enabling motor that fuels our Focus app.
You might remember how we revamped the engine behind the Firefox desktop browser in 2017 enabling us to significantly improve the desktop user experience. As a result, today’s Firefox Quantum is much faster, more efficient, equipped with a modern user interface and clearly the next-gen Firefox. Quite similarly, implementing GeckoView paves the way for a complete makeover of the mobile Firefox experience. While all other major Android browsers today are based on Blink and therefore reflective of Google’s decisions about mobile, Firefox’s GeckoView engine ensures us and our users independence. Building Firefox for Android on GeckoView also results in greater flexibility in terms of the types of privacy and security features we can offer our mobile users. With GeckoView we have the ability to develop faster, more secure and more user friendly browsers that deliver unprecedented performance.
The moment you go online, there are uncountable ad trackers that follow your trail on the internet and later use that data to bombard you with personalized ads — which can be annoying after one point.
So Mozilla has come up with a way to throw off the advertisers through a new feature called “Track This.” It basically opens up 100 tabs to show a fake browsing history to trackers and fool them by offering the wrong data.
Sasha Levin, who describes himself as a "Linux kernel hacker" at the beast of Redmond, made the application for his employer to join the list, which if approved would allow Microsoft to tap into private behind-the-scenes chatter about vulnerabilities, patches, and ongoing security issues with the open-source kernel and related code. These discussions are crucial for getting an early heads up, and coordinating the handling and deployment of fixes before they are made public.
The change is certainly overdue. The most recent attempt to update from the original version was in 2006 with the launch of Powershell. Since then, Microsoft has attempted to patch up both, with CMD getting copy/paste support a couple of years ago (about 20 years late, in our humble opinion) and an aborted attempt to make Powershell the default for Windows 10, which nobody asked for and few wanted.
“MongoDB was built by MongoDB. There was no prior art. We didn’t open source it for help; we open sourced it as a freemium strategy”
From the first-ever conference I attended, I started picking up many tools and habits from other participants, speakers, and friends. It is still the same with many new conferences I go to, by meeting new people and learning about new technologies, or sometimes about technologies which are not so new.
I use Linux as my primary operating system at home over 15 years now, getting a good Internet connection helped to make it happen. It was the same for my servers too. I do run different distributions, depending on the kind of work that needs to be done. When I go to many language-specific or general technical conferences, I do always find some discussions related to which distribution is good for what. However, whenever I met Trouble aka Philip Paeps, his lines are always amusing, but, also making questions about how FreeBSD differs from Linux in every possible way. I had FreeBSD running in few VMs at home, which is okay to have an understanding of the basics. To know more in details, I decided to move my primary site https://kushaldas.in over FreeBSD around a year ago. Till now it is running fine, and as a simple static website, there is not much to do anyway.
DragonflyBSD 5.6 is out, OpenBSD Vulkan Support, bad utmp implementations in glibc and FreeBSD, OpenSSH protects itself against Side Channel attacks, ZFS vs OpenZFS, and more.
I've been hacking away at Spritely (see previously). Recently I've been making progress on both the actor model (goblins and its rewrite goblinoid) as well as the storage layers (currently called Magenc and Crystal, but we are talking about probably renaming the both of them into a suite called "datashards"... yeah, everything is moving and changing fast right now.)
In the #spritely channel on freenode a friend asked, what is the big picture idea here? Both the actor model layer and the storage layer describe themselves as using "capabilities" (or more precisely "object capabilities" or "ocaps") but they seem to be implemented differently. How does it all tie together?
A great question! I think the first point of confusion is that while both follow the ocap paradigm (which is to say, reference/possession-based authority... possessing the capability gives you access, and it does not matter what your identity is for the most part for access control), they are implemented very differently because they are solving different problems. The storage system is based on encrypted, persistent data, with its ideas drawn from Tahoe-LAFS and Freenet, and the way that capabilities work is based on possession of cryptographic keys (which are themselves embedded/referenced in the URIs). The actor model, on the other hand, is based on holding onto a reference to a unique, unguessable URL (well, that's a bit of an intentional oversimplification for the sake of this explaination but we'll run with it) where the actor at that URL is "live" and communicated with via message passing. (Most of the ideas from this come from E and Waterken.) Actors are connected to each other over secure channels to prevent eavesdropping or leakage of the capabilities.
apl-1.8 artanis-0.3.2 dr-geo-19.06a gawk-5.0.1 gengetopt-2.23 gnunet-0.11.5 guile-2.2.5 icecat-60.7.0-gnu1 libmicrohttpd-0.9.64 libredwg-0.8 mailutils-3.7 mit-scheme-10.1.9 nano-4.3 nettle-3.5 parallel-20190622 unifont-12.1.02 units-2.19
Experts from all over Europe attended this hackathon, from Croatia to Ireland, Poland, and Romania for example, but also from Russia and the US. Usually it is a great challenge to organise physical meetings since many projects are created and managed by disperse small teams of developers. Therefore, this hackathon was a valuable opportunity for community members that are normally restricted to communication via email or online chats, to meet face-to-face and produce impressive work in a short amount of time. The benefits of a physical meeting were visible even before the event, with over 90 pre-registrations applying to participate in the event or in the related trainings.
