Links 6/8/2019: First HTTP/3 With Curl, DXVK 1.3.2, Freedombone 4.0

Posted in News Roundup at 11:12 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Best Linux training providers and online courses 2019

      Linux is becoming an increasingly important operating system to be familiar with in business, not least because the majority of web servers run on various Linux platforms. Whether it’s RedHat, FreeBSD, Ubuntu, Debian or CentOS, it can help to be familiar with at least some of the basic operations, whether for accessing them directly, for understanding IT reports, or even to better understand security concerns.

      While Linux has a reputation for being more difficult for users than Windows or iOS, this is simply because those operating systems run all operations in a graphical format (or, Graphical User Interface, aka GUI). With Linux platforms, some operations require a typed in command, though most Linux systems have since moved to more user-friendly GUI’s in order to help make the more accessible and easier to use.

      Even where text commands are required, these usually follow a pattern and syntax which isn’t too difficult to learn for most users. The real learning curve comes from understanding what these patterns and syntax area mean, firstly in terms of general Linux operations, and secondly in terms of specific requirements for any Linux computers or servers your business is running.

      Of course, you don’t even have to be a business user to want to learn Linux. After all, while Linux operating systems require regular security updates, they are rarely targeted by computer viruses simply because Linux computers are such a small market share. This may change, since vendors such as Dell began to offer some of the PC and laptop lines with Ubuntu pre-installed instead of Windows.

      And while you can opt to buy a PC or laptop running Linux, it’s also often possible to run many distros of Linux on an old and unused machine. Even better perhaps would be to use virtualization on your own machine, using something like the free Workstation Player from VMware, which can then be used to set up and install any and as many different flavors of Linux as you like.

    • Desktop

      • System76 announces Adder WS Linux workstation with 4K OLED display

        System76 is one of the leading manufacturers of Linux laptops in the world right now. The company offers a myriad of devices aimed at a variety of use cases from casual office work to intense scientific research. It looks like one more machine will be joining System76’s ranks on August 8th, and with it come powerful RTX graphics and a 4K OLED display.

        The Adder WS is a workstation aimed at “content creators, researchers, and gamers,” according to the product’s splash page. Without a doubt, the headlining feature is the 15.6-inch 4K OLED display, a first for System76 (and all other Linux-centric retailers, to our knowledge). The Adder WS is also equipped with an Nvidia GeForce RTX 2070 GPU, either an Intel Core i7-9750H or Core i9-9980HK, up to 64 GB DDR4 RAM, up to two PCIe NVMe drives, an optional 2.5” drive, and plenty of ports.

        The Adder WS is essentially a Clevo PB50RC or PB51RC with an RTX 2070 instead of the less-powerful GTX 1660 Ti that Clevo uses in their SKU. The Adder WS will also run System76’s Pop!_OS, which is based on Ubuntu 18.04 LTS. Pop!_OS has recently been praised for its performance in gaming, particularly via Steam’s Proton software, so the Adder WS should be a decent gaming machine.

    • Server

      • Charmed Kubernetes update for upstream API server vulnerability

        n upstream Kubernetes vulnerability (CVE-2019-11247) has been identified where the API server mistakenly allows access to a cluster-scoped custom resource, if the request is made as if the resource were namespaced. Authorisations for the resource accessed in this manner are enforced using roles and role bindings within the namespace. This means that a user with access only to a resource in one namespace could create, view updates or delete the cluster-scoped resource (according to their namespace role privileges).

        Charmed Kubernetes has already been patched to mitigate against this vulnerability. Patched builds of the 1.13.8, 1.14.4 and 1.15.1 kube-apiserver snap have also been published.

        The vulnerability, of medium severity, has also been patched in the following upstream version of Kubernetes – 1.13.9, 1.14.5 and 1.15.2. Users are encouraged to update to one of these versions now.

      • Why you might want to build your own custom buildpack (And how to!)

        A PaaS can be viewed at as a method that takes different streams of data and combines them into a working application. For SUSE Cloud Application Platform, we take the application code, buildpack, environment variables, service descriptions and output a configured and running container. Each of these pieces can come from a different person or team with a different focus to create a quickly iterable but still secure process.

        In this list, the buildpack is likely the least understood. Simply put, It is the part of the build system that takes the code provided by the developers and builds it into a full application ready to run.

        There are several buildpacks that come standard as part of the default installation of SUSE Cloud Application Platform. That said, one of my favorite “features” is the ability to customize the platform to fit your needs while still coming with sane defaults. It’s opinionated in a way that you can change it’s mind!

      • Mesosphere changes name to D2IQ, shifts focus to Kubernetes, cloud native

        Mesosphere was born as the commercial face of the open-source Mesos project. It was surely a clever solution to make virtual machines run much more efficiently, but times change and companies change. Today the company announced it was changing its name to Day2IQ, or D2IQ for short, and fixing its sights on Kubernetes and cloud native, which have grown quickly in the years since Mesos appeared on the scene.

        D2IQ CEO Mike Fey says that the name reflects the company’s new approach. Instead of focusing entirely on the Mesos project, it wants to concentrate on helping more mature organizations adopt cloud native technologies.

      • Survey Identifies Myriad Kubernetes Adoption Drivers

        One of the assumptions made about key drivers Kubernetes adoption is that organizations are trying to accelerate the rate at which software is built by embracing microservices based on containers. However, a survey of 130 attendees of three recent container conferences published by Replex, a provider of governance and cost management tools for Kubernetes, finds the top two drivers of Kubernetes adoption are improving scalability (61%) and resource utilization (46%), followed by a desire to adopt a cloud-native stack (37%) and shortening development and deployment times (42%).

        Only 24% identified avoiding lock-in as a reason for adopting Kubernetes, which suggests portability is not yet a major factor in driving Kubernetes adoption.

        The surveys were conducted at the KubeCon Europe conference in Barcelona; a VelocityConf even in San Jose, California; and ContainerDays Hamburg in the second quarter of 2019. The survey finds 65% of respondents indicated that they are using Kubernetes in production. Nearly 40% of respondents not yet in production indicated they are planning on going to production within a year, the survey finds.

      • What is Kubernetes-as-a-Service?

        According to wikis, hacker forum discussions and the team itself, Kubernetes is so-named because it translates from (κυβερνήτης in Greek) to governor, helmsman or captain — and further, ‘gubernare’ translates from Latin to government.

        Which all makes perfect sense.

        Because Kubernetes is an open source orchestration technology used to manage Linux containers across private, public and hybrid cloud environments.

        Or… in the words of the people behind the technology: Kubernetes is a portable, extensible, open source platform for managing containerised workloads and services, that facilitates both declarative configuration and automation.

      • IBM

        • What’s Next for Red Hat Users Following Close of IBM Acquisition?

          IBM closed last month on one of the cloud industry’s largest acquisitions to date: its $34 billion grab of open-source cloud technology provider Red Hat.

          The deal raises some questions: Will Red Hat help IBM catch up to cloud leaders Microsoft Azure and Amazon Web Services? How will Red Hat users be impacted by the deal? Those impacted by the acquisition agree it’s still too early to tell, but they’re bracing for potential integration challenges and progress in the hybrid cloud arena.


          Red Hat will operate as a distinct unit within IBM and will be reported as part of IBM’s Cloud and Cognitive Software segment, officials made clear in a press release on the official acquisition closing, a sentiment IBM CEO Ginni Rometty shared at the Red Hat Summit in May, saying that, “Jim [Red Hat CEO Jim Whitehurst] and I have both agreed — Red Hat should stay an independent unit.”

          Red Hat’s open hybrid cloud technologies, such as Linux and Kubernetes, will allow businesses under the IBM brand to manage data and applications on-premises and on private and multiple public clouds. The acquisition will also help customers shift “mission-critical workloads to the cloud and optimizing everything from supply chains to core banking systems.” Officials also promised businesses will be able to effectively manage their IT infrastructure, on and off-premises and across different clouds, private and public.

        • Fedora 32 System-Wide Change: glusterfs dropping 32-bit arches

          There is a proposal[1] in upstream GlusterFS to drop 32-bit arches. The original proposal was to drop 32-bit with GlusterFS-7. GlusterFS-7 will land in Fedora 31/rawhide soon. More than likely though it will not be official until GlusterFS-8, which will probably land, accordingly, after Fedora 31 GA in Fedora 32/rawhide.

        • GlusterFS Planning To Drop 32-Bit Support

          The GlusterFS network attached storage file-system developed by Red Hat with a focus on cloud computing is the latest open-source project eyeing the removal of 32-bit (i686) software support.

          GlusterFS joins the growing list of Linux distributions and other upstream software projects working to deprecate or outright discontinue their 32-bit software support. There was a recent proposal to drop 32-bit platform support for GlusterFS. While initially proposed for the upcoming GlusterFS 7 release, it’s looking like the removal will happen with the GlusterFS 8 release either at the very end of 2019 or early 2020.

          Downstreams like Fedora are already working to incorporate the change with their plan now to see GlusterFS 32-bit support removed for Fedora 32 under a new change proposal.

    • Audiocasts/Shows

      • Old Man Embraces Cloud | Coder Radio 369

        Chris finally gets excited about Docker just as Wes tells him it’s time to learn something new.

        Plus the state of browser extension development, the value of non-technical advice, and your feedback.

      • [Talk Python to Me] Episode #224: 12 lessons from 100 days of web

        Back in May of 2018, Bob Belderbos, Julian Sequeira, and I started on what would be a 9-month project. We wanted to create a dedicated, 100 days of code course specifically for Python web developers. Much of what we created for that course, we had prior experience with. But much of it was also new to us.

      • [Python Podcast] Build Your Own Knowledge Graph With Zincbase

        Computers are excellent at following detailed instructions, but they have no capacity for understanding the information that they work with. Knowledge graphs are a way to approximate that capability by building connections between elements of data that allow us to discover new connections among disparate information sources that were previously uknown. In our day-to-day work we encounter many instances of knowledge graphs, but building them has long been a difficult endeavor. In order to make this technology more accessible Tom Grek built Zincbase. In this episode he explains his motivations for starting the project, how he uses it in his daily work, and how you can use it to create your own knowledge engine and begin discovering new insights of your own.

      • Storage Heartbreak | The Friday Stream 12

        We share stories from a time when computer storage was very precious, and the types of storage were still battling it out for the standard.

        Plus our proposals to do away with time zones, and a special guest helps give away some games.

    • Kernel Space

      • Kernel prepatch 5.3-rc3

        The 5.3-rc3 kernel prepatch is out. “Interesting. Last Sunday, rc2 was fairly large to match the biggish merge window, but this last week has actually been quite calm, and rc3 is actually smaller than usual, and smaller than rc2 was”

    • Benchmarks

      • Another Look At The Maturing AMD Radeon RX 5700 Series Linux Performance

        With the AMD Radeon RX 5700 / RX 5700 XT Linux driver support maturing and the early optimizations/fixes and lingering feature work now calming down for the Linux 5.3 kernel and within RadeonSI/RADV for the imminent branching of Mesa 19.2, here is another look at how the Navi performance stands today compared to AMD Vega graphics cards and the high-end NVIDIA Pascal and Turing graphics cards.

        This newest round of AMD Navi benchmarking was done with the latest Mesa 19.2-devel Git code at the end of last week along with the newest Linux 5.3 Git kernel state and the LLVM 9.0 AMDGPU compiler back-end. These various open-source Linux software components roughly correlate to how the AMD Radeon RX 5700 series Linux support is looking for reaching stable around September and what will be found in the likes of Ubuntu 19.10, Fedora Workstation 31, and other autumn Linux distribution releases.

    • Applications

      • Daniel Stenberg: First HTTP/3 with curl

        In the afternoon of August 5 2019, I successfully made curl request a document over HTTP/3, retrieve it and then exit cleanly again.

        (It got a 404 response code, two HTTP headers and 10 bytes of content so the actual response was certainly less thrilling to me than the fact that it actually delivered that response over HTTP version 3 over QUIC.)

        The components necessary for this to work, if you want to play along at home, are reasonably up-to-date git clones of curl itself and the HTTP/3 library called quiche (and of course quiche’s dependencies too, like boringssl), then apply pull-request 4193 (build everything accordingly) and run a command line like:

        curl –http3-direct https://quic.tech:8443

        The host name used here (“quic.tech”) is a server run by friends at Cloudflare and it is there for testing and interop purposes and at the time of this test it ran QUIC draft-22 and HTTP/3.

      • NordVPN offers NordLynx for Linux, built around WireGuard

        Virtual Private Network (VPN) company NordVPN has introduced NordLynx technology built around the WireGuard protocol.

        WireGuard is thought to be shaking up the VPN space as a new type of protocol because of its approach to cryptography and speed — other protocols in this space include OpenVPN and IPSec out of the water.

        According to the WireGuard team, this technology is designed as a general purpose VPN for running on [anything from] embedded interfaces [up to] super computers alike, fit for many different circumstances.

    • Instructionals/Technical

    • Wine or Emulation

      • DXVK 1.3.2 Released With Fixes/Improvements For The Division, World of Warcraft & More

        While a new Proton 4.11 release came out last week as a big Valve update that included pulling in DXVK 1.3, Philip Rebohle who leads work on this Direct3D-over-Vulkan layer today released DXVK 1.3.2 as the latest update for improving the Windows/Direct3D on Linux gaming experience.

        DXVK 1.3.2 is primarily a bug fix release but does have some CPU overhead reductions to help Direct3D 11.1 games like World of Warcraft. There is also support now for the DXVK configuration file to be able to turn on the heads-up display rather than just using the DXVK HUD environment variable.

      • DXVK 1.3.2 is out as a small and focused stability update to this Vulkan layer

        Developer Philip Rebohle has put out a new point release of the Vulkan-based D3D11 and D3D10 implementation for Wine, with DXVK 1.3.2 now up.

        No major new features this time around, as it’s mainly cleaning up some issues in games.

    • Games

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • qutebrowser development blog: Happy birthday, qutebrowser!

          5 years ago today, this happened…

        • About deprecation of QFontMetrics::width()

          With any new version of the Qt toolkit comes some clean-up of its APIs to keep it clean, consistent, and future-proof. Part of this clean-up is to rename API functions to make it more clear what they actually do.

          Starting with Qt 5.11, the QFontMetrics::width() function was deprecated. You could still compile code that uses this function, but since it is marked obsolete, you were encouraged to port away from it.

          So what is unclear or not consistent about it? The function name and signature suggest that you can retrieve the width of a text string (or single character) taking into account the metrics of a specific font. Such metrics are needed to create widget layouts that automatically adapt to user specified fonts or different system display DPIs.

    • Distributions

      • New Releases

        • OSMC’s July update is here

          OSMC’s July update is now here and we continue to improve the OSMC experience for all of our users over the Summer. We have also been working on adding support for 3D Frame Packed (MVC) output for Vero 4K / 4K + and will make test builds available during the week on the forums. We are still preparing Raspberry Pi 4 images and will make these available soon.