We are happy to announce the Qt 3D Studio 2.4 release is now available via the online and offline installers. Here’s a quick summary of the new features and functions in 2.4. For detailed information about the Qt 3D Studio, visit the online documentation page or see the older blog posts.
Unfortunately, because of poor website design decisions, a lot of content on the web (such as PDFs) is not accessible to people with hearing, sight, mobility, neurological, and other disabilities, and as the population rapidly ages, accessibility-related problems will increase.
Fortunately, many businesses, governments, and other organizations are taking strides to remedy inaccessible websites. There are two paths to achieving accessibility: fixing existing websites and doing the right things when sites are created. Fixing a website that has been in use for many years—with hundreds of pages, posts, images, and PDFs—can be a daunting task. Every element must be scrutinized for problems, and sometimes the fix is not obvious nor easy to accomplish.
There are many tools available to check and fix website accessibility issues, including OpenAssessIt Toolkit, a new open source tool developed by Joel Crawford-Smith, a self-described "relentless web accessibility fanatic" and "cat aficionado."
OpenAssessIt converts Chrome Lighthouse files into visual, human-readable web accessibility assessments. Lighthouse audits websites for accessibility issues and reports its findings as text that can be viewed in the browser or exported as a JSON file with valuable hidden data.
OpenAssessIt consumes Lighthouse's data-rich JSON files and outputs them in Markdown, which is easy for people to read and edit. It also takes screenshots of each failing element and provides suggestions on how to fix each issue. Automated tools help detect accessibility issues, but a human must evaluate the validity and seriousness of each problem. "Seeing the issues visually [is] a good tool for training and development," Joel says.
Despite the very sunny weather in Europe tempting us to go outside, we’ve succeeded in getting a build out for you this week. We’d appreciate it if you were to download it from our website.
Today I have just installed a new Python IDE on my computer, it really looks simple but there are a lot of goodies. First of all, if you have not yet installed Thonny, you can download it from this link.
As you can see from above, this IDE is super easy to use, you write the code on the editor, then after you have run the program, you can view the value and the address of the variable as well as a function under the heap panel. You can also step through each line of code of the program while debugging your program. If this is your first time learning Python then this IDE will get you started.
In the first blog in this series, I showed how we solved the original problem of how to use mmap() to load a large set of data into RAM all at once, in response to a request for help from a bioinformatics group dealing with massive data sets on a regular basis. The catch in our solution, however, was that the process still took too long. In this blog, I describe how we solve this, starting with Step 3 of the Process I introduced in Blog 1:
Python application distribution is generally considered an unsolved problem. At their PyCon 2019 keynote talk, Russel Keith-Magee identified code distribution as a potential black swan - an existential threat for longevity - for Python. In their words, Python hasn't ever had a consistent story for how I give my code to someone else, especially if that someone else isn't a developer and just wants to use my application. I completely agree. And I want to add my opinion that unless your target user is a Python developer, they shouldn't need to know anything about Python packaging, Python itself, or even the existence of Python in order to use your application. (And you can replace Python in the previous sentence with any programming language or software technology: most end-users don't care about the technical implementation, they just want to get stuff done.)
Today, I'm excited to announce the first release of PyOxidizer (project, documentation), an open source utility that aims to solve the Python application distribution problem! (The installation instructions are in the docs.)
Szorc says that an average computer user will be able to run the application without having to download the correct software libraries. This is because PyOxidizer produces binaries that embed Python. Hence users don’t need to install or know the language.
Are you interested in using a neural network to generate text? TensorFlow and Keras can be used for some amazing applications of natural language processing techniques, including the generation of text.
In this tutorial, we'll cover the theory behind text generation using a Recurrent Neural Networks, specifically a Long Short-Term Memory Network, implement this network in Python, and use it to generate some text.
Ajay Bhatt, who worked on Intel's implementation of the USB standard recently spoke to US public radio (NPR) about the invention of USB, and why the flip it wasn't reversible in the first place.
It’s all about what gets consumed by the consumer. It’s the UI and UX. It’s the whole package. In descending order of importance it's the HTML, the CSS, and the behaviour (which might be provided by the Javascript - might not be).
My big concern is at the bottom of that technology pyramid. The lowest common denominator of the Web. The foundation. The rhythm section. The ladyfingers in the Web trifle. It’s the HTML. And it is becoming increasingly clear to me that there’s a whole swathe of Frontend Engineers who don’t know or understand the frontend-est of frontend technologies.
On mobile, you’ll want to ship a lot less script because of network, memory consumption and execution time for slower CPUs. Balance latency with cacheability to maximize the amount of parsing and compilation work that can happen off the main thread.
I have this saying: "Community doesn’t stop at 5:00pm on Friday." It reminds me of several things, but most importantly, this saying reminds me to keep my work balanced, reserve time to take care of myself, and review for potential signs of burnout.
I had the unpleasant experience of approaching burnout in early 2017. This case was the perfect storm of personal, home, and work stress culminating in what was medically diagnosed as severe anxiety—close enough to burnout to scare the daylights out of me. Based on my experience, I’d like to share what I learned so that you can avoid that path.
The 1919 Public Libraries Act effectively created libraries as we know them today. It removed the rates cap preventing local authorities from establishing new libraries and paved the way for a service available to all for free.
It's understandable that the government doesn't want to talk about libraries, which have been one of the worst-hit casualties of austerity. Last year, there were 127 closures, one of the many consequences of central funding for local services being halved over the past decade.
Phones must be kept in school lockers from first bell to last bell unless a child needs to keep a phone for medical reasons or if there is a specific instruction from the teacher that the phones are needed for a classroom activity.
The policy may not be universally popular, Mr Merlino said, but it was the "right thing to do".
Mr Merlino said teachers wanted children talking to each other in the schoolyard, not checking their phones.
The Victorian Government will ban the use of mobile phones during school hours in state schools from the beginning of the school year in 2020, with the state's Education Minister James Merlino saying the ban is aimed at stopping cyber-bullying.
In late 2020, the first products incorporating the new DP 2.0 standard are expected to be made available, according to the Video Electronics Standards Association, or VESA. DP 2.0 can use the existing DP connector that appears on many high-end desktop PCs, or be carried over cabling that uses the standard USB-C connector—though you’ll still need a PC with DP 2.0 silicon to support it.
However, "sluggish" sales of the firm's debut OLED iPhone, the iPhone X, meant Apple wasn't buying these displays at the agreed level - ET News estimates that the plant is currently working at less than 50 per cent capacity.
This, in turn, caused Samsung Display to suffer a major slump in operating profits; the firm posted 2.62tn won in profits in 2018, a major tumble from 5.7tn posted the previous year.
Further details followed at the official launch in April, including the announcement of a CEO and two early initiatives, but the operations of NHSX remain opaque to most.
The cyberespionage campaign, dubbed Operation Soft Cell, was first noticed a year ago. Since then, hackers been attacking various mobile operators to gain access to their networks and obtain call detail records (CDRs) of their targets from the database.
The more technical explanation: Cavallarin noted that macOS treats apps loaded from a network share differently than apps downloaded from the Internet. By creating a symbolic link (or "symlink"—similar to an alias) to an app hosted on an attacker-controlled Network File System (NFS) server, and then creating a .zip archive containing that symlink and getting a victim to download it, the app would not be checked by Apple's rudimentary XProtect bad-download blocker.
Cavallarin noted that he alerted Apple to the problem in February, and Cupertino's code wranglers were meant to have fixed it with macOS 10.14.5. But that doesn't appear to have happened, as security company Intego has discovered an example of it being used.
A hacker calling themself Light Leafon who claims to be a 14-year-old is responsible for a new IoT worm called Silex that targets any Unix-like system by attempting a login with default credentials; upon gaining access, the malware enumerates all mounted disks and writes to them from /dev/random until they are filled, then it deletes the devices' firewall rules and removes its network config and triggers a restart -- this effectively bricks the device, rendering it useless until someone performs the complex dance needed to download and reinstall the device's firmware.
At my last job I wrote a couple perl scripts to build platform-specific digest-checking sudoers files for all programs in system directories. I've cleaned them up some and added Linux support. They're not on github because once I do that other folks might find them, and I'm not convinced this is a good thing. But I'd like some feedback, so I'm posting here.
Discovered by Symeon Paraschoudis from Pen Test Partners, the issue allows a remote attacker to create a specially crafted file to trigger a double free in zlib_decompress_extra() (demux/mkv/utils.cpp).
This could then be leveraged to execute arbitrary code on the vulnerable system, the researcher says.
I spent three months working on VLC using Honggfuzz, tweaking it to suit the target. In the process, I found five vulnerabilities, one of which was a high-risk double-free issue and merited CVE-2019-12874.
Here’s the VLC advisory https://www.videolan.org/security/sa1901.html.
Here’s how I found it. I hope you find the how-to useful and it inspires you to get fuzzing.
As we reported two days ago, Microsoft this week released an updated version of its Outlook app for Android that patches a severe remote code execution vulnerability (CVE-2019-1105) that impacted over 100 million users.
However, at that time, very few details of the flaw were available in the advisory, which just revealed that the earlier versions of the email app contained a cross-site scripting (XSS) flaw that could allow attackers to run scripts in the context of the current user just by sending a specially crafted email to the victims.
Now, Bryan Appleby from F5 Networks, one of the security researchers who reported this issue independently to Microsoft, released more details and proof-of-concept for the Outlook vulnerability that he reported to the tech giant almost six months ago.
In a web browser, it’s possible to run JavaScript code by using a URL that starts javascript:. But in a web browser, JavaScript in an iframe on a separate domain shouldn’t have access to the data in the rest of the page. In Outlook on the Android, there is no such restriction. My iframe JavaScript had full access to cookies, tokens and even some emails. Not only that, I could send them back out to a remote attacker.
This kind of vulnerability could be exploited by an attacker sending an email with JavaScript in it. The server escapes that JavaScript and does not see it because it’s within an iframe. When delivered, the mail client automatically undoes the escaping and the JavaScript runs on the client device. Bingo – a stored XSS. This code can do whatever the attacker desires, up to and including stealing information and/or sending data back out. An attacker can send you an email and just by you reading it, they could steal the contents of your inbox. Weaponized, this can turn into a very nasty piece of malware.
More than 400 Boeing 737 Max pilots are suing the company over what they allege was an "unprecedented cover-up" of "known design flaws" in the plane, and over the financial losses they face as the plane remains grounded after two fatal crashes.