      • Slackware Family

        • Patreon account for Patrick Volkerding’s Slackware

          Everybody who wanted to support Slackware after it became clear that the Slackware Store had not been paying Patrick and family for a long time, but was not prepared to create a PayPal account in order to donate money: there is now an alternative.
          Patreon is a community site where “Patrons support the creators they love in exchange for exclusive membership benefits“.
          I don’t know whether Pat will do stuff like “exclusive benefits” considering the fact that he already gives away Slackware Linux for free since 26 years… anyway, he created a page there where you can setup a monthly recurring payment of one dollar or more – whatever you can spare. Payment methods are either PayPal or credit cards.

      • Debian Family

        • Freedombone version 4.0

          The Freedombone project is pleased to announce the launch of version 4.0, based upon Debian 10. At the end of the second decade of the 21st century the shattered remains of the open web are a site of ongoing struggle. The freedom to communicate with others securely and in a manner of your own choosing, and to own your data, is increasingly threatened.

          Superficially, decentralized systems appear to be gaining ground, but the harsh reality is that the internet has become highly concentrated around a few companies with unprecedented political influence.

          There is no freedom without freedom of association. That is, having the ability to define who you are and what kind of community you want to live in. This release includes Community Networks as an initial step towards networks run by and for the people who use them.

        • Freedomebone 4.0 released

          Freedombone 4.0 is available. Freedombone is a distribution (based on Debian 10) focused on the hosting network services under one’s own control on home servers.

        • Free software activities in May, June and July 2019

          Here is an update covering what I have been doing in my free software activities during May, June and July 2019.

      • Canonical/Ubuntu Family

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Seven Concerns Open Source Should Worry About, Part 3: Distributed Ownership

        The vast majority of free and open source (FOSS) projects today operate on a license in/license out basis. In other words, each contributor to a code base continues to own her code while committing to provide a license to anyone that wants to download that code. Of course, no developer ever actually signs a downstream license. Instead, all contributors to a given project agree on the OSI (Open Source Initiative) approved license they want to use, and those terms stand as an open promise to all downstream users.

        But is that really the best way to operate? What about the minority of projects that require contributors to assign ownership of their code to the project? They clearly think assignment is a better way to go. Are they right?

        Sometimes, the answer to that question is easy. If a project isn’t controlled by a legal entity, there’s no one to assign code to. Numerically speaking, that’s the case for more than ninety-nine percent of the tens of millions of libraries hosted by GitHub and other forges. Forges are happy to host code, but not take ownership of it.

        But the percentage flips when you look at the most important FOSS products in use today. The vast majority of those programs are supported by either umbrella organizations, like the Apache, Eclipse and Linux Foundations, or by foundations formed just to host a single project. Most of those organizations do not require code assignment. Why not?

        Before we turn to that question, let’s review the benefits and disadvantages of each approach.
        The main benefit of licensing, as compared to assignment, is that the developer retains unrestricted rights to their code.

        The disadvantages are that no one can speak for the entire code base. If, for example, a new version of a project license came along, it could be difficult for the project to upgrade to that license, particularly if it was no longer able to get in contact with contributors that were no longer active. There would also be no single owner that could bring an action against those violating the terms of the outbound license (largely a concern where a “copyleft” license is involved). That’s because under the laws of countries like the United States, only the owner or the exclusive licensee of a copyrighted work can bring an action against an infringer – like a commercial company that’s using copyleft software in its products without contributing its own innovations back.

        At the same time, the market can be abused by contributors that want to exploit their position as contributors in order to extort damages from inadvertent infringers. While, happily, this has been extremely rare, there is at least one developer, Patrick McHardy, who has been making a business out of suing Linux users, despite the fact that his own contributions to the Linux kernel were estimated two years ago to be less than .25% of the total (that percentage is even lower today). If ownership was in one place, the community of developers could decide among themselves what they deemed, collectively, to be most appropriate.

      • A $1 Billion Open Source Company With No Headquarter: Sid Sijbrandij Of GitLab

        GitLab is one of the most promising open source companies that is valued at $1 billion. What sets GitLab parts from other tech companies is its unique culture. First and foremost, it’s an all remote company that doesn’t have any headquarter. Its work culture focusses more on results than on how many hours you worked. One of the byproduct of this culture is tackling Climate Change in a way most of us didn’t even think of. We sat down with the founder of GitLab to better understand his ideas behind GitLab.

      • Q&A With Ben Kochie, Staff Backend Engineer At GitLab

        In this episode of Let’s Talk, Ben Kochie Staff Backend Engineer, GitLab talks about Kubernetes, Prometheus and the unique remote working culture at GitLab.

      • Haiku Activity Report: Performance Edition

        Welcome to the monthly report for July 2019! Most of the more interesting changes this month have been from myself in the way of performance optimizations, so I’m writing the progress report this month so I can talk about those in some detail.

      • Haiku Developers Begin Optimizing Their BeOS-Inspired OS For Performance

        With the long-awaited Haiku R1 beta having happened at the end of last year and other modern features/support getting squared away, the developers behind this open-source BeOS-inspired operating system have begun investigating their OS performance and making necessary performance optimizations.

        Now that general instabilities and other kernel crashes have been addressed, developers have begun working on addressing the speed of various internal components and making optimizations where relevant. Some of their recent work has been on better memory allocation speed, disk write performance, more granular locking, and avoiding kernel interaction where possible.

      • Marek’s Take: Dish’s 5G plans may be hindered by its lack of open source expertise

        Dish Network is now poised to become the United States’ fourth wireless carrier once T-Mobile’s $26.5 billion acquisition of Sprint is finalized. Although the merger still faces opposition from several state attorneys general, Dish is already putting the wheels in motion to build its nationwide 5G standalone network by issuing a request for proposal (RFP) to potential vendors.

        Dish told the Federal Communications Commission that it will deploy a core network, and offer 5G services to at least 20% of the U.S. population by 2022. And by June 2023, the company’s network will cover 70% of the U.S. population with download speeds of at least 35 Mbps.

      • Alibaba Architecture Frees Open-Source Genie from Trade War Bottle

        Unveiled at an Alibaba Cloud Summit event in the company’s home city of Shanghai last week, the XuanTie 910 chip from Alibaba’s subsidiary, Ping Tou Ge Semiconductor, is a rebuke to the Commerce Department’s Entities List of at least five Chinese tech companies.

        In May, the Commerce Department added the Chinese telecom equipment maker Huawei to the list which effectively prevents American technology companies from doing business with it. After talks with Chinese leaders in June, Trump temporarily removed Huawei from the list, but a bipartisan group of Congress members introduced legislation in July that would prevent Trump from revoking the ban unless Congress approved.

      • Dragonchain Open Sources Its Blockchain Platform

        Dragonchain, a blockchain technology company, released their core blockchain platform under an open source license. With this release, Dragonchain will be able to drive adoption among enterprises and developers looking to build their own blockchain based applications. The open source code gives both enterprises and developers access to blockchain innovations, along with the resources to continue innovating with Dragonchain by contributing code. Dragonchain believes this is a necessary step to further drive adoption and understanding of blockchain technology around the world.


        The blockchain platform was originally created from scratch by Joe Roets, founder and CEO of Dragonchain. It all began inside The Walt Disney Company in 2014, where the project was internally known as the “Disney Private Blockchain Platform.” The Walt Disney Company approved the release of the original code in 2016, demonstrating that it actively contributes robust code to the world, enabling developers to explore more use cases. This still fits perfectly with the philosophy and values of Dragonchain.

      • Gravitational Updates Its Open Source Management To Deliver IoT-Centric Security

        Gravitational is delivering IoT capability in the latest update to its popular open source access management solution, Teleport. Teleport 4.0 delivers IoT-centric security using modern privileged access management by letting developers leverage existing SSH-based toolchains.

    • Web Browsers

      • Mozilla

        • Web Authentication in Firefox for Android

          Firefox for Android (Fennec) now supports the Web Authentication API as of version 68. WebAuthn blends public-key cryptography into web application logins, and is our best technical response to credential phishing. Applications leveraging WebAuthn gain new second factor and “passwordless” biometric authentication capabilities. Now, Firefox for Android matches our support for Passwordless Logins using Windows Hello. As a result, even while mobile you can still obtain the highest level of anti-phishing account security.

    • Productivity Software/LibreOffice/Calligra

      • Community Member Monday: DaeHyun Sung

        So, my surname is Sung, first name is DaeHyun (Korean Hangul notation: 성대현, Korean Hanja notation: 成大鉉). I’m from the Korean peninsular’s south-east area, Gyeongsang Province (경상도/慶尙道) region, Korea. Now, I live in the south-east side of Seoul (서울).

        I’m Korean. My mother tongue is Gyeongsang dialect of Korean. But I can speaks Both Standard Korean [표준말 or 표준한국어/標準韓國語] and Gyeongsang dialect of Korean [경상도사투리 or 경상방언/慶尙方言].

        My Twitter ID is @studioego, and I’m also on Github: https://github.com/studioego

        I contribute to improvements to Korean language support in free/libre open source software (FLOSS), mostly in my spare time. Also, I’m learning East Asian Languages (such as Mandarin Chinese, and Japanese).

        This is because, three languages (Chinese, Japanese, Korean) use Chinese characters 漢字 (also called “ideographs”) and share a similar culture. I am curious as I study the commonalities and differences in the East Asian languages. I also like to visit some historic sites and take pictures in Korea.

    • Pseudo-Open Source (Openwashing)

    • Openness/Sharing/Collaboration

      • Open Hardware/Modding

        • Open Source desktop 3D print smoother

          If you would like to smooth out the 3D printed filament lines on your 3D prints and designs you may be interested in a new open source smoothing machine which has been created by independent engineer and mechanical designer Ismael. What demonstration video below to learn more about the post treatment machine that allows you to improve the finish of your 3D printed objects. The image below is not from the open source 3D print smoothing machine created by Ismael but shows what can be accomplished using similar methods.

        • Three Companies Bringing Innovation to Open Keyboards

          If innovation is stalled on the desktop, it’s thriving in open hardware. Computers with free firmware, cheap prosthetics, the open source RISC-V architecture — name any innovation that has been confined to speculation in the last decade, and chances are someone is trying to realize it with the help of crowdfunding. One of the strongest examples of this trend is the open keyboard community, which is at the fore of the latest developments.

          Although many of us spend hours each day at a keyboard, most users rarely think of keyboards. They use a full size keyboard with a standard QWERTY layout. Unless they happen to be gamers, they use a membrane keyboard, in which characters are typed by bring two pressure points in contact with one another, a cheap technology that wears out quickly. Meanwhile, unknown to most of us, an open source keyboard community has been working for close to a decade to bring more advanced technology into wide use.

          The world of keyboards is a field with jargon all its own. For instance, preload is the pressure needed to activate a key, and bounce how quickly a key is read to use again. Similarly, tactile (quiet) and clicky (loud) keys refer to how much sound keys make to give users feedback. Even more importantly, top of the line keyboards — usually inspired by the demands of gamers — include programmable keys and layers, which allow the same keyboard to support both QWERTY and Dvorak layouts, or one layout for programming in Vim and another for painting in Krita. Among the initiated, there is also a strong preference for mechanical keys, each with its own mechanism or keyswitch, and all of them longer-lasting than membranes and replaceable if damaged. As well, keycaps — the parts that fingers strike — are also usually removable. Keys are backlit. All these terms and technologies are endlessly debated, but most advanced keyboards have all of them.

    • Programming/Development

      • Huawei releases the ARK Compiler source code

        Only four days to go before the Huawei Developer Conference opens, during which Hongmeng OS could be presented and the Chinese producer opened the ball by releasing the source code of ARK Compiler.

        It was announced last April and was introduced on Huawei smartphones together with EMUI 9.1, the new interface of the Asian giant. Thanks to the new compiler, the fluidity of the operating system has improved by 24%, responsiveness by 44% and third-party applications are 60% faster.

      • Huawei’s Ark Compiler is now open source – paves the way for new possibilities

        Earlier this year, Huawei unveiled its Android compiler known as Ark compiler to speed up the code execution. It aims to improve the overall Android system efficiency by making App compilation more fluent. As announced earlier, the Huawei has finally opened the Ark Compiler for public. Huawei’s idea behind making it open-source is to nourish the development ecosystem, which can play a significant role in the growth of Huawei’s upcoming OS. However, the Chinese electronics maker has not revealed any exact information, but if we believe the industry analysts, then the company is establishing a base for its own OS.

      • How to Make a Scatter Plot in Python using Seaborn

        Data visualization is a big part of the process of data analysis. In this post, we will learn how make a scatter plot using Python and the package Seaborn. In detail, we will learn how to use the Seaborn methods scatterplot, regplot, lmplot, and pairplot to create scatter plots in Python.

        More specifically, we will learn how to make scatter plots, change the size of the dots, change the markers, the colors, and change the number of ticks. Furthermore, we will learn how to plot a regression line, add text, plot a distribution on a scatter plot, among other things. Finally, we will also learn how to save Seaborn plots in high resolution. That is, we learn how to make print-ready plots.

        Scatter plots are powerful data visualization tools that can reveal a lot of information. Thus, this Python scatter plot tutorial will start explain what they are and when to use them. After we done that, we will learn how to make scatter plots.

      • PyDev of the Week: Eric Matthes

        This week we welcome Eric Matthes (@ehmatthes) as our PyDev of the Week! Eric is the author of the popular book, Python Crash Course. He also created a neat set of Python Flash Cards that I reviewed earlier this year.

      • Cogito, Ergo Sumana: Kickoff for Python 2 Sunsetting Communications Work

        Python’s 2.x line will reach End of Life on January 1, 2020, meaning that the maintainers of Python 2 will stop supporting it, even for security patches. Many institutions and codebases have not yet ported their code from Python 2 to Python 3. And many of them haven’t even heard yet about the upcoming EOL. Volunteers have made many resources to help publicize and educate, but there’s still more work to be done.

        So the Python Software Foundation has contracted with my firm, Changeset Consulting, to help communicate about the sunsetting of Python 2. The high-level goal for Changeset’s involvement is to help users through the end of the transition, help with communication so volunteers are not overwhelmed, and help update public-facing assets so core developers are not overwhelmed.

      • What You Need to Know to Manage Users in Django Admin

        User management in Django admin is a tricky subject. If you enforce too many permissions, then you might interfere with day-to-day operations. If you allow for permissions to be granted freely without supervision, then you put your system at risk.

        Django provides a good authentication framework with tight integration to Django admin. Out of the box, Django admin does not enforce special restrictions on the user admin. This can lead to dangerous scenarios that might compromise your system.

        Did you know staff users that manage other users in the admin can edit their own permissions? Did you know they can also make themselves superusers? There is nothing in Django admin that prevents that, so it’s up to you!

      • The Future Of Work Is Remote: Carol Teskey

        Carol Teskey is the Director of Global People Operations at GitLab. She joined GitLab from a traditional company and she could see huge differences between the culture of a modern all-remote company and legacy companies.