A class-action lawsuit was filed against Boeing on Friday "for financial and other losses arising from the circumstances and grounding of the MAX fleet," according to the two law firms representing the pilots, based in Chicago and Australia.
With the 2020 presidential campaign getting under way, intelligence agencies, along with the Department of Homeland Security and FBI, have set about briefing the candidates and making them aware of the resources available should their campaign come under attack.
There's some progress on eliminating the voting-machine business altogether, with a free/open source system emerging from Los Angeles County's election authorities -- LA County is a national leader in election security and inclusiveness, with an 11-day voting window, available paper ballots for all, and a slate of accessibility features in its machines.
But LA County is an exception, and between the poor-quality systems in place nationwide, intransigence from Senate Republicans on allocating funds for election security, and the diplomatic chaos that has failed to produce any international norms on election meddling, 2020 is looking like a potential shitshow to put 2016 to shame.
This study seeks to provide a partial substitute for such a commission report. Building on the abovementioned research and investigations, our report begins by summarizing in Chapter One what the Kremlin did in 2016 and why. Chapters Two through Eight then offer concrete prescriptions for protecting the integrity and independence of U.S. elections, focusing in particular on strengthening resiliency before the 2020 presidential election. Our recommendations are practical, concrete, and achievable before 2020— but they demand action now.
On Monday night, researchers at Boston-based cybersecurity firm Cybereason revealed the results of tracking a years-long cyberespionage campaign they've called Operation Soft Cell, which they say targeted the networks of at least 10 cellular providers around the world. And while researchers' visibility into that [attack] campaign is incomplete, they say it appears to be a prolific but highly targeted espionage campaign likely based in China. In one of the 10 breaches that affected a Cybereason customer, the researchers say they found that the [attackers] had gained deep access to the victim's network and stolen gigabytes of metadata related to 20 specific individuals' phone usage and location.
The simple remedy involved some necessary upgrades.
Yet somehow, New York City’s technology managers were caught completely off guard, and did nothing to prepare for the calendar reset of the centralized Global Positioning System.
As a result, a wireless network used by city agencies crashed in April, crippling many services that relied on it, including some Police Department license plate readers and a system to remotely control traffic lights. It took 10 days to get the network running again.`
"And secondly, I can't understand how you could make safeties [back-up copies] and have them in the same vault. I mean, what's the point?
"And thirdly, I can't understand how it's been 11 years," she added. "I mean, I don't understand the cover-up."
Crow, who had seven US top 10 albums between 1995 and 2008, is the first artist to confirm the loss of their recordings since the New York Times' investigation was published two weeks ago.
While a minute might not seem like a long time, despite the protestations of some, when one is working on the move and needs to quickly pack up a laptop to so they can hop off a train, for example, 60 whole full-fat seconds can seem like a drag.
It's also disconcerting when a computer takes a long time to shut down as well, given you don't know if it's suddenly going to throw up a blue screen of death.
We would never use the words “Made in USA” lightly. We had to meet very strict requirements before being allowed to use that label. It’s well-known that other firms have been fined for mislabeling their Made in China products as Made in USA, for instance because “screwdriver assembly” only (getting electronics made elsewhere and doing final case-assembly in the USA) is not enough to qualify for “Made in USA”. A company can source specific, individual electronics components from around the world (we source chips like the OpenPGP smart card from a European supplier, for example) but must actually make–as in fabricate–the product here, in the US, to be able to label it as “Made in USA.”
Purism, the social purpose corporation which designs and produces popular hardware and software that protects users’ digital lives, today announced its Librem Key product will be the first device of its category to be made in the USA.
Librem Key, the first and only OpenPGP smart card closely integrated with the Heads-firmware offering a tamper-evident boot process, launched in September 2018. Initially manufactured in-part by partner Nitrokey, Purism is now manufacturing Librem Keys entirely from Purism’s Carlsbad, California headquarters – the same U.S. facility used to manufacture its Librem 5 smartphone devkits in 2018. Version 2 also stores up to 4096-bit RSA keys and up to 512-bit ECC keys and securely generates keys directly on the device.
Supply chain security is a rising concern due to the lack of control hardware companies have over manufacturing links. Threats include security hacks, malware concerns, cyber-espionage, and even copyright theft. Purism sees protection of its supply chain as an existentially important issue, and has invested in supply chain improvements including the launch of Librem Key V2.
A new piece of malware that is using default credentials to log into IoT devices and then erase their file systems and shut them down is on the move, but it may not end up having the reach that it’s alleged creator intended.
I know, you may think I am deluded. How could life in an Embassy with a cat and a skateboard ever amount to torture? That’s exactly what I thought, too, when Assange first appealed to my office for protection. Like most of the public, I had been subconsciously poisoned by the relentless smear campaign, which had been disseminated over the years. So it took a second knock on my door to get my reluctant attention. But once I looked into the facts of this case, what I found filled me with repulsion and disbelief. Surely, I thought, Assange must be a rapist! But what I found is that he has never been charged with a sexual offence. True, soon after the US had encouraged allies to find reasons to prosecute Assange, two women made the headlines in Sweden. One of them claimed he had ripped a condom, and the other that he had failed to wear one, in both cases during consensual intercourse — not exactly scenarios that have the ring of ‘rape’ in any language other than Swedish. Mind you, each woman even submitted a condom as evidence. The first one, supposedly worn and torn by Assange, revealed no DNA whatsoever — neither his, nor hers, nor anybody else’s. Go figure. The second one, used but intact, supposedly proved ‘unprotected’ intercourse. Go figure, again. The women even texted that they never intended to report a crime but were ‘railroaded’ into doing so by zealous Swedish police. Go figure, once more. Ever since, both Sweden and Britain have done everything to prevent Assange from confronting these allegations without simultaneously having to expose himself to US extradition and, thus, to a show-trial followed by life in jail. His last refuge had been the Ecuadorian Embassy.
Alright, I thought, but surely Assange must be a hacker! But what I found is that all his disclosures had been freely leaked to him, and that no one accuses him of having hacked a single computer. In fact, the only arguable hacking-charge against him relates to his alleged unsuccessful attempt to help breaking a password which, had it been successful, might have helped his source to cover her tracks. In short: a rather isolated, speculative, and inconsequential chain of events; a bit like trying to prosecute a driver who unsuccessfully attempted to exceed the speed-limit, but failed because their car was too weak.
[...]
But surely, I found myself pleading, Assange must be a selfish narcissist, skateboarding through the Ecuadorian Embassy and smearing feces on the walls? Well, all I heard from Embassy staff is that the inevitable inconveniences of his accommodation at their offices were handled with mutual respect and consideration. This changed only after the election of President Moreno, when they were suddenly instructed to find smears against Assange and, when they didn’t, they were soon replaced. The President even took it upon himself to bless the world with his gossip, and to personally strip Assange of his asylum and citizenship without any due process of law.
In the end it finally dawned on me that I had been blinded by propaganda, and that Assange had been systematically slandered to divert attention from the crimes he exposed. Once he had been dehumanized through isolation, ridicule and shame, just like the witches we used to burn at the stake, it was easy to deprive him of his most fundamental rights without provoking public outrage worldwide. And thus, a legal precedent is being set, through the backdoor of our own complacency, which in the future can and will be applied just as well to disclosures by The Guardian, the New York Times and ABC News.
Very well, you may say, but what does slander have to do with torture? Well, this is a slippery slope. What may look like mere €«mudslinging€» in public debate, quickly becomes “mobbing” when used against the defenseless, and even “persecution” once the State is involved. Now just add purposefulness and severe suffering, and what you get is full-fledged psychological torture.
The “Kicking Gas” ad, which debuts Tuesday, is the work of Veloz, a consortium of more than 40 automakers, utility companies, government agencies, and advocacy groups dedicated to accelerating the adoption of electric cars in California. Veloz will share the four-minute video online, pay to promote it on Facebook and Instagram, and rent 34 digital billboards across California for four weeks to point people to the video on Veloz’s website.
The routine daily activities of Chennai residents have been severely impacted by the water crisis. With the Chennai City Corporation having virtually stopped supplying water, families are forced to stand in long queues, which start forming at midnight, to fill up containers with the water they need for drinking, cooking, bathing, and washing. Those worst impacted are the working class and poor, as better off residents either have private wells or can purchase bottled water.
The four local lakes that supply water to Chennai—Red Hills Lake, Sholavaram Lake, Chembarambakkam Lake and Poondi reservoir—have become virtual drylands.
Flying is responsible for at least 2% of man-made global greenhouse gas emissions, and among personal transport options, it is the least efficient. The airline industry has tried to green itself, but with sustainable options often expensive to maintain or in nascent stages of development, it still relies mostly on carbon offsets. But critics say offsets support the fossil fuel status quo.
Giant hogweed can grow up to 15 feet tall and has 2-foot-wide umbrella-shaped canopies of flowers. Brushing against it can release sap that causes painful, burning blisters.
Almost 6,000 greyhounds are killed in Ireland per year, a new RTÃâ° investigation has revealed
The Irish Greyhound Board has accused those engaged in practices exposed by the RTÃâ° Investigates programme of bringing shame on the industry.
In a special report broadcast on Wednesday night, the programme exposed that the industry is overbreeding by a factor of 10 and many greyhounds, who do not perform, are being shot illegally. The programme highlighted an unpublished report commissioned by the Irish Greyhound Board (IGB)and carried out by Preferred Results which revealed that of 16,000 greyhounds are born in Ireland every year.
About 6,000 are killed because they failed to make qualification times or their performances declined.
According to Recode editor-at-large Kara Swisher, one of Silicon Valley’s biggest problems right now is its lack of competition. That big tech companies like Amazon, Apple, Facebook, and Google have become too dominant and have thus stifled competition and creativity.
Here is a lightly edited excerpt of Kara Swisher and Verge editor-in-chief Nilay Patel discussing the importance of competition and the possibilities of breaking up the tech giants that rule the land.
I paid off my student loans in full without assistance. Yet when editorialists decry Bernie Sanders’ student debt forgiveness plan as “unfair” to those of us who already paid off our loans (as they did with Elizabeth Warren’s), they’re certainly not speaking for me.
It’s the kind of argument designed to tug at our most selfish impulses while ignoring the economic and political transformations that have left a generation of college graduates struggling under an unprecedented mountain of student debt.
Instagram head Adam Mosseri promises the platform does not listen in on its users. In his first U.S. TV interview since taking the helm in October, "CBS This Morning" co-host Gayle King presses Mosseri on the question that's been on her mind and many others: Why do I see ads for products I haven't searched for?