      • How to sort generative art patterns by beauty (Simple clustering example with python and sklearn)

        Some time ago I created this small script to convert numbers into patterns. I’m not going to explain how the script works in detail but it’s inspired on Stephen Wolfram’s Elementary Cellular Automatas which converts numbers like 30 into binary (00011110) and then interprets the digits as turning ON or OFF of 8 different basic rules (In that case there are 4 rules activated, rule 4, 5, 6 and 7) that define when to turn ON and OFF a pixel in the image.

        Using this I can generate an infinite number of different patterns, the problem is that most of them are not really interesting and I have no time to check them one by one. That’s why in this post I explain how I tried to automate the process of finding out the most interesting/beautiful cellular automatas.

      • Debugging with Docker and Rocker – A Concrete Example helping on macOS

        Roger Koenker posted a question: how to best debug an issue arising only with gfortran-9 which is difficult to get hold off on his macOS development platform. Some people followed up, and I mentioned that I had good success using Docker, and particularly our Rocker containers—and outlined a quick mini-tutorial (which had one mini-typo lacking the imporant slash in -w /work). Roger and I followed up over a few more off-list emails, and by and large this worked for him.

        So what follows below is a jointly written / edited ‘mini HOWTO’ of how to deploy Docker on macOS for debugging under particular toolchains more easily available on Linux. Windows and Linux use should be very similar, albeit differ in the initial install. In fact, I frequently debug or test in Docker sessions when I do not want to install on my Linux host system. Roger sent one version (I had also edited) back to the list. What follows is my final version.

  • Leftovers

    • Security (Confidentiality/Integrity/Availability)

      • Hackers exploit SMS gateways to text millions of US numbers

        Receive any strange SMS text messages recently?

      • How to make a VPN in under 30 minutes

        VPNs, or Virtual Private Networks, are a popular way to stay safe online.

      • Reproducible Builds in July 2019

        In these reports we outline the most important things that we have been up over the past month. As a quick recap, whilst anyone can inspect the source code of free software for malicious flaws, almost all software is distributed to end users as pre-compiled binaries.

        The motivation behind the reproducible builds effort is to ensure no flaws have been introduced during this compilation process by promising identical results are always generated from a given source, thus allowing multiple third-parties to come to a consensus on whether a build was compromised.

      • Zero Trust Security Explained

        In this ‘Takeaway’, Mark Loveless explains what is ‘zero trust security. Mark Loveless is Senior Security Engineer at GitLab.

      • You Can’t Trust Anything In The Cloud: Zero Trust Security Explained

        Mark Loveless is Senior Security Engineer at GitLab. In this interview, he talks about zero trust security in the cloud-native world and how cloud has totally changed the security landscape.

    • Finance

    • AstroTurf/Lobbying/Politics

      • Using Restorative Justice To Deal With Internet Trolls And Jackasses

        One of the things that I’ve tried to highlight over the years, when it comes to questions of content moderation on internet platforms, is that there is a much wider spectrum of options than just “take it down” or “leave it up.” Many people seem to think that those are the only two options — and this is especially true when it comes to policymakers looking to create new laws to moderate types of content online. So much of it is focused on getting sites to remove content. But there are other options — and sometimes those other options can be more effective.

        The latest episode of the radio program On The Media is an interesting (and admittedly unscientific) experiment in using techniques of “restorative justice” in response to internet trolling and harassment. On The Media has been doing an interesting series of episodes on the concepts of “restorative justice,” highlighting that focusing just on punishing those who engage in bad behavior often leads to more of their bad behavior, rather than an improvement going forward. There are a variety of programs these days, that seek to come up with more proactive approaches to dealing with criminal behavior that is driven by circumstances, and it’s likely there will be many more as well.

    • Censorship/Free Speech

      • UK Lobbyist’s Long-Running Astroturf Efforts Shows Facebook Will Never Be Able To Stop Fake News, Ban All Conservatives

        For all the talk about social media platforms and their supposed anti-conservative bias, it seems like plenty of conservatives are doing just fine. Once you eliminate a short list of fringe grifters and Nazi fans, you’re left with plenty of big name conservatives who still enjoy the use of multiple platforms. Even Dennis Prager of PragerU is struggling to make a federal case of YouTube’s moderation of a small percentage of his videos; asking the court to ignore the forest of views for a few pruned trees.

        Moderation at scale is hard and every new wrinkle demanded by politicians and activists results in another string of failures. Jim Waterson of The Guardian digs in deep into the details of another Facebook moderation failure — one that allowed newly-minted Prime Minister Boris Johnson’s lobbying buddy to skirt rules meant to inform users about paid political campaigning efforts.

      • Why Is Our First Reaction To Mass Shootings To Talk About Censorship?

        There were more mass shootings this weekend in the US. The Onion has been busy running more copies of its infamous ‘No Way To Prevent This,’ Says Only Nation Where This Regularly Happens articles which run after every such shooting. And yet, it seems that many people want to talk about censorship. And this is true on both sides of the mainstream political aisle. Rep. Kevin McCarthy got the nonsense kicked off with the usual fallback for Republicans who don’t want to talk about guns, by blaming video games. This happens all the time — often from people who claim that they’re “Constitutionalists.” Of course, it’s hard to see how you can be a Constitutionalist if you dump on the 1st Amendment to protect the 2nd.

        But it’s not just Republicans with an aversion to having any sort of actual discussion about gun control who jump to censorship. Given that some of the most recent shootings have involved angry, ignorant, idiotic rants posted on 8chan (stop calling them manifestos, guys), there’s been a vocal discussion this past weekend on whether or not 8chan should be censored or shut down. 8chan, as you may recall, was founded as something of an alternative to 4chan, after some people (somewhat ridiculously) felt that that site was moderated too much. It was founded with the same hubris as the ignorant people who insist that there should never be any content moderation on any site, without realizing what that means in reality. And now, with even the site’s own founder saying that it should be shut down (people might want to go back and look at what he was saying during the GamerGate era…), Cloudflare has now been pressured into cutting off its services for 8chan as well.

      • ‘Free Speech Defender’ Devin Nunes Sues More Critics, Promises More Such Lawsuits Are Coming

        You can read the complaint here, which is filed by the same lawyer, Steven Bliss, as the previous two lawsuits. Notably, this lawsuit was filed in California state court. The previous two lawsuits were filed in Virginia, likely as a means of evading California’s anti-SLAPP statute.

        That’s why it’s quite interesting that this lawsuit was filed in California. Given that all the defendants are based in California, it’s likely that Nunes recognized he couldn’t file this case elsewhere — though it might also explain why this case is filed by his campaign, rather than himself (as the other lawsuits were). However, it does mean that this case is absolutely subject to California’s anti-SLAPP laws and could very well mean that Nunes’ campaign ends up having to pay the legal fees, should it be judged to be a SLAPP suit. And this lawsuit has many of the hallmarks of a classic SLAPP suit. An elected official, a very public official, suing some critics for their speech criticizing him? Classic SLAPP.

        In this case, the lawsuit is even stranger, as the campaign is — get this — arguing “tortious interference with business.” Yes, he’s arguing that his political critics have gotten in the way of the “business expectancies” of his campaign. Think about that.


        He’s literally suing over them filing an ethics complaint against him. This is like the quintessential version of what a SLAPP suit is — one in which a public official sues a critic over petitioning the government. I’d be amazed if the defendants don’t move to strike under California’s anti-SLAPP law and seek their legal fees from Nunes’ campaign.

        Much of the rest of the filing is, as his previous ones, performative, rather than making any reasonable legal claims. Yes, sometimes in campaigns, those who disagree with you do things to try to make you look bad. And, yes, there are reasonable concerns about “dark money” in campaigns — but I thought it was the Republicans who supported things like Citizens United and the ability to use Super PACs and dark money. Of course, what’s amusing is how much this complaint’s whining about “dark money” seem to mirror the complaints Nunes’ critics make about dark money in his campaign. Indeed, last year, the group “Anybody But Nunes” put out a document raising questions about Nunes’ fundraising practices. It calls for an FEC investigation into his own fundraising practices, highlighting an article that the FEC had started investigating his campaign for possible campaign finance violations, though those appear to be focused on a few donations that may have exceeded federal contribution limits.

    • Privacy/Surveillance

      • DEEP DIVE: CBP’s Social Media Surveillance Poses Risks to Free Speech and Privacy Rights

        The U.S. Department of Homeland Security (DHS) and one of its component agencies, U.S. Customs and Border Protection (CBP), released a Privacy Impact Assessment [.pdf] on CBP’s practice of monitoring social media to enhance the agency’s “situational awareness.” As we’ve argued in relation to other government social media surveillance programs, this practice endangers the free speech and privacy rights of Americans.

      • Cisco Shells Out $8.6 Million For Selling The Government Easily Hackable Tech

        Not keen on competing with cheaper Chinese hardware, Cisco has long lobbied the US government to hamstring Chinese competitors like Huawei for lax security practices. At the beginning of this decade as Huawei began to make inroads into US markets, Cisco could frequently be found trying to gin up lawmaker angst on this subject for obvious, financial gain. And while Huawei (like most telecom giants) certainly does dumb and unethical things, it’s fairly obvious that at least a portion of our recent hyperventilation over (so far unproven) allegations that Huawei spies on Americans is good old fashioned protectionism.

        Fast forward to this week, when new reports suggested that Cisco should have spent a little more time worrying about its own products. The company was required to pay the government $8.6 million after it was found the company routinely sold the government hackable video cameras, then did nothing to secure the devices once they were in the wild. For years. The vulnerable gear, exposed by a Cisco whistleblower, was sold to a variety of hospitals, airports, schools, state governments and federal agencies.

    • Civil Rights/Policing

      • ‘Judgment at Nuremberg’ more timely than ever

        At the heart of the matter is Nazi Germany’s fear of “genetic pollutants” and miscegenation which led to such policies as forced sterilization. The defense counsel, Hans Rolfe (Maximilian Schell), puts forward a novel legal theory. He sees the entirety of the German people being on trial and therefore partially responsible for the actions of the accused jurists..

      • Invoking Massacres In Dayton And El Paso, Chicago Police Chief Spreads Disinformation About Bail Reform

        In the wake of massacres in Dayton and El Paso, Chicago police chief Eddie Johnson once again promoted misinformation about bail reform and how it has fueled gun violence in Chicago.

        Seven people were reportedly killed, and at least 46 individuals were injured in shootings that took place from Friday evening to early Sunday.

        The Chicago Police Department believes all of the weekend violence was connected to individuals linked to gangs, who are “carrying illegal guns to settle disputes and prey on rivals.”

        Johnson griped during a press conference on August 4, “For $1000 and an ankle bracelet, you can walk out of jail after being arrested with military-grade assault weapons complete with armor-piercing bullets. And I can say that because we saw that happen yesterday.”

        When Johnson was asked to expand on his remarks about bail reform, he defensively replied, “Look, bail reform, I’m okay with that. You know, we clearly should be doing some things differently. What I’m not okay with is a guy has four AK-47s, and he gets out on home monitoring.”

      • St. Louis County Pays Woman $750,000 After Cops Perform A No-Knock Raid, Kill Her Dog… All Over Unpaid Utility Bills

        The taxpayers of St. Louis County are now out $750,000 because the local boys thought the best way to address a “problem property” complaint was to talk themselves into feeling reasonably afraid and head in guns blazing.

        The officers knew Zorich possessed at least one pit bull. But this alone wasn’t enough to justify the no-knock raid. Nor the murder of the dog. Officers claimed the dog charged them, necessitating the killing of the family pet. But testimony during the trial exposed this for the lie it was. The dog was shot in the back, six feet away from the nearest officer who, let’s remember, was wearing tactical gear.

    • Monopolies

      • Patents and Software Patents

        • Nokia v. Daimler: (anti-)anti suit injunctions and the Brussels I regime in global FRAND litigation

          What a time to start off as GuestKat! Just a few days ago the ECJ issued three landmark copyright decisions [see here] and upheld the invalidation of Red Bull’s blue-and-silver color marks [see here].

          In patent law, the Munich Regional Court made waves when it became known that it had issued an “anti-anti suit injunction” in proceedings between Nokia and Daimler [reported on FOSS Patents here, on JUVE Patent here and on the Comparative Patent Remedies blog here].

          This decision is potentially quite important for the developing global landscape, so I’d like to reflect on it in a bit more detail here, particularly how the issues might play out in a European context under the Brussels I regime. A ‘Notice of letter to court’ filed by Nokia that contains the decision and an English translation thereof has been made available by Florian Mueller of FOSS Patents here.


          FOSS Patents notes that Continental US’s motion for the anti-suit injunction suffers from various problems and I would agree. Several of Daimler’s suppliers were joined in the German proceedings because Daimler invoked indemnity against them, but Continental US was not among them. That suggests that Continental US is not the entity actually supplying Daimler with the TCU’s. In addition, the motion seems overbroad as Nokia contends that some of the German cases involve models that don’t comprise Continental TCU’s. It is thus doubtful whether the anti-suit injunction would have been granted by the District Court or, so long as Continental US does not comply with the Munich injunction, will be granted.

          However, I don’t agree with FOSS’s suggestion that “there would actually be valid policy reasons” for the District Court to enjoin the German proceedings. That would mean that any party sued for infringement of a SEP before a German court could file a new suit in the US, where FRAND-case law might be more favourable to it, and through an anti-suit injunction block the German proceedings. It seems correct, as the Munich Regional Court finds at 2 a) bb), that this would deprive the patentee “of their right of action in Germany”. That is all the more so if it were not just open to the implementer to do this, but also to their supplier, as is the case here.

        • Which Area is Wider?

          The priority filing of Collabo’s U.S. Patent No. 5,952,714 reaches back to 1995. Although the patent is now expired, Sony filed this inter partes review (IPR) to avoid back damages. The pending infringement litigation was stayed pending outcome of the IPR. For its part, Collabo is a subsidiary of the licensing company Wi-Lan, who bought several hundred patents from Panasonic.

          The patent covers an improved solid state image sensor used in cameras. Here, the improvement is a reduction in manufacturing costs by increasing the size of the housing inlet (26) — allowing the chip (27) to be inserted more easily (from below in the drawing).


          In its claim construction, the Federal Circuit agreed with the Board, that “wider area” might be a smaller area, so long as one dimension is wider. The Court particularly notes that the specification uses “larger area” when considering the actual area, but “wider” when looking at one dimension of the space. That construction meant that the prior art was easier to link to the claims and support the Board’s invalidity finding.

      • Trademarks

      • Copyrights

        • New official translations of CC legal tools published for Korean and Czech

          The version 4.0 license suite and CC0 are now available in Korean as a result of the collaborative work of CC Korea volunteers. The 4.0 licenses are also now available in Czech, thanks to the work and leadership of CC community members from the Czech Republic.

          For the Korean translations, the process was initiated by a group of CC Korea members as a collaborative project in 2017 and was on hold before being resumed in late 2018. The Korean translations were drafted by Soohyun Pae, professional translator and former CC Asia Pacific Regional Coordinator, and then reviewed by Jay Yoon, the former Public Lead of CC Korea who is a practicing lawyer. The final draft for review was submitted to CC HQ on Feb 8, 2019. With the kind support of the Korea Copyright Commission, the public consultation was held from Apr 1 to Apr 30, 2019 through a dedicated webpage and the announcement was made by CODE through its social media and by the Korea Copyright Commission on its website. The public consultation went smoothly and was completed with no major issues found.

Links 5/8/2019: Linux 5.3 RC3, Mesa 19.1.4 RC, GCC 9.2 RC, LLVM 8.0.1 Release

Posted in News Roundup at 11:08 am by Dr. Roy Schestowitz

  • GNU/Linux

    • Server

      • Startup Dgraph Labs growing graph database technology

        Dgraph Labs Inc. is set to grow its graph database technology with the help of a cash infusion of venture financing.

        The company was founded in 2015 as an effort to advance the state of graph database technology. Dgraph Labs’ founder and CEO Manish Jain previously worked at Google, where he led a team that was building out graph database systems. Jain decided there was a need for a high-performance graph database technology that could address different enterprise use cases.

        Dgraph said July 31 it had completed an $11.5 million Series A funding round.

    • Audiocasts/Shows

      • gnuWorldOrder 13×32
      • Linux Action News 117

        Manjaro’s news starts us off and leads us into a bigger philosophical question about open source development.

        Plus Gnome and KDE come together at the Linux App Summit, Mozilla’s update on DNS-over-HTTPS, and the case for the VR desktop.

    • Kernel Space

      • Linux 5.3-rc3
        Interesting. Last Sunday, rc2 was fairly large to match the biggish
        merge window, but this last week has actually been quite calm, and rc3
        is actually smaller than usual, and smaller than rc2 was. Usually it's
        the other way around: rc2 is small while people take a breather after
        the merge window, and then rc3 is when thing grow.
        Oh well. One reason is probably that there was no networking fix pull
        this past week, so the changes are mostly driver fixes (gpu is most
        noticeable, but there's other stuff in there too - rdma, scsi, xen)
        with the usual arch updates (mainly arm64 and s390 this time around)
        and then a random smattering all over (example: tooling header files
        got re-synced with the main kernel header files. Very interesting, I
        But there really isn't a ton of changes, and most of the changes are
        pretty small.
        Go out and test. And if you just want to see what changed, read the
        shortlog below. It really is not all that exciting, I feel.
      • Linux 5.3-rc3 Comes In As A Calm Release

        Linus Torvalds released Linux 5.3-rc3 on Sunday night and it was to his surprise that it was even smaller than the previous week’s release candidate.

        Linux 5.3-rc3 marked a rather calm week that was quieter than 5.3-rc2 and with less changes, which normally isn’t the case for the third week in the kernel development cycle.

      • Graphics Stack

        • Intel clarifies on US$200 Intel Xe GPUs, new Linux driver signals Xe iGPU+dGPU multi-GPU support

          It is well-known by now that Intel is prepping up its Xe GPUs to be viable AMD and NVIDIA contenders, at least in the mid-range at first and possibly at the high-end sometime down the line. Recently, we also saw some leaked driver references to the next gen Gen12 graphics architecture that will form part of Xe as well as integrated Intel GPUs. All these developments combined with the anticipation of having a veteran of the likes of Raja Koduri at the helm has created palpable excitement in the GPU space. However, this has also resulted in some misconstrued reports.

          Recently, in an interview to Russian YouTube channel Pro Hi-Tech (now removed, but you can still watch it on Computerbase.de at the 6:15 mark), Koduri apparently spoke about Intel’s plans of targeting the first Xe GPUs with HBM memory at the US$200 price point. The channel chose to include a voice-over in Russian, which made Koduri’s actual statements in English incomprehensible. A Redditor, u/taryakun, provided a translation for Koduri’s message, which reads,

        • Mesa 19.1.4 release candidate
          Hello list,
          The candidate for the Mesa 19.1.4 is now available. Currently we have:
           - 49 queued
           - 2 nominated (outstanding)
           - and 0 rejected patch
          The current queue consist mostly, as usual, in fixes for different drivers (anv,
          radv, radeon, nv50, nvc0) as well as in backend parts (egl, spirv, nir, ...).
          Of those fixes, we could highlight several ones:
          - Vulkan 24/48 bit formats are now not supported on Ivybridge.
          - R8G8B8_UNORM_SRGB is not supported on Haswell.
          - A fix for hair artifacts in Max Payne 3 on AMD/RADV.
          - Vulkan transform feedback extension is disabled on Intel gen7.
          Take a look at section "Mesa stable queue" for more information
          Testing reports/general approval
          Any testing reports (or general approval of the state of the branch) will be
          greatly appreciated.
          The plan is to have 19.1.4 this Tuesday (6th August), around or shortly after
          10:00 GMT.
          If you have any questions or suggestions - be that about the current patch queue
          or otherwise, please go ahead.
        • Mesa 19.1.4: Intel Vulkan Fixes For Older Generations, Max Payne 3 Issue Fixed For RADV

          If all goes well Mesa 19.1.4 will be released on Tuesday as the newest stable point release to this collection of OpenGL/Vulkan drivers for Linux systems. Mesa 19.1.4 is bringing around four dozen patches that accumulated over the later half of July and it’s particularly heavy on Intel ANV and Radeon RADV Vulkan driver fixes.

          Mesa 19.1.4 will no longer advertise 24/48-bit format support for Vulkan on Ivybridge (the oldest Intel Gen graphics supported by the driver) and it also stops advertising R8G8B8_UNORM_SRGB on Haswell. Vulkan transform feedback support was also disabled for Intel Gen7 Ivybridge/Haswell graphics due to being buggy there / not properly supported. That should clear up some issues for those using these buggy/unsupported bits on these older generations of Intel graphics.

        • New Linux driver signals Intel Xe iGPU+dGPU multi-GPU support

          It is well-known by now that Intel is prepping up its Xe GPUs to be viable AMD and NVIDIA contenders, at least in the mid-range at first and possibly at the high-end sometime down the line. Recently, we also saw some leaked driver references to the next gen Gen12 graphics architecture that will form part of Xe as well as integrated Intel GPUs.

          A couple of months ago, we reported that Intel Gen11 OpenGL (i915) and Vulkan (ANV) drivers for Linux are feature-complete and that we should be seeing them integrated in distros running Linux kernel 5.2 and above. Phoronix, which is closely monitoring the Intel kernel driver patches, now notes that restructuring of the i915 Direct Rendering Manager (DRM) driver has begun in preparation for Xe’s multi-GPU support. The patch notes say,

    • Applications

      • Blender 2.8 Has Been Released!, Say Goodbye For Low Spec Computers!

        One of the requirements for running version 2.8 is that we must have a computer with OpenGL 3.3. Yes, this is bad news for me and other low specification computer users. Because, at this time we are unable to run Blender 2.8 on computers with OpenGL below the standards specified by the Blender. So for those of you who want to run Blender 2.8, maybe, it’s better to upgrade the hardware you have, or maybe buy a new PC that has more qualified specifications.

      • cli-visualizer – command line visualizer for MPD, ALSA and PulseAudio

        Over the past few months, I’ve written many reviews of open source audio software, focusing mainly on music players. Linux has a mouthwatering array of open source multimedia tools, so I’m going to turn my attention in that direction. First off, let’s take a quick run-through about cli-visualizer.

        cli-visualizer is a command-line visualizer. Music visualization generates animated imagery based on a piece of music. The imagery is generated and rendered in real time and in a way synchronized with the music as it is played. Good music visualization seeks a high degree of visual correlation between a musical track’s spectral characteristics such as frequency and amplitude.

        cli-visualizer supports MPD, as well as ALSA and PulseAudio.

        The software is written in C++ and published under an open source license.

      • What’s your favorite open source BI software?

        Open source software has come a long way since the Open Source Initiative was founded in February 1998. Back then, the thought of releasing source code anyone could change scared many commercial software vendors. Now, according to Red Hat’s 2019 State of Enterprise Open Source survey, 99% of IT leaders say open source software plays at least a “somewhat important” role in their enterprise IT strategy.

        Open source principles play an equally key role in business intelligence (BI). Gartner’s Magic Quadrant for Data Science and Machine Learning said the market is in the midst of a “big bang” that’s redefining the “who” and “how” of data science and ML. In this report (available for clients), the authors cite open source software as one reason for the growth of citizen data scientists—”‘power users’ who can perform both simple and moderately sophisticated analytical tasks that would previously have required more expertise.”

      • Intel’s IWD 0.19 Linux Wireless Daemon Picks Up New Features

        IWD is the multi-year effort by Intel’s open-source group to create a new Linux wireless daemon that could potentially replace WPA-Supplicant. IWD 0.19 is the new release available that arrived at the end of the weekend and carrying new features.

      • Chafa 1.2.0: Faster than ever, now with 75% more grit

        For all you terminal graphics connoisseurs out there (there must be dozens of us!), I released Chafa 1.2.0 this weekend. Thanks to embedded copies of some parallel image scaling code and the quite excellent libnsgif, it’s faster and better in every way. What’s more, there are exciting new dithering knobs to further mangle refine your beautiful pictures. You can see what this stuff looks like in the gallery.

        Included is also a Python program by Mo Zhou that uses k-means clustering to produce optimal glyph sets from training data. Neat!

        Thanks to all the packagers, unsung heroes of the F/OSS world. Shoutouts go to Michael Vetter (openSUSE) and Guy Fleury Iteriteka (Guix) who got in touch with package info and installation instructions.

      • 4 cool new projects to try in COPR for August 2019

        COPR is a collection of personal repositories for software that isn’t carried in Fedora. Some software doesn’t conform to standards that allow easy packaging. Or it may not meet other Fedora standards, despite being free and open source. COPR can offer these projects outside the Fedora set of packages. Software in COPR isn’t supported by Fedora infrastructure or signed by the project. However, it can be a neat way to try new or experimental software.

      • Review of the Igalia Multimedia team Activities (2019/H1)

        Another important feature for non-linear video editors is nested timeline support. It allows teams to decouple big editing projects in smaller chunks that can later on be assembled for the final product. Another use-case is about pre-filling the timeline with boilerplate scenes, so that an initial version of the movie can be assembled before all teams involved in the project have provided the final content. To support this, Thibault implemented a GES demuxer which transparently enables playback support for GES files (through file://path/to/file.xges URIs) in any GStreamer-based media player.

        As if this wasn’t impressive enough yet, Thibault greatly improved the GES unit-tests, fixing a lot of memory leaks, race conditions and generally improving the reliability of the test suite. This is very important because the Gitlab continuous integration now executes the tests harness for every submitted merge request.

        For more information about this, the curious readers can dive in Thibault’s blog post. Thibault was invited to talk about these on-going efforts at SIGGRAPH during the OpenTimelineIO BOF.

        Finally, Thibault is mentoring Swayamjeet Swain as part of the GSoC program, the project is about adding nested timeline support in Pitivi.

      • Proprietary

        • 10 Best Google Maps Alternatives You Should Try

          Google Map is arguably the most popular map application and this should come as no surprise because of Google’s stronghold on web surfing and navigation e.g. Google Earth, but you would be wrong to think that there aren’t alternatives that are just as cool and in some cases, even cooler.

          Today, we bring you a list of the Best Map & Navigations Apps that you can use instead of Google Maps. They all feature a modern UI that is easy to use and offer almost any functionality you might want when driving within a familiar city or trying to get lost in strange terrains. They are arranged in no particular order.

    • Instructionals/Technical

    • Games

      • The developer of Gloomhaven wants to see what kind of demand there is for Linux support

        Gloomhaven, he digital adaptation of the acclaimed board game recently entered Steam’s Early Access program and it appears the developer Flaming Fowl Studios continued to be open about Linux support.

        This wouldn’t be the first time they’ve talked about Linux support. In fact, their latest word on it does seem to be a bit of a backtrack from a previous statement, but priorities change and nothing is ever set in stone when a game is in development. That was multiple months before Early Access even started though, to be fair.

      • FOSS game engine “Godot Engine” making fantastic Vulkan API progress

        Godot Engine developer Juan Linietsky continues pushing ahead with Godot’s move to Vulkan, with another impressive progress report now available and it all sounds great.

        Firstly, Linietsky goes over improvements to the lighting and shadows system, with Godot 4.0 having all “2D lighting is now done in a single pass”, which will give it a decent performance although now there’s a few limits in place but the improvements should be worth it. Additionally, they’ve added the ability to use “specular and shininess both as parameter and as textures supplied to Sprite, AnimatedSprite, Polygon2D and other nodes” for 2D lights.

        Further improvements include a new 2D material system, which enables writing custom shaders with their fancy new Vulkan renderer and there’s no restriction on the amount of textures shaders can use. As another performance boost, shaders are compiled and cached on load reducing game stalls. Shader compilation is also now fully threaded “greatly improving performance”. There’s more multi-threading work being done, with even more to come later too.

      • Collabora detail more work going into Monado, their open source OpenXR runtime

        With the 1.0 release of the OpenXR 1.0 specification, Collabora have begun to detail more work going on with Monado their open source OpenXR runtime for Linux.

      • Another SteamVR release is up, further improving the VR experience on Linux

        Valve continue to move at a rapid pace to improve SteamVR across all platforms, especially with the Valve Index being so new there’s plenty of teething issues to address. This is not a beta release, this is an official release of SteamVR.

        Something that has been posted across the web (and emailed to us), is an issue with the Valve Index Controller thumbsticks. Like a lot of thumbsticks, you can click it in to perform some sort of action. However, it seems you’re not able to click it in all the time and in certain positions it won’t click or won’t register it has been clicked. To the point that VR game developers have been working to remove the need for it. So what have Valve done?

      • Co-op submarine adventure roguelike “We Need To Go Deeper” officially released

        After over two years of Early Access, the silly co-op roguelike submarine adventure We Need To Go Deeper has released. Very similar in idea to Barotrauma, with a much more playful setting and style to it.

        When I last tested it, I wasn’t overly impressed. A messy interface, no help or guidance on what to do with no tutorial. The layout has certainly improved, things are a little clearer now but there’s still no tutorial, it still just dumps you into a game without the slightest explanation of what to do. Due to this, it can be somewhat frustrating, although also highly amusing while you’re discovering what to do.

      • Laservasion looks like a nice twist on Asteroids with great music and colourful visuals

        Laservasion is the next game from Red Phoenix Studios (prev. Poly Towns, A New World: Kingdoms), a shoot ‘em up that resembles the classic Asteroids only it seems to get a lot more intense.

        Speaking about the new game, the developer said they wanted to make a game with a smaller scope than their previous titles, so they decided to make something inspired by the classics.