"Can you help me understand how I can be having a private conversation with someone about something I'm interested in seeing or buying... and an advertisement for that will pop up on my Instagram feed," King asked. "I haven't searched for it, I haven't talked to anybody about it. I swear I think you guys are listening. I know you're gonna say you're not."
We have for sure experienced the various social media apps showing us ads about things we were looking for at least once. What’s creepier is when we are just talking about that thing one moment and the other minute an ad about it pops up. However, Instagram claims that it doesn’t follow the drill as other apps.
In an interview with CBS News‘ Gayle King, Instagram CEO Adam Mosseri has ‘promised’ that the photo-sharing app doesn’t listen to users’ conversations to show ads accordingly.
Facebook is a business selling very targeted advertising channels. This is not new, Royal Mail Advertising Mail service offers ‘precision targeting’. But Facebook does it with many more precision options, with emotive impact because it uses video and feels like it comes from your friends and the option of anonymity. This turns out to be most effective in political advertising. There are laws banning political advertising on television because politics should be about reasoned arguments not emotive simplistic soundbites but the law has yet to be changed to include this ban on video on the internet. The result has undermined the democracy of the UK during the EU referendum and elsewhere.
To do this Facebook collects data and information on you. Normally this isn’t a problem but you never know when journalists will come sniffing around for gossip in your past life, or an ex-partner will want to take something out of context to prove a point in diverse proceedings. The commonly used example of data collection going wrong was the Dutch government keeping a list of who was Jewish, with terrible consequences when the Nazis invaded. We do not have a fascist government here but you can never assume it will never happen. Facebook has been shown to care little for data protection and allowed companies such as Cambridge Analytica to steal data illegally and without oversight. Again this was used to undermine democracy using the 2016 EU referendum.
From the Vatican to the U.S. Congress and campaign trail, expressions of anguish, empathy and outrage poured out Wednesday over the photos of a migrant father and young daughter who drowned while trying to cross the Rio Grande from Mexico to enter the United States without legal permission.
The photos show the bodies of the man and his 23-month-old daughter lying face down near the river bank. Her arm was draped around his neck, suggesting she clung to her father in their final moments. The photos published by the Mexican newspaper La Jornada were distributed worldwide by The Associated Press.
Oscar Alberto Martinez Ramirez and daughter Valeria were fleeing from El Salvador, which is wracked by violent crime. The mother, Tania Vanessa Avalos, was still on the Mexican side of the river and survived.
Carriers complain that the parts of the spectrum reserved for smartphone use are increasingly crowded, at least in urban areas. To keep up with the growing demand for mobile video and other smartphone applications, and deliver the faster speeds promised by 5G, carriers want access to more of the spectrum.
Intel confirmed plans to exit the smartphone business a few months ago, but news about the auction of its smartphone modem assets emerged only today. The announcement follows Apple's decision to buy 5G smartphone modems from Qualcomm rather than Intel.
Although the US company said it will continue to produce 4G smartphone modems and honor all orders, it will no longer invest in 5G modem product line following the announcement. Instead, Intel will shift focus on its 5G network business, which is expected to grow in the coming years.
According to a new report from IAM, Intel has decided to auction all its IP relating to cellular wireless connectivity. There are no less than 8,500 patents that Intel is now looking to sell in order to recover some of the resources it invested. The report also mentions that Intel is launching this auction separate to its efforts to sell the smartphone modem division, hoping that a potential buyer for both will appear.
Argentina-The National Congress has passed the “Regime for the Promotion of the Knowledge Economy” Law 27.506 (here), replacing the “Regime for the Promotion of the Software Industry” Law 25.922. The new regime, like the previous one, seeks to stimulate national production in certain industries by granting fiscal benefits through the use of tax credit bonds as well as providing tax stability, so that the beneficiaries of the regime shall not increase their total tax burden, as determined at the time of their application and throughout the duration of the regime as defined in the article 7 of the law.
This means that once they are registered as beneficiaries, their taxes (including direct taxes as well as duties on imports and exports) will not be increased. However, the new law seeks to broaden the scope of covered goods and services so as to include software as a service (Saas), audiovisual productions, biotechnology, nanotechnology, the aerospace industry, and various types of industry 4.0- related technologies. The new law will enter into force on January 1, 2020, and remain in effect until December 31, 2029.
The Court held that a selection invention is inventive if the compound of the selection offers surprisingly advantageous or improved properties over the prior art compounds. These properties should already be plausible from the patent application as filed. Further, a selection invention would be obvious to the skilled person if they would assume a neutral ‘try and see’ approach on the basis of the prior art information, and no explicit chance of success needs to be present.
April showed a continued high number (204) of abstract idea decisions decided at the Board. Of the 204 total decisions deciding abstract idea rejections for this month, the Board completely reversed the rejection 54 times. This shows a reversal rate of 26.5%, which is lower than the last several months, but higher than many previous months.
[...]
Despite chatter on Capital Hill about amending Section 101 for greater predictability, many believe that passage of such a bill will be difficult in this year with competing priorities. And even with such amendments, it appears unlikely that the problem of patent-eligibility will go away—it will simply change. Thus, abstract idea rejections do not appear to be going away any time soon. Expect the reversal rate to continue to be higher than historical reversal rates, but not necessarily record-breaking unless new more favorable case law is made.