      • Simple and relaxing trading sim “Merchant of the Skies” has entered Early Access

        Merchant of the Skies from Latvian developer Coldwild Games just recently entered Early Access, it’s a strangely relaxing trading sim.

        Starting off with nothing but a simple airship, you set off across the skies in search of goods to buy and sell. As you progress, you can gradually upgrade your ship, obtain perks to help like reducing fuel consumption, purchase an island or two, come across a massive Carrot with a Top Hat and more.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

      • GNOME Desktop/GTK

        • Another GNOME Improvement Being Discussed To Help With Touchpad Scrolling / Tablets

          Daniel has volleyed a new patch under discussion for only queuing compressible events within Mutter’s Clutter stage code. In doing so, this lowers the input latency for incompressible events such as touchpad scrolling and drawing tablets. The impact is that those scrolling / drawing tablet events can arrive as much as one frame sooner than the current code. Beyond the lower latency, the incompressible events should be smoother / less bursts as a result.

        • App Grid in GNOME Shell

          During the London UX Hackfest, in 2017, GNOME designers and developers had many interesting ideas about different ways to organize GNOME Shell’s UI elements. Letting designers create freely, without having to consider toolkit limitations or time constraints, can produce wonderful results!

          It is interesting to notice that many of these ideas floated around the concept of an user-customizable application grid.

          In fact, such kind of application grid exists in Endless OS (which by itself is loosely inspired by how smartphones do that) and our user research has shown that it improves discoverability. New users that are presented to Endless OS can easily and quickly navigate through the OS.

    • Distributions

      • New Releases

        • 4MLinux 29.2 released.

          This is a minor (point) release in the 4MLinux STABLE channel, which comes with the Linux kernel 4.19.57. The 4MLinux Server now includes Apache 2.4.39, MariaDB 10.3.16, and PHP 7.3.7 (see this post for more details).

          You can update your 4MLinux by executing the “zk update” command in your terminal (fully automatic process).

      • Screenshots/Screencasts

      • Debian Family

        • SparkyLinux 2019.08 Released, Which is Based on the Testing Branch of Debian (Bullseye)

          SparkyLinux Team is pleased to announce the 1st snapshot of the new (semi-)rolling line of SparkyLinux 2019.08 on 02nd Aug, 2019.

          This release is based on the testing branch of Debian “Bullseye” and codenamed “Po Tolo”.

          Sparky is offering rolling line only to amd64/x86_64 machines, this was alrady communicated in the previous update.

          Sparky rolling 32 bit is fully supported so if you have it, simply keep it up to date.

        • Review: Resilient Linux, PrimeOS and BlueLight

          The first project on my experimental list is Resilient Linux. Resilient is based on Debian 9 “Stretch” and is designed to run with the operating system on a read-only partition. A second partition, referred to as the persistence partition, includes system updates and user data. This arrangement offers a few benefits. One is that we can backup the entire system by taking a snapshot or archive of the persistence partition. Another is that attackers cannot directly corrupt or compromise the main operating system partition since they cannot write to it. Finally, it should be very easy to restore or transfer an existing system by installing Resilient and then copying the persistence partition to the new operating system.

          The Resilient website reports that the persistence partition can be encrypted for additional security and the distribution is available in Desktop and Server editions. At the moment, Resilient is available for 64-bit computers (x86_64) only. The distribution’s Desktop edition is available as a 3.2GB Zip file, which unpacks to a 4.3GB image file.

          I tried booting off the image file and, each time, the system began to boot and then dropped me to an initramfs prompt. After trying a few different boot options, I had to admit defeat. While Resilient is not working for me yet, I think the idea of a read-only operating system partition makes sense. It sounds similar to openSUSE’s Transactional Server or Fedora’s Silverblue operating system, but with a Debian base. I am hoping the next release runs for me so I can give this concept a try.

        • Thorsten Alteholz: My Debian Activities in July 2019

          After the release of Buster I could start with real work in NEW again. Even the temperature could not hinder me to reject something. So this month I accepted 279 packages and rejected 15. The overall number of packages that got accepted was 308.

        • Emmanuel Kasper: Debian 9 -> 10 Ugrade report

          I upgraded my laptop and VPS to Debian 10, as usual in Debian everything worked out of the box, the necessary daemons restarted without problems.


          I was a bit unsure at first, as I thought I would need to fight my way through the nine different config files of the dokuwiki debian package in /etc/dokuwiki

          However the issue was not so complicated: as the apache2 php module was disabled, apache2 was outputting the source code of dokuwiki instead of executing it. As you see, I don’t php that often.

        • Bits from the [Debian] Stable Release Managers
          The Stable Release Managers, with the support of the rest of the
          Release Team, are responsible for updates to the stable release (and
          oldstable while that suite is also being supported by the Security
          Team), via point releases and the stable-updates mechanism [STABLE-
          You can see the current status of proposed updates to stable via our
          BTS pseudo-package [BTS] and our tracking website. [QUEUE-VIEWER]
          First 'buster' point release
          The first point release for Debian 10 has been scheduled for 7th
          September 2019. That is slightly later after buster's initial release 
          than we would normally aim for, but an earlier date has proved
          difficult with DebConf and holidays.
          A point release for 'stretch', Debian 9.10, will also take place on the
          same day.
          Following the release of 10.1, we will continue to aim for stable point
          releases on an approximately two-month basis, and oldstable every three
          to four months.
          As always, the first update to a new release is very busy, so we ask
          for your patience if you are still awaiting a reply to an upload
          request. It may be that an update to your package is deferred to a
          later point release purely from a workload perspective; more serious or
          more urgent fixes will be prioritised.
          Uploads to a supported stable release should target their suite name in
          the changelog, i.e. 'buster' or 'stretch'. You should normally use
          reportbug and the release.debian.org pseudo-package to send a *source*
          debdiff, rationale and associated bug numbers to the Stable Release
          Managers, and await a request to upload or further information.
          If you are confident that the upload will be accepted without changes,
          please feel free to upload at the same time as filing the
          release.debian.org bug. However if you are new to the process, we would
          recommend getting approval before uploading so you get a chance to see
          if your expectations align with ours.
          Either way, there must be an accompanying bug for tracking, and your
          upload must comply with the acceptance criteria below.
          Update criteria
          Here's a reminder of our usual criteria for accepting fixes. These are
          designed to help the process be as smooth and frustration-free as
          possible for both you and us.
             * The bug you want to fix in stable must be fixed in unstable
               already (and not waiting in NEW or the delayed queue)
             * The bug should be of severity "important" or higher
             * Bug meta-data - particularly affected versions - must be
               up to date
             * Fixes must be minimal and relevant and include a sufficiently
               detailed changelog entry
             * A source debdiff of the proposed change must be included
               in your request (not just the raw patches or "a debdiff
               can be found at $URL")
             * The proposed package must have a correct version number
               (e.g. ...+deb10u1 for buster or +deb9u1 for stretch) and you
               should be able to explain what testing it has had
             * The update must be built in an (old)stable environment or chroot
             * Fixes for security issues should be co-ordinated with the
               Security Team, unless they have explicitly stated that they
               will not issue an DSA for the bug (e.g. via a "no-dsa" marker
               in the Security Tracker) [SECURITY-TRACKER]
          Please don't post a message on the debian-release mailing list and
          expect it not to get lost - there must be a bug report against
          We make extensive use of usertags to sort and manage requests, so
          unless you particularly enjoy crafting bug meta-data, reportbug is
          generally the best way of generating your request. Incorrectly tagged
          reports may take longer to be noticed and processed.
          for the SRMs
        • Debian 10.1 Expected For Release In One Month

          Debian 10.1 along with Debian 9.10 are expected to be released on 7 September.

          Debian 10 “Buster” debuted at the start of July while the first point release is expected the weekend of 7 September, for those that generally wait for the first stable update before migrating to a new series. This slower turnaround time for issuing the first point release is attributed to DebConf 19 and holidays complicating the release process.

      • Canonical/Ubuntu Family

        • Linux Mint 19.2 “Tina” Released: Here’s What’s New and How to Get it

          Recently, the Linux Mint team announced the release of Linux Mint 19 Cinnamon with significant improvements and feature additions. I’ll show you some of the main features of the new release and how to upgrade to it.

          What matters the most is that Linux Mint 19.2 is also a Long Term Support release which will be supported till 2023. The new version includes updated software and lot of improvements along with added features.

          What are the key highlights among the added features? Let us take a look.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Open Source Is Good, but How Can It Do Good?

        The big advantage of helping out with these projects is that an individual free software programmer’s contribution might be limited in absolute terms, and yet provide a relatively massive boost because the number of people helping out is small.

        Finally, it’s worth noting that there is another, rather novel way of trying to make the world a better place using open source, albeit indirectly, by means of its infrastructure. A group of tech activists recently issued a call for action using GitHub, asking for “digital protesters” to post a prepared message to Palantir’s GitHub boards. The action was in response to allegations that Palantir’s software has been used to help deport families of migrant children at the Mexican border. The idea was to draw attention to the issue, and to persuade the company to change.

        Nor is this the only example of people turning to GitHub to flag social problems and push for solutions. In China, a group of coders set up the GitHub repository called 996.ICU. The name refers to the punishing work culture in many digital companies in China, where coders are expected to work from 9am to 9pm, six days a week—”996″. As for the ICU part, it refers to the Intensive Care Unit where people may end up if they don’t break free of the 996 culture. One of the ways the group hopes to fight 996 culture is by using the “Anti 996″ License. It’s a permissive software license in most respects, but its key element is that it requires users of code released under the license to “strictly comply with all applicable laws, regulations, rules and standards of the jurisdiction relating to labor and employment”.

        That goes against the generally accepted requirement that free software must be freely available for anyone—including companies that try to impose a 996 culture on their workers. But, it’s undeniably a clever idea. It’s just one of ways programmers are going beyond doing good coding with open source, and using it to do good.

      • Open Source in 2019

        The freedoms and rights attached to free and open source software bring a number of key benefits for users.

        The first, and most-often cited of those benefits is cost. Access to the source code is basically free as in beer. Thanks to the English language, this created interesting confusion in the mass-market as to what the “free” in “free software” actually meant. You can totally sell “free software” — this is generally done by adding freedoms or bundling services beyond what F/OSS itself mandates (and not by removing freedoms, as some recently would like you to think).

        If the cost benefit has proven more significant as open source evolved, it’s not because users are less and less willing to pay for software or computing. It’s due to the more and more ubiquitous nature of computing. As software eats the world, the traditional software pay-per-seat models are getting less and less adapted to how users work, and they create extra friction in a world where everyone competes on speed.

        As an engineer, I think that today, cost is a scapegoat benefit. What matters more to users is actually availability. With open source software, there is no barrier to trying out the software with all of its functionality. You don’t have to ask anyone for permission (or enter any contractual relationship) to evaluate the software for future use, to experiment with it, or just to have fun with it. And once you are ready to jump in, there is no friction in transitioning from experimentation to production.

        As an executive, I consider sustainability to be an even more significant benefit. When an organization makes the choice of deploying software, it does not want to left without maintenance, just because the vendor decides to drop support for the software you run, or just because the vendor goes bankrupt. The source code being available for anyone to modify means you are not relying on a single vendor for long-term maintenance.

        Having a multi-vendor space is also a great way to avoid lock-in. When your business grows a dependency on software, the cost of switching to another solution can get very high. You find yourself on the vulnerable side of maintenance deals. Being able to rely on a market of vendors providing maintenance and services is a much more sustainable way of consuming software.

      • SaaS/Back End

        • Cloudera: The Truth Is Out There

          Reilly’s leaving has more to do with the execution and timing of the strategy and how two major revisions to estimates were made with no clue as to why other than what the Street speculated. I believe management realized, after the fourth-quarter 2019 release and before the first-quarter 2020 release and conference call, that they were caught between a rock and a hard place as they needed to change the estimates going forward. On the one hand full disclosure of the open source model change could have caused competing forces to swoop in and take existing business away. On the other hand, massive lawsuits would almost be for certain as the stock collapsed based on another major revision. In any event, it is what it is.

      • CMS


        • GCC 9.2 Release Candidate available from gcc.gnu.org
          The first release candidate for GCC 9.2 is available from
          and shortly its mirrors.  It has been generated from SVN revision 274111.
          I have so far bootstrapped and tested the release candidate on
          x86_64-linux and i686-linux.  Please test it and report any issues to
          If all goes well, I'd like to release 9.2 on Monday, August 12th.
        • GCC 9.2 Available For Testing With Tuned AMD Zen 2 Support Back-Ported

          The GNU Compiler Collection 9.2 release should be out next Monday while until then a release candidate was issued today for testing.

          GCC 9.2 offers various bug fixes back-ported to the GCC 9 branch since the inaugural stable release earlier this year, GCC 9.1.

      • Openness/Sharing/Collaboration

        • Open Access/Content

          • Digital Textbooks Are Forcing a Radical Shift in Higher Ed

            FOR SEVERAL DECADES, textbook publishers followed the same basic model: Pitch a hefty tome of knowledge to faculty for inclusion in lesson plans; charge students an equally hefty sum; revise and update its content as needed every few years. Repeat. But the last several years have seen a shift at colleges and universities—one that has more recently turned tectonic.

            In a way, the evolution of the textbook has mirrored that in every other industry. Ownership has given way to rentals, and analog to digital. Within the broad strokes of that transition, though, lie divergent ideas about not just what learning should look like in the 21st century but how affordable to make it.

        • Open Hardware/Modding

          • Touchpad, Interrupted

            For two years I’ve been driving myself crazy trying to figure out the source of a driver problem on OpenBSD: interrupts never arrived for certain touchpad devices. A couple weeks ago, I put out a public plea asking for help in case any non-OpenBSD developers recognized the problem, but while debugging an unrelated issue over the weekend, I finally solved it.

            It’s been a long journey and it’s a technical tale, but here it is.

      • Programming/Development

        • Top 10 Machine learning Libraries for Python

          You have come here to use Machine Learning(ML) . Have you considered carefully what for? When you pick a Machine Learning Library, you need to start with how you are going to use it. Even if you are just interested in learning, you should consider where Machine Learning is used and which is closest to your main interest. You should also consider if you want to focus on getting something going on your local machine or if you are interested in spreading your computing over many servers.

          In the beginning, start by making something work.

        • Customize the compilation process with Clang: Optimization options

          When using C++, developers generally aim to keep a high level of abstraction without sacrificing performance. That’s the famous motto “costless abstractions.” Yet the C++ language actually doesn’t give a lot of guarantees to developers in terms of performance. You can have the guarantee of copy-elision or compile-time evaluation, but key optimizations like inlining, unrolling, constant propagation or, dare I say, tail call elimination are subject to the goodwill of the standard’s best friend: the compiler.

          This article focuses on the Clang compiler and the various flags it offers to customize the compilation process. I’ve tried to keep this from being a boring list, and it certainly is not an exhaustive one.

          This write-up is an expanded version of the talk “Merci le Compilo” given at CPPP on June 15, 2019.

        • Akamai Threat Research: Phishing and Credential Stuffing Attacks Remain Top Threat to Financial Services Organizations and Customers

          Akamai’s findings revealed that 94% of observed attacks against the financial services sector came from one of four methods: SQL Injection (SQLi), Local File Inclusion (LFI), Cross-Site Scripting (XSS), and OGNL Java Injection (which accounted for more than 8 million attempts during this reporting period). OGNL Java Injection, made famous due to the Apache Struts vulnerability, continues to be used by attackers years after patches have been issued.

        • [GNOME] GSoC: Things I’ve been doing and what I learned until now

          The second month of Google Summer of Code passed quickly. Last weeks I’ve been working on my markers code. My early implementation, while functional, needed a lot of cleaning, refactoring and refining to fit into Pitivi. Mathieu Duponchell and Alexandru Băluț have been guiding me through this process.

          In GES I expanded the GESMarkerList with new signals, writed new tests and changed some unusual structures for others more usual in GES.

          In Pitivi I added a new module with the markers logic, ‘markers.py’. Roughly speaking, now we have the class MarkersBox, which is a GTK.EventBox containing a GESMarkerList and a GTK.Layout to put on markers. The class Marker is also a GTK.EventBox, so we have a widget for every GESMarker, which allows to move, remove and select markers. The class MarkerPopover brings a popover menu to edit metadata in every marker. I also implemented undo and redo actions.

          The process of rewriting a lot of my previous code has been hard and challenging. I knew that my original code wasn’t clear or optimized but I wasn’t sure how to exactly improve it. It implied to learn and apply some concepts which wasn’t clear to me. While hard work it felt as a rewarding and foundamental learning.

        • PyCon Australia 2019

          PyCon Australia 2019 was, surprisingly, my first Australian Python Convention. It was also the first Python Convention I’ve attended purely as a spectator. I didn’t contribute officially and was just there to learn and meet people.

        • How Working At GitLab Changed My Life: Priyanka Sharma

          Priyanka Sharma is the Director of Technical Evangelism at GitLab. She had started her own company when she met the founder of GitLab. She was so impressed with the culture of GitLab that she decided to join the company. In this interview, Sharma shared her journey and also talked about what makes GitLab an ideal place for open source developers to work at.

        • LLVM 8.0.1 Release
          LLVM 8.0.1 is now available! Download it now, or read the release notes.
          This release contains bug-fixes for the LLVM 8.0.0 release. This
          release is API and ABI compatible with 8.0.0.
          LLVM 8.0.1 would not be possible without the help of our volunteer
          release team! Thanks to all the release testers:
          Dimitry Andric, Hans Wennborg, Yvan Roux, Sylvestre Ledru, 
          Michał Górny, Bernhard Rosenkraenzer, Brian Cain
          Also, a big thanks to everyone else who helped identify critical bugs,
          track down bug-fixes, and resolve merge conflicts.
          If you have questions or comments about this release, please contact
          the LLVMdev mailing list!
          LLVM 8.0.0 Release Announcement:
        • LLVM 8.0.1 Released With Bug Fixes

          We are hopefully only a few weeks away from seeing LLVM 9.0 at the end of August or early September, but for those making use of LLVM 8.0 today there is now LLVM 8.0.1 along with associated updates like Clang 8.0.1. The v8.0.1 update just incorporates various fixes back-ported to its code-base from March.

  • Leftovers

    • Science

      • The maths equation that tried to stump the [Internet]

        More generally, the conventional order of operations is to evaluate expressions in parentheses first. Then you deal with any exponents. Next come multiplication and division, which, as I said, are considered to have equal priority, with ambiguities dispelled by working from left to right. Finally come addition and subtraction, which are also of equal priority, with ambiguities broken again by working from left to right.

    • Hardware

      • Analysing WPA3′s Dragonfly Handshake

        April 2019 — Modern Wi-Fi networks use WPA2 to protect transmitted data. However, because WPA2 is more than 14 years old, the Wi-Fi Alliance recently announced the new and more secure WPA3 protocol. One of the supposed advantages of WPA3 is that, thanks to its underlying Dragonfly handshake, it’s near impossible to crack the password of a network. Unfortunately, we found that even with WPA3, an attacker within range of a victim can still recover the password. If the victim uses no extra protection such as HTTPS, this allows an attacker to steal sensitive information such as passwords and emails. We hope our disclosure motivates vendors to mitigate our attacks before WPA3 becomes widespread.

      • “IBM PC Compatible”: how adversarial interoperability saved PCs from monopolization

        Adversarial interoperability is what happens when someone makes a new product or service that works with a dominant product or service, against the wishes of the dominant business.

        Though there are examples of adversarial interoperability going back to early phonograms and even before, the computer industry has always especially relied on adversarial interoperability to keep markets competitive and innovative. This used to be especially true for personal computers.

        From 1969 to 1982, IBM was locked in battle with the US Department of Justice over whether it had a monopoly over mainframe computers; but even before the DOJ dropped the suit in 1982, the computing market had moved on, with mainframes dwindling in importance and personal computers rising to take their place.

        The PC revolution owes much to Intel’s 8080 chip, a cheap processor that originally found a market in embedded controllers but eventually became the basis for early personal computers, often built by hobbyists. As Intel progressed to 16-bit chips like the 8086 and 8088, multiple manufacturers entered the market, creating a whole ecosystem of Intel-based personal computers.

        In theory, all of these computers could run MS-DOS, the Microsoft operating system adapted from 86-DOS, which it acquired from Seattle Computer Products, but, in practice, getting MS-DOS to run on a given computer required quite a bit of tweaking, thanks to differences in controllers and other components.

    • Health/Nutrition

      • Urban or Rural, the U.S. Drug Crisis Is an Equal-Opportunity Killer

        For the study, researchers with the Centers for Disease Control and Prevention’s National Center for Health Statistics used cause-of-death data and a deceased person’s county of residence to determine that the age-adjusted rate of drug overdose deaths grew significantly in both urban and rural areas from 1999 to 2017.

        In urban counties, the rate grew from 6.4 to 22.0 per 100,000 standard population, while rural counties saw a surge from 4.0 to 20.0 during the same period. Over the entire time frame, the type of county with the highest rate of fatal overdoses flipped back and forth.

      • [Old] OSEHRA 2019 Summit in Washington to Examine Next Steps for Open Health

        The second day of the Summit will feature 30 sessions and roundtable discussions. The sessions will feature a demonstration by the Substance Abuse and Mental Health Service Agency (SAMHSA) of their state-of-the-art open source software package, Omnibus Care Plan (OCP). Additional sessions will feature leading-edge topics including the Synthetic Patient Data project, Open Source Ecosystems, Open Source APIs and Standards, Machine Learning and Analytics, Imaging and Analytics, and Innovation with VistA.

    • Security (Confidentiality/Integrity/Availability)

      • The false sense of security

        The main reason for this mindset could be the omnipresent focus on technology when it comes to information security. However, as discussed in other articles, technology is only a small subset of information security.

        In the following, we present three reasons for a false sense of security when it comes to configuring technology to make it “more secure”.

      • Capital One Hack Exposes Personal Information of About 106 Million

        Capital One Financial Corp. was notified by a third party on July 19 that their data had appeared on the code-hosting site GitHub, which is owned by Microsoft. The McLean, Virginia, company says it immediately notified the FBI.

      • Capital One systems breached by Seattle woman, U.S. says

        While the complaint doesn’t identify the cloud provider that stored the allegedly stolen data, the charging papers mention information stored in S3, a reference to Simple Storage Service, Amazon Web Services’ popular data storage software.

        An AWS spokesman confirmed that the company’s cloud had stored the Capital One data that was stolen, and said it wasn’t accessed through a breach or vulnerability in AWS systems. Prosecutors alleged that the access to the bank data came through a misconfigured firewall protecting one of its applications.

      • Linux 5.2.6
      • Linux 4.19.64
      • Linux 4.14.136
      • Linux 4.9.187
      • Linux 4.4.187
      • Security updates for Monday

        Security updates have been issued by Debian (proftpd-dfsg and vim), Fedora (java-11-openjdk and matrix-synapse), Gentoo (binutils and libpng), Mageia (kernel), and SUSE (openexr and python-Django).

    • Defence/Aggression

      • Terrorists turn to female suicide bombers in new trend

        Previously it was thought widely that women were primarily recruited by Al-Shabaab as brides for fighters and were meant to cook and clean in the militants’ camps.

        However more women are now assuming greater roles in active combat, intelligence gathering, planning, coordination, and execution of attacks, according to the intelligence report.

        The new trend of Al-Shabaab recruiting an alarmingly high number of women into their rank and file is mainly because women are less lily to raise suspicious when undertaking terror activities.

      • India to revoke special constitutional status for disputed Kashmir

        Interior Minister Amit Shah told members of the upper house of parliament that the government has decided to repeal a law that gives special status to the Himalayan region of Jammu and Kashmir by presidential order.

        Shah said that the government has also decided to split the state into two union territories – Jammu and Kashmir, which will have a legislature, and Ladakh, which will be ruled directly by the central government without a legislature of its own.

      • India to revoke special status for Kashmir

        India’s government has said it plans to revoke the part of the constitution that gives Indian-administered Kashmir special privileges.

        Article 370, which grants it significant autonomy, is sensitive because it is the basis on which the princely state of Kashmir joined India when it was partitioned in 1947.

      • Why Russia is really sending military advisers and other specialists to Venezuela

        In late June 2019, Venezuela averted another coup. The government also nearly fell in the spring, on April 30, when opposition leader Juan Guaidó declared himself the country’s lawful president and tried to overthrow the acting head of state, Nicolás Maduro. Protesters clashed with police in the streets, hoping for the army’s support, but the soldiers ultimately remained loyal to Maduro. In those days, when the U.S. recognized Guaidó as Venezuela’s sole legitimate president, Moscow sent military advisers to Caracas. To learn more about the exact nature of “Russia’s support for the Maduro regime” (which attracted a great deal of attention abroad), Meduza sought out Russian army and intelligence agency veterans who previously served in Venezuela, and discovered that they mainly guarded Russian business interests, not the local authorities.

      • Iran Won’t Let Itself Be Hemmed in by the U.S. and U.K.

        In late May, the shipping authorities in Panama deregistered Grace 1, an oil tanker carrying two million barrels of Iranian crude oil around the coastline of Africa and into the Mediterranean Sea. Having lost its Panamanian flag, the ship now had to carry an Iranian one.

        It was this deregistration that began a serious provocation. Off the coast of Gibraltar, British Royal Marines seized and impounded Grace 1. The British said that the ship was going toward Syria, a breach of European Union sanctions. Iran denied this.

        Under pressure from the United States, Panama has removed its flag from 59 vessels that are either linked to Iran or Syria. A ship without an international flag cannot buy insurance, which means that it has to almost instantly take on a different flag.

      • NPR Shreds Ethics Handbook to Normalize Regime Change in Venezuela

        The Reagan administration in 1982 coerced National Public Radio (NPR) to cover more favorably the US terrorist war then being waged against Nicaragua.

        As Greg Grandin writes, Otto Reich, head of the administration’s Orwellian propaganda outfit known as the Office of Public Diplomacy, informed the public network that his office had contracted “a special consultant service [to listen] to all NPR programs” on Central America. Dependent on state funding, NPR promptly buckled under pressure, reassigning reporters viewed as “too easy on the Sandinistas,” and hiring conservative pundit Linda Chavez to provide “balance.”

    • Transparency/Investigative Reporting

      • #KamalaHarrisDestroyed debate signals how much we still don’t understand about social media manipulation

        There’s still a lot we don’t understand about misinformation, social media manipulation, and online election interference after the 2016 election. In 2019, that’s becoming increasingly apparent.

      • Moscow police press secretary fined for photos of drug lab that police passed off as photos from Ivan Golunov’s apartment

        Yury Titov, who leads the press service for Moscow’s branch of Russia’s Internal Affairs Ministry, has been disciplined in connection with the case against Meduza correspondent Ivan Golunov, RBC reported.

        Titov and the press service he leads have not yet commented on the disciplinary actions taken against him. They only came to light after Alexander Khaminsky, a former advisor for the Moscow police department, submitted an inquiry to police about their handling of the Golunov case.

      • Ivan Golunov’s attorney refutes reports of criminal charges against police

        Sergey Badamshin, an attorney for Meduza correspondent Ivan Golunov, told Meduza that he has not received any reports of a criminal case against the police who arrested Golunov in early June. Golunov was framed for drug possession and distribution charges before a massive solidarity campaign helped trigger his release.

        Badamshin added that the investigator responsible for the drug case that was opened against Golunov in June denied that any additional cases had been opened in the matter.

      • Putin spokesperson: Kremlin employees have read latest Ivan Golunov investigation on Moscow funeral industry

        The report, which was submitted in draft form hours before Golunov was arrested on fabricated drug charges, exposed corruption and FSB ties in Moscow’s funeral industry

      • WikiLeaks, Julian Assange and Decoding the National Security Commentariat

        The Fourth Estate, that historical unelected grouping of society’s scrutineers, has become something of a rabble, and, as a confederacy of strewn dunces and the ongoing compromised, is ripe for analysis. An essential premise in the work of WikiLeaks was demonstrating, to a good, stone-throwing degree, how media figures and practitioners had been bought by the state or the corporate sector, unwittingly or otherwise. At the very least, the traditionalists had swallowed their reservations and preferred to proclaim, rather unconvincingly, that they were operating with freedom to scrutinise and question, facing down the rebels from the WikiLeaks set.

        The Fourth Estate has, however, been placed on poor gruel and life support. Gone are the days when Bob Woodward and Carl Bernstein ferreted their way through sources and obtaining the material – leaks from confidential sources, no less – that would make them famous and lay the way for the demise of a US President. Such energy is frowned upon these days; the investigative journalist is being treated more as an irritating remnant, a costly undusted fossil. The way for what Nozomi Hayase calls the “Global Fourth Estate” is being well and truly paved as a result.

        The corporate factor in this process is undeniable. The Australian media tycoon and ageing tyrant Rupert Murdoch has proven to be the kiss of death to much decent journalism, though he is by no means the only contributor. As a man who takes pride in directly intervening in the policies and directions of his newspapers, identifying the credible view from the crafty slant is a hard thing. Political and business interests tend to converge in such an empire. Balanced reporting is for the bleeding hearts.

      • The Most Important Article You’ll Never Read? How Western Media Support State Terror, While Millions Die, and How this Article was Killed

        As media theorists, we set out in Spring 2019 to pool our collective expertise into a short and very readable article for the mainstream press about how media treats Western foreign policy.

        As we expected, our efforts were roundly ignored. However, as fate would have it, one leading liberal publication was excited by the project. Our source worked closely with us until deadline day, where it was presented to a senior editor for a final check before printing. And that’s when the real story started.

        Below is our article, in full, and the story of how it was pulled by senior management at the last minute.