The Senators introduced a draft bill that eliminates the current two-part Supreme Court ۤ 101 test, removes judicial exceptions to eligibility, draws a strict line between the inquiries of ۤۤ 101, 102, 103, and 112, and would result in virtually any invention that "provides specific and practical utility in any field of technology through human intervention" being eligible. The draft bill also changes ۤ 112(f) in a fashion that narrows the interpretation of functional claim language.
Their missive begins with the almost requisite encomiums to innovation and entrepreneurship, and the contributions of the patent system to U.S. success in these endeavors.
Here, there was really no question that the broader reissue claims were not clearly and unequivocally disclosed in the original patent. The original patent did not disclose an embodiment of the invention without an arbor. Similarly, the abstract and summary of the invention described the invention as having a plurality of arbors. For that reason, Flow Valve had relied on an expert declaration regarding what "a worker of ordinary skill would understand." But while such a declaration might be sufficient to satisfy the written description requirement, it does not help illuminate the text of the original patent. Simply put, the specification did not "clearly and unequivocally disclose the newly claimed invention as a separate invention," and the reissue claims failed the original patent requirement.
The Forum US case is yet another reminder of the value of expert patent prosecution counsel. Flow Valve might have been able to pursue its claims in a continuation application, if it had one pending (which experienced counsel would likely have suggested). In doing so, it would not have had to meet the additional requirements of a broadening reissue. But not knowing the quirky rules of reissue, including the original patent requirement, can prove fatal to the same claims if they do not appear clearly to be part of the invention in the original patent.
The district court dismissed Cellspin’s infringement lawsuit on the pleadings — finding the asserted claims unenforceable as a matter of law under 35 U.S.C. €§ 101 (ineligible abstract idea). On appeal, the Federal Circuit has vacated — holding instead that the early-stage dismissal was inappropriate because the patentee’s amended complaint included “specific factual allegations” that, when accepted as true, showed a plausible inventive concept sufficient to satisfy Alice Step 2.
The court explains here that under Aatrix, “plausible and specific factual allegations that aspects of the claims are inventive” are sufficient to overcome a pleadings-stage motion to dismiss. “[T]he specification need not expressly list all the reasons why this claimed structure is unconventional” so long as the arguably inventive elements are “recited by the claims.”
This week, an Irish non-practicing entity (NPE)’s lawsuit against multiple U.S. companies got the go-ahead from a U.S. trade court designed to protect U.S. companies from unfair foreign competition. No, that sentence isn’t backwards. That’s exactly what the United States International Trade Commission (ITC) has done in the Neodrón investigation.
Should the NPE win, the ITC could ban importation of 80% of Android tablets, 86% of Windows tablets, more than 50% of Android smartphones, and 97% of premium Android smartphones. All for the benefit of an Irish NPE.
[...]
In its own words, Neodrón admits that it didn’t invent anything. According to its filing, the “patented improvements at issue in this action were made by highly regarded engineers from two U.S. companies: Atmel Corporation (‘Atmel’) and Microchip.”
The patents are all focused on touchscreen technology. One appears to cover sensing movement of a finger along a linear or circular touch-sensitive strip—in fact, it looks a lot like the iPod Mini capacitive click-wheel which predates Neodrón’s patent by several years. Another describes a capacitive sensing technique in a keypad with separate capacitive areas. And a third covers a system for distinguishing between multiple keys, where a key might be a surface such as a touchscreen.
[...]
So we have an Irish company that makes nothing and admits it never invented a thing, run by a patent lawyer and backed by money from a hedge fund, suing U.S. companies. All in a trade court that’s designed to protect U.S. companies from unfair foreign competition, but is being used to help a foreign company take all the profit away on a product it contributed nothing to.
That’s not what the ITC was designed for, and it’s not good for the U.S. economy. It’s time to fix the ITC.
Despite the US Supreme Court’s finding that scandalous or immoral trademarks cannot be banned, lawyers say that the judgment’s impact may be limited in practice
The Supreme Court has now struck down as unconstitutional a second trademark registration bar. The court ruled yesterday in Iancu v. Brunetti that the government may no longer deny trademark registration to marks that are “scandalous” or “immoral.” In 2017, the court struck down a provision that denied trademark registration to marks that are “disparaging” in Matal v. Tam. Both registration bars appear in Section 2(a) of the Lanham Act.
Many commentators had seen the cases as so similar that they wondered why the court had even granted certiorari. Perhaps as a result, the case provoked less interest from amicus brief authors. The conventional wisdom was that the court’s opinion in Tam left no room to uphold this provision.
In Tam, the court ruled that denying trademark registration to marks that disparage constitutes viewpoint discrimination because the government was sorting out “ideas that offend.” The court reconfirmed that viewpoint discrimination is presumptively unconstitutional. In his concurrence, Justice Kennedy described viewpoint discrimination as “a form of speech suppression so potent that it must be subject to rigorous constitutional scrutiny.”
For the Brunetti majority, this was a simple case. Indeed, Justice Kagan, who wrote the majority opinion joined by Thomas, Ginsburg, Alito, Gorsuch, and Kavanaugh, dispensed with the case in ten and a half tight pages even as she devoted a full page to examples of marks that were refused registration (comparing them to similar marks that were approved for registration). The opinion is short and sweet: this is the same case as Tam.