        When Noam Chomsky first observed that the United States had attacked South Vietnam, he was upending a particularly tedious case of media conformism from that era, namely that the West was fighting Communists in the North to defend Saigon. However, the young professor was spectacularly right. By the end of the war, two thirds of US bombs – twice the total tonnage detonated in World War II – had fallen on the South.

        The leading military historian, Bernard Fall – who believed in the US presence there – said at the time that ‘Vietnam as a cultural and historic entity… is threatened with extinction… [as] the countryside literally dies under the blows of the largest military machine ever unleashed on an area of this size.’ Yet, as Chomsky argued, mainstream media opinion saw US actions in Vietnam either ‘as a “noble cause” that could have been won with more dedication,’ or, on the other side of the political spectrum, the critics spoke of ‘“a mistake” that proved too costly’.

        The war consumed everything like a vortex: Vietnam; Cambodia; Laos; even Bernard Fall himself was killed by a landmine.

      • In Crisis of Democracy, We Must All Become Julian Assange

        The US government’s indictment against WikiLeaks founder Julian Assange marked the worst attack on press freedom in modern history. Assange has been charged with 18 counts, including 17 violations of the Espionage Act. James Goodale, former general counsel of The New York Times, who urged the paper to publish the Pentagon Papers during the Nixon administration noted, “If the government succeeds with the trial against Assange, if any, that will mean that it’s criminalized the news gathering process.”

        On June 12, UK Home Secretary Sajid Javid signed the extradition papers. Assange’s hearing is now set to begin next February. He is currently being held in London’s Belmarsh high security prison for what amounts to a politically motivated, 50-week sentence given by a judge for violating bail conditions in 2012 while attempting to obtain political asylum in Ecuador against the threat of extradition to the US.

        Nils Melzer, the UN Special Rapporteur on Torture visited Assange with two medical experts and assessed that Assange has been subjected to prolonged psychological torture by the US government and its allies for nearly a decade, and warned about his serious physical deterioration. While this multi-award winning journalist who published truthful information in the public interest about the US government, is in jail, the British government (that has been a key player in this political persecution) recently held a Global Conference for Media Freedom.

        Despite its stated mission of protecting the safety and rights of journalists, the conference failed to address the degrading and inhumane treatment of Assange and the US government’s prosecution of the publisher that could set a dangerous precedent for press freedom. This total hypocrisy was best shown by the fact that this gathering was hosted by UK Foreign Secretary Jeremy Hunt who, last month, told US TV that he would happily extradite Assange to Trump’s America where former CIA officer John Kiriakou indicated that he would receive no fair trial and face life imprisonment.

      • Assange and His Wiki Wicked leaks

        “But all the same,” insisted the Savage, “it is natural to believe in God when you’re alone—quite alone, in the night, thinking about death…”

        “But people never are alone now,” said Mustapha Mond. “We make them hate solitude; and we arrange their lives so that it’s almost impossible for them ever to have it.” Brave New World (17.31-3)

        There’ll come a time when you’ve gone too far with your thinking. You’ve crossed the Imaginot line. Which is to say, à la Descartes, that you’ve gone too far with your being. Cogito ergo sum. A knock comes on your door. You open to find an agent of information (AI) say, “We have so much information on you. Please, follow me. We need to blow out your candles. Have your cake and eat it too. A long convalescence. Some adjustments and renewal.” They’re not asking and God help anyone who tries to stop them.

        Amazon, Google, Facebook. Recorded Future, predictions of what you’ll do. MyActvity, the copious details of where you’ve been, what you’ve done, and implicitly what you’ve thought.. Algorithms up the yinyang. Fused databases, a life’s postings of “thoughts”. Cogitos you cannot defend. Offenses “Made” on the run, arbitrary, charges bespoken, tailored to your presumed needs. You’ve always been a criminal — like, say, Trevor Noah — but never knew until the fascists came to collect you. To blow your mind to kingdom come. And reset to factory default.

        As in Aldous Huxley’s Brave New World, it’ll be the Savages who want to be left alone, off the grid, who appreciate the value of privacy, who will be targeted, breaking as they do from the conditioning required by late metastatic Techno-Capitalism breaking real bad. In an information age your cogito is the final frontier for economic growth, your thoughts mere commodities. Settled into Soma, you’ll soon be swimming with the endolphins and feeling new porpoise, but the reality is that the sharks are swimming all around you in algorithmic circles. Only a savage would want to be free.

    • Environment

      • Should Rivers Have Same Legal Rights As Humans? A Growing Number Of Voices Say Yes

        Traditionally, nature has been subject to a Western-conceived legal regime of property-based ownership, says Monti Aguirre with the environmental group International Rivers.

        “That means … an owner has the right to modify their features, their natural features, or to destroy them all at will,” Aguirre says.

        The idea of environmental personhood turns that paradigm on its head by recognizing that nature has rights and that those rights should be enforced by a court of law. It’s a philosophical idea, says Aguirre, with indigenous communities leading the charge.

      • Greenland’s ice wasn’t expected to melt like this until 2070

        Mass losses from Greenland this past week were already approaching levels not expected until 2070 based on the best available models. It is still too early to tell if the ice losses for the summer will exceed the losses in 2012, but it is clear that the Greenland ice sheet is rapidly responding to climate change, even faster than many scientists expected. These rapid changes point to the necessity for action on climate change and for improved observing systems to monitor the ice sheet.

      • Energy

        • Saudi Oil Chief Reaffirms Commitment To Output Cuts During Russia Visit

          Saudi Arabia and other OPEC members in early July reached an agreement with other major oil-producing nations, including Russia, to extend production cuts into next year amid concerns over weaker global growth.

        • How NAFTA Killed the Green New Deal

          In a fundamental way, the 2020 election will be about unfinished business. The neoliberal order that emerged from the 1970s remained viable until 2008. Since then it has retained legitimacy in the centers of power, due no doubt to the highly stratified economic outcomes it produces. However, its social logic was never evident in the hinterlands. This distance reframed the adversarial posture of the political parties as an insider’s game that is largely unrelated to the public interest.

          Oddly, or perhaps not, the Democrats deemed most likely to unseat Donald Trump have the policies most like his. Joe Biden is a racially challenged neoliberal operator with a long history of toadying to corporate interests. The irony, to the extent the term fits, is that the less distinct the candidates’ policies are from Mr. Trump’s, the less motivation there is to unseat him. By implication, the centrist Democrats assert that Mr. Trump is a legitimate president.

          The emergent left has the ideas and the programs, but no real entre into the political process. Outside of large-scale political unrest that seems unlikely at present, there isn’t a snowball’s chance in hell that the left’s programs will be enacted through official channels. What appears to be widely misunderstood is why this is the case. On the one hand, the programs are in the public interest. And when they are presented fairly, they are wildly popular.

        • Report: ‘No Evidence That Fracking Can Operate Without Threatening Public Health’

          In 2010 when I first started writing about hydraulic fracturing — the process of blasting a cocktail of water and chemicals into shale to release trapped hydrocarbons — there were more questions than answers about environmental and public-health threats. That same year Josh Fox’s documentary Gasland, which featured tap water bursting into flames, grabbed the public’s attention. Suddenly the term fracking — little known outside the oil and gas industry — became common parlance.

          In the following years I visited with people in frontline communities — those living in the gas patches and oilfields, along pipeline paths and beside compressor stations. Many were already woozy from the fumes or worried their drinking water was making them sick. When people asked me if they should leave their homes, it was hard to know what to say; there weren’t many peer-reviewed studies to understand how fracking was affecting public health.

          Those days are over.

          In June the nonprofits Physicians for Social Responsibility and Concerned Health Professionals of New York released the sixth edition of a compendium that summarizes more than 1,700 scientific reports, peer-reviewed studies and investigative journalism reports about the threats to the climate and public health from fracking.

          The research has been piling up for years, and the verdict is clear, the authors conclude: Fracking isn’t safe, and heaps of regulations won’t help (not that they’re coming, anyway).

          “Across a wide range of parameters, from air and water pollution to radioactivity to social disruption to greenhouse gas emissions, the data continue to reveal a plethora of recurring problems and harms that cannot be sufficiently averted through regulatory frameworks,” write the eight public health professionals, mostly doctors and scientists, who compiled the compendium. “There is no evidence that fracking can operate without threatening public health directly and without imperiling climate stability upon which public health depends.”

          The research collected and summarized is wide-ranging and includes the harms not just from drilling and fracking, but the long tail of the process, including compressor stations and pipelines, silica sand mining, natural-gas storage, natural-gas power plants, and the manufacturing and transport of liquefied natural gas.

      • Wildlife/Nature

        • Animals adapt to climate heat, but too slowly

          German scientists have an answer to the great question of species survival: can animals adapt to climate change? The answer, based on close analysis of 10,000 studies, is a simple one. They may be able to adapt, but not fast enough.

          The question is a serious one. Earth is home to many millions of species that have evolved – and adapted or gone extinct – with successive dramatic shifts in climate over the last 500 million years.

          The rapid heating of the planet in a climate emergency driven by profligate fossil fuel use threatens a measurable shift in climate conditions and is in any case coincident with what looks like the beginning of a mass extinction that could match any recorded in the rocks of the Permian, or other extinctions linked with global climate change.

    • Finance

      • The trick that makes you overspend

        Psychologists still debate the exact reasons for this particular effect, but one idea is that the comparison with the decoy offers us an easy justification for an otherwise arbitrary decision. If you were to compare just A and B, it’s hard to know exactly how to appraise the trade-offs between cost and waiting time – how much money is 90 minutes’ extra wait really worth? But if one option is obviously better than the decoy – Flight C – on one of those measures, you have a ready-made reason to explain your preference.

        These patterns of behaviour have been observed for many different kinds of goods – from beer to TVs, cars and houses: an unattractive third option changes people’s preferences between the two other possibilities.

    • AstroTurf/Lobbying/Politics

      • While You Were Offline: Mitch McConnell Got a New Nickname

        McConnell then made the mistake of letting it be known that he didn’t like the nickname, thereby ensuring that it would stick around probably forever. It’s almost as if he wasn’t bullied in high school, or else he’d know better.

      • In the World of Truth and Fact, Russiagate is Dead. In the World of the Political Establishment, it is Still the New 42

        Douglas Adams famously suggested that the answer to life, the universe and everything is 42. In the world of the political elite, the answer is Russiagate. What has caused the electorate to turn on the political elite, to defeat Hillary and to rush to Brexit? Why, the evil Russians, of course, are behind it all.

        It was the Russians who hacked the DNC and published Hillary’s emails, thus causing her to lose the election because… the Russians, dammit, who cares what was in the emails? It was the Russians. It is the Russians who are behind Wikileaks,and Julian Assange is a Putin agent (as is that evil Craig Murray). It was the Russians who swayed the 1,300,000,000 dollar Presidential election campaign result with 100,000 dollars worth of Facebook advertising. It was the evil Russians who once did a dodgy trade deal with Aaron Banks then did something improbable with Cambridge Analytica that hypnotised people en masse via Facebook into supporting Brexit.

        All of this is known to be true by every Blairite, every Clintonite, by the BBC, by CNN, by the Guardian, the New York Times and the Washington Post. “The Russians did it” is the article of faith for the political elite who cannot understand why the electorate rejected the triangulated “consensus” the elite constructed and sold to us, where the filthy rich get ever richer and the rest of us have falling incomes, low employment rights and scanty welfare benefits. You don’t like that system? You have been hypnotised and misled by evil Russian trolls and hackers.

        Except virtually none of this is true. Mueller’s inability to defend in person his deeply flawed report took a certain amount of steam out of the blame Russia campaign. But what should have killed off “Russiagate” forever is the judgement of Judge John G Koetl of the Federal District Court of New York.

        In a lawsuit brought by the Democratic National Committee against Russia and against Wikileaks, and against inter alia Donald Trump Jr, Jared Kushner, Paul Manafort and Julian Assange, for the first time the claims of collusion between Trump and Russia were subjected to actual scrutiny in a court of law. And Judge Koetl concluded that, quite simply, the claims made as the basis of Russiagate are insufficient to even warrant a hearing.

      • 40% of Scottish Labour Voters Support Independence

        The headline from the major new Ashcroft poll of Scottish public opinion is that Independence now has 52-48 majority support, and that is excellent news. Ashcroft himself is a Machiavellian Tory but his polling effort involves much larger samples than regular newspaper polls and has a generally good record. For me, the most interesting point in his new Scottish poll is that fully 40% of Scottish Labour voters in 2017 now support Independence.

        This has important repercussions. The Labour leadership will no longer be able to portray Independence as beyond the pale for decent thinking people, or to portray Scottish nationalism as akin to Viktor Orban, without alienating a huge swathe of its own support. It certainly ought, at the very least, to encourage the Labour Party in supporting the Scottish people’s right to a new referendum, against Tory attempts to block it.

        But it also has ramifications for how the SNP and wider Yes movement conduct ourselves, particularly online. Nationalists must stop automatically writing off Labour supporters as unionists. There remains a Blairite rump still powerful in Scottish Labour who are rightfully despised, but we need more readily to acknowledge how much we have in common with a great many ordinary members of the Labour Party, both in terms of supporting Independence and in terms of the more socially inclusive Scottish state we wish to build.

    • Censorship/Free Speech

      • China and the Difficulties of Dissent

        It is important to understand that China is a fascist dictatorship. The term “fascist” is now thrown around with such carelessness that it has lost most of its meaning outside the offices of a few historians or political science professors. But fascism, in its original early twentieth century incarnation, meant a political system defined by three attributes—authoritarianism, ethnonationalism, and an economic model in which capitalism co-existed with large state-directed industries and partnerships between the government and corporations.

        China is an ethnonationalist, corporatist, authoritarian state. The government harasses, imprisons, or murders those who demand the right to vote. It engages in cultural genocide and seeks to make the Chinese dictatorship ideologically inseparable from the self-image of the Chinese people. It protects its domestic economy from foreign competition, subsidises all its important industries, mandates that government officials sit on the boards of all large companies, and does not allow independent labour unions. Despite the use of the word “communist” in both the name of the state and the name of its ruling elite, China is fascist. The label of communism is now merely a historical anomaly, relevant only to the extent that totalitarianism remains an underlying principle, the source code of a regime that has likely killed more people than any other in history.

    • Privacy/Surveillance

      • Facebook hit with new questions over Cambridge Analytica

        Facebook has maintained that it first became aware of Cambridge Analytica’s illegal harvesting of user data in December of 2015, when The Guardian first reported it.

        But internal emails from Facebook employees, first described in a lawsuit from the attorney general for Washington, D.C. in March, show that Cambridge Analytica had been flagged within the company as early as September 2015 over suspicions that it had been “scraping” Facebook data in violation of the platform’s policies.

      • Honey trapping job? Pakistan’s ‘military owned’ media house looks for ‘females’ to ‘attract and communicate’ on Social Media

        When checked, the official website of Fatima Jinnah Women’s University indeed has this unique job opening posted on their official page.