The Lanham Act, which deals with patent and trademark issues, bans the registration of “immoral or scandalous” trademarks. Well, it did until Monday. Justice Elena Kagan wrote for the majority and was joined by Justices Alito, Clarence Thomas, Ruth Bader Ginsburg, Neil Gorsuch, and Brett Kavanaugh in striking it down.
The majority discussed the benefits of PTO registration. Registration is not required to enforce a trade or service mark, but it does grant the registrant several rights and privileges that aid in enforcing the mark, which is why people go through the trouble.
[...]
That’s the end of the analysis for the majority, as viewpoint-based restrictions on speech are the classic hallmark of laws that violate the First Amendment. Kagan quoted Justice Anthony Kennedy’s explanation about The Slants, where the PTO “allowed a trademark owner to register a mark if it was ‘positive’ about a person, but not if it was ‘derogatory.’” The case is the same here with respect to messages the office favors or disfavors, therein enforcing impermissible discrimination.
The tweet actually just shows a 16 second clip from what appears to be a nearly 10 minute "film" that the EU IPO actually released back in April. You can view the whole thing here, though I warn you that it is 10 minutes of your life that you will not get back, and it is so dumb that you'll really wish you could get them back (I, at least, watched it on double speed). The film, called "IPIDENTICAL: Imagine a world without creativity" is supposed to be an example of what the world would look like without intellectual property. In this world, everything is the same. There is one song in the world, called "The Song" and that's it. There is one movie, "The Movie." There is one car in one color. Everyone wears the same clothes. All products on store shelves are identical. See? How dystopian.
[...]
First off, anyone with even the slightest familiarity with history knows it's bullshit. I mean, there was pretty widespread creativity prior to there being intellectual property laws. William Shakespeare wrote everything he wrote without copyright. He didn't just write "The Play" and be done with it. Indeed, evidence suggests that the lack of copyright was partly responsible for him writing so much since he had to keep producing new works to satiate his audience. And you don't even need to look at history. There have been lots of studies of creative arenas today that don't rely on intellectual property, from fashion to comedy to magic to cooking -- and they've pretty much all found that categories without intellectual property protections actually generate more output and more creativity because you have to keep creating, rather than rest on your laurels. We've written about some of that in the past, but if you're looking for sources, The Knockoff Economy book by Kal Raustiala and Chris Sprigman is a good start, as is Creativity Without Law, which is a collection of case studies about creativity outside of intellectual property.
And, look, I get it: it's the EU Intellectual Property Office. Of course, they're going to think the world revolves around copyright, patents and trademarks. But is it really that big a deal to expect that government bureaucrats should at least be partially reality based? And is it too much to expect that a government agency shouldn't be spending taxpayer dollars on blatantly false propaganda that is so laughable as to only serve to lead more people to lose respect for intellectual property?
But, perhaps the most damning of all: copyright wasn't necessary to make this bit of insane propaganda. Notice that the EU IPO posted the film for free to YouTube, and they're tweeting out clips of it. The reason they made this film is for propaganda (which some might refer to as "educational") purposes, and they want as many people as possible to see it. There is no need for copyright on the film. They're not selling it or licensing it to anyone. The incentive to create it was wholly separate from copyright -- as is true of nearly all content created today. It was created not because they had an exclusive right, but because they wanted people to see it.
Beauty Bay (the claimant, acting together with its licensor) is the registered owner of a number of UK and EU marks. In particular, it is the proprietor of the word marks BEAUTY BAY and BEAUTYBAY for goods and services in Classes 3 and 35 of the Nice Classification. The claimant also acts as an online retailer of cosmetics, beauty products and accessories, trading under the said marks.
The defendant, Benefit, is a global manufacturer and retailer of cosmetics owned by luxury conglomerate LVMH and based in San Francisco, USA (the action was targeted against its UK subsidiary).
The dispute arose when the defendant sold a Christmas set that consisted of items contained in a globe-shaped gift box. This product formed part of a larger set, intended to celebrate its San Francisco heritage and mark the 50th anniversary of the Summer of Love. In this regard, the products in the globe-shaped box were a collection of the defendant’s best-selling beauty products:
Copyright-trolling outfit Strike 3 has its hands full with a retired police officer. The man, who denies pirating anything, is pursuing a counterclaim for abuse of process and wants to see the tracking software's source code. Strike 3, meanwhile, suspects that the man's son is the infringer and says it may have a "smoking gun."
A Spanish Criminal court has acquitted four men who were accused of facilitating copyright infringement through the defunct linking sites SeriesYonkis, PeliculasYonkis and VideosYonkis. The judge notes that, at the time, sites that linked to pirated content stored elsewhere were not criminally liable. The verdict is good news for the defendants but will be appealed.
Mixed Martial Arts fights, including the popular UFC events, are among the most pirated live-streams on the Internet. Responding to questions from US senators, the UFC's General Counsel says that the company is working hard to address this issue, adding that Congress should help to incentivize online platforms to become more proactive.
Back in 2015, Vodafone admitted that following an order from the Spanish government, it had begun blocking The Pirate Bay, the world's most famous torrent site. Fast forward four years and the Ministry of Culture and Sports is attempting to finish the job, with an order for ISPs to block more than 60 TPB-related domains.