        There are two aspects of this job posting that are interesting.

        1. That Pakistani Army owns a media house

        2. They want a ‘female’ Social Media Specialist to ‘attract and interact’ with ‘targeted virtual communities’ and ‘network users’.

      • ‘The Great Hack’ Shows How Facebook Got Your Number

        When filmmaker Jehane Noujaim and producer Karim Amer made “The Square,” their Oscar-nominated documentary about the 2012 Arab Spring uprising in Cairo’s Tahrir Square, part of their focus was on the power of social media in organizing a virtual public square that unified protesters and enabled free speech. Six years later, their new film, “The Great Hack,” finds the social media public square becoming a public sewer, where vitriol and lies are coin of the realm. Exhibit No. 1 is the sordid saga of Cambridge Analytica, the controversial consulting firm that used unauthorized personal data gleaned from Facebook.

        “Cambridge Analytica was practicing voter suppression, different kinds of methods of manipulating the population of these different countries in the Third World and then bringing it back to the U.S. and the U.K. in order to influence those populations,” Amer, the film’s co-director, told Truthdig.

        “Facebook should be seen as being part of the largest corporate negligence case in American history,” he said. “The leak of Facebook data of 100 million-plus users—we don’t see it, so we don’t feel it, but what’s happening in the psy-ops world is a new era of colonization. He or she that collects the most up-to-date data on the most people on the planet and shows the ability to influence their behavior, wins.”

      • Records Show Palantir Made $60 Million Contracting with ICE for Mobile App

        Palantir, the secretive data company founded by billionaire Trump surrogate and well-known Silicon Valley techno-goblin Peter Thiel, has come under fire in recent months for its work with Immigrations and Customs Enforcement (ICE) and other government agencies involved in implementing Trump’s racist anti-immigrant policies. Protests organized both from within the tech community and from immigrants’ rights organizations have highlighted the essential role that Palantir plays in keeping the wheels of ICE raids turning.

        A critical July 2019 exposé from WNYC based on documents obtained via FOIA request shows how Palantir’s proprietary software, in this case the FALCON mobile app, is essential to the removal operations of ICE and related agencies. As WNYC explained, “FALCON mobile allows agents in the field to search through a fusion of law enforcement databases that include information on people’s immigration histories, family relationships, and past border crossings.”

        But while the information contained in the WNYC story, as well as reporting from other news outlets, is important for what it reveals about how Palantir collaborates with the deportation machine, we have not yet had the financial side of the Palantir-ICE relationship come into focus. Until now.

        CounterPunch has learned that since 2016, Palantir has made more than $60 million in contract awards from ICE for access to FALCON and for Operations & Maintenance (O&M) for the mobile application. This, of course, is solely for FALCON and related services, and likely just scratches the surface of the true scope of Palantir’s profits from collaboration with ICE, to say nothing of Palantir’s lucrative relations with other government agencies such as CIA, DoD, etc.

    • Civil Rights/Policing

      • All You Need is Hate

        Bruno Sammartino, Killer Kowalski, Professor Tanaka, The Fabulous Moolah, The Sheik, Haystacks Calhoun, Chief Jay Strongbow, Ivan Koloff “The Russian Bear,” Billy Graham, Colonel Ninotchka, and The Progressive Liberal. Turnbuckle nose jobs, sleeper holds, flying splats, head chairs, an occasional Curley Shuffle, tag-team terror, caged grudge, and emcee Vince McMahon. Hatred never had so much fun wrestling with Truth. Until Now. Entering the ring, none other than WWE Hall of Defamer, the one, the only, Donald J. Trump, aka Saint Grobian, champion of the deplorables, who “schlonged” Hillary Clinton, and is feared for his legendary hold, The Pussy Snatch.

        According to Rolling Stone staff writer Matt Taibbi, this is the state of affairs in national politics today — a Spectacle of bizarre performers flipping each other in the public arena, to the titillation of the rabid masses, like some scene from the classic movie, A Face in the Crowd. They are divided Left and Right, polarized bears wrassling over baby seal meat on the world’s last floe, united by their choreographed hatred for each other. The End of the World as Reality TV. Great ratings. Matt Taibbi calls it all Hate Inc. — his new book.

        Rachel Maddow and Sean Hannity face off on the cover of Hate Inc. Loud Democrats versus Loud Republicans. Of the two, Taibbi takes issue with Maddow more because he sees her as “smart, quick, and funny,” and should know better than to slog the slimey end of Trump and Russiagate the way she has. Meanwhile, “The Sean Hannity Show is an uncomplicated gruel of resentment, vituperation and doomsaying,” writes Taibbi. Both adhere, to varying degrees, to what Taibbi calls The Ten Rules of Hate, which include notions like, “There are only two ideas,” “Root, don’t think,” “No switching teams,” “The other side is literally Hitler,” and in fighting that other side everything is permitted. For Taibbi, they are two faces of the coin of the fucked-up Realm.

        We’ve been at the bread and circuses so long in America that it’s now difficult to conjure up the sad, but heady, days of catharsis that followed Dick Nixon’s TV resignation in 1974. Goodbye to ‘dirty tricks’ and, soon enough, the Apocalypse Then of Vietnam.


        The Russian disappointment aside, Taibbi locates the beginning of the corruption of good, solid journalism in the aftermath of the Vietnam War. Far from seeing the end in Nam as a military loss, let alone a moral loss, American war hawks came away angry that ruptures in the narrative — Daniel Ellsberg’s Pentagon Papers, Sy Hersh’s My Lai account — had undermined and betrayed the so-called Noble Cause. “The post-Vietnam story blamed an ‘excess of democracy’ for the loss,” writes Taibbi, “especially in the media: loserific criticism of our prospects for victory undermined the popular resolve to keep fighting a winnable war.”

      • Oklahoma Victims Compensation Program Disproportionately Denies Funds for Black Victims

        Data shows that Black victims are often denied compensation for the very same crimes as committed against white victims, who did receive compensation.
        Tiras Johnson, age 23, was unarmed when he was shot and killed in Tulsa, Oklahoma. His family was devastated by his death, and they were struggling to pay for Tiras’ funeral. Like many victims’ families, Tiras’ mother applied for financial compensation through the Oklahoma Crime Victims Compensation Act in order to cover his funeral costs, but instead received a surprising response in the mail.

        The letter, addressed to Tiras’ mother, Netarsha, explained that her claim was ineligible for funds because of implied contributory conduct — that is, that the incident “appeared to be gang-related” and “[Tiras] exercised poor judgment by choosing to be a gang member.” All compensation was denied. “We extend our condolences for the loss of your loved one,” it read.

        Tiras wasn’t a gang member, for the record, but of far greater importance is that he played no contributory role in his own death. As it turns out, he would be one of many Black victims often denied compensation for the very same crimes as committed against white victims, who did receive compensation.

        The Oklahoma Crime Victims Compensation Act is intended to fairly compensate victims, or their surviving families, for expenses incurred “as a result of the criminal acts of other persons.” Eligibility requirements for receiving funds include the existence of sufficient evidence that the compensation wouldn’t benefit the offender (e.g., in a domestic violence case), that the crime was reported within a specified amount of time, and that the victim was not complicit in the crime (which includes the arbitrary rule that one must not be associated with a gang). The fund is managed by the District Attorneys Council, and claims are approved or denied in each District Attorney’s office. Unfortunately, there is evidence to suggest that these eligibility requirements are not applied equally to Black and white victims and their families.

    • Internet Policy/Net Neutrality

      • Verizon’s New ‘Unlimited’ Data Plans Still Have Very Real, Problematic Limits

        Back in 2007, Verizon was forced to strike an agreement with the New York State Attorney General for marketing data plans as “unlimited” when the plans had very clear limits. Twelve years later and it’s not clear the company has learned much of anything.

        The latest case in point: Verizon this week once again revamped the company’s not really “unlimited” data plans, and they once again come with some very real limits. For example the company’s entry level “unlimited” plan still bans HD video entirely, throttling everything to 480p, then forcing you to pay extra should you want to view a video stream as its originator intended.


        It’s fairly impressive that twelve years after Verizon was dinged for not understanding the definition of unlimited — and after fifteen years of net neutrality debates — some people still don’t see the terrible precedent these kinds of pricing plans set. Letting ISPs impose arbitrary restrictions, then charge you more money to get around them, isn’t a model that’s going to be great for innovators over the longer haul. And with the triple punch of regulatory capture at the FCC, the death of net neutrality, and looming consolidation/competition erosion courtesy of the Sprint T-Mobile merger, there’s a whole lot more of this sort of thing over the horizon.

    • Monopolies

      • Patents and Software Patents

        • ChargePoint, Inc. v. SemaConnect, Inc. (Fed. Cir. 2019)

          On July 23, 2019, the Federal Circuit denied ChargePoint’s request for panel rehearing and en banc review of its March 28, 2019 decision rendering four ChargePoint patents invalid under 35 U.S.C. § 101. Since we did not review this case when the panel decision came down, and because the case subsequently garnered attention as being one of the more problematic § 101 decisions of late, today we provide a review and some perspective of the substantive issues at hand.

          ChargePoint sued SemaConnect in the District of Maryland, asserting infringement of U.S. Patent Nos. 8,138,715, 8,432,131, 8,450,967, and 7,956,570. All four patents share the same specification. SemaConnect moved for dismissal under Rule 12(b)(6) on the grounds that the patents failed to meet the eligibility requirements of § 101. The District Court sided with SemaConnect. ChargePoint appealed.

          2014′s Alice Corp. vs. CLS Bank Int’l Supreme Court case set forth a two-part test to determine whether claims are eligible for patenting under § 101. One must first decide whether the claim at hand involves a judicially-excluded law of nature, a natural phenomenon, or an abstract idea. If so, then one must further decide whether any element or combination of elements in the claim is sufficient to ensure that the claim amounts to significantly more than the judicial exclusion. But elements or combinations of elements that are well-understood, routine, and conventional will not lift the claim over the § 101 hurdle. While this inquiry is generally carried out as a matter of law, factual issues can come into play when determining whether something is well-understood, routine, and conventional.

      • Trademarks

        • Confusing a Stylized H

          This case stems from an opposition action filed by Hybrid against Hylete’s mark that is pending registration. The senior mark Hybrid is associated with two cross-fit style gyms in Connecticut (flipping tires and carrying boulders). Hylete sells athletic apparel. During the opposition though, Hybrid provided evidence of use of its mark on athletic apparel as well.


          On appeal to the Federal Circuit, Hylete argued that Hybrid’s common law mark was different than the registered mark. Namely, the common law mark is a composite that includes the trio shown above: (1) a stylized-H along with (2) the words “HYBRID ATHLETICS” and (3) a series of dots. Hylete argued on appeal that the TTAB erred by failing to compare its mark with the whole of Hybrid’s usage.

          Although this sounds like a potentially winning technical argument, the Federal Circuit refused to rule on the question — holding instead that the distinctions being raised here were new arguments “never raised before the Board and are therefore waived.”

      • Copyrights

        • Jury awards Joyful Noise $2.8M in copyright infringement damages for Katy Perry’s Dark Horse

          Previously, this Kat reported on a case against singer Katy Perry of her song “Dark Horse”, brought by Marcus Gray (Flame) who claimed that his song “Joyful Noise” had been copied. Back in August 2018, the Court denied Perry’s motion for summary judgement and the case proceeded to trial.

          After a seven-day trial, in the US District Court of California, a federal jury of nine, found all of the songwriters including Katy Perry, the producers and all the corporations that released and distributed the songs liable for copyright infringement on 29th July 2019.

        • The CJEU Pelham decision: only recognizable samples as acts of reproduction?

          It also noted that these referrals had at least three things in common: they all concerned (to a greater or lesser extent) the interplay between copyright and fundamental rights; the same Advocate General (AG Szpunar) had delivered an Opinion in all the cases; and they were decided by the Court in a Grand Chamber composition (15 judges, instead of the usual chambers of 3 or 5 judges). Now that the decisions are available, there is a fourth element of identity between them, and that is that they also share the same Judge Rapporteur (Judge Ilešič).

          Let’s get started with the first judgment, the one concerning sampling of musical content: Pelham, C-476/17 (also known as the Metall auf Metall case).

Damage Control Mode: Satya Nadella Fleeing Lundgren After Realising What Microsoft Had Done

Posted in Microsoft at 3:02 am by Dr. Roy Schestowitz


Microsoft’s Declaration of War on Recyclers

The Legal Aftermath

Pending review and research

Barry Dorrans (Microsoft employee) bragging about legal clout on Twitter just two days ago: “Who has better lawyers? Capital One or Microsoft?” –Barry Dorrans (@blowdart) August 3, 2019

Remember who Bill Gates was born to (his father and his law firm)

Summary: Microsoft’s sole way to defend itself from the person whom it unjustly sent to prison is to run away, even emptying entire buildings for a whole day (to avoid confronting the actual issues)

THE management at Microsoft wouldn’t be wrong to assume that it is virtually above the law. As we noted last month, nobody was arrested after Microsoft had bribed — something the company does all around the world, typically with complete impunity (if not de facto immunity, too).

To Microsoft, Eric Lundgren is ‘nobody’; they know they can play him like a dry leaf on an old tree. Sometimes, however, things get a little more intense, especially when the media gets involved. In future parts we’ll show how Microsoft threatened the media (for ‘daring’ to share Lundgren’s story and tell his side of the story).

Today we tell a story which, as far as we’re aware, nobody covered before.

“The day before I went to prison,” Lundgren told me, “I stopped by Microsoft’s HQ [headquarter] asking to speak to Satya Nadella (CEO)…”

“The day before I went to prison I stopped by Microsoft’s HQ [headquarter] asking to speak to Satya Nadella (CEO)…”
      –Eric Lundgren
I responded by clarifying that “he’s not their boss. Gates is. Gates can fire him any time” (he has by far the most clout in the Board).

We’ve clarified this point here many times before; Nadella is relatively young for this role and we believe he’s in it mostly for the “new Microsoft” delusion (same policies, new faces). He’s used for their perception management strategy. Moreover, Microsoft has a serious intolerance and racism issue. That’s a fact and they are aware of it, there are many lawsuits from employees about it. Nadella is terrible at speaking (not the accent but the substance; see for example Microsoft CEO Satya Nadella: women, don’t ask for a raise”) and he’s easier for the Board to ‘control’.

But anyway, back to Lundgren’s story, he actually went to meet Nadella. “I happened to be with a Netflix film-crew and instead of bringing him down,” he told me, “they evacuated the building. Literally everyone left out the back and guards manned the elevators. It’s all on film.

“I looked outside and sure enough — all the cars in the HQ Parking lot were gone.”
      –Eric Lundgren
“You heard it here first.”

Maybe an exclusive for us, but that’s not what’s important.

“So,” he continued: “When I asked the guards, “I am here to see MSFT CEO” they replied, “Well — As you can see outside, I think he is enjoying the sunny weather”…

“I looked outside and sure enough — all the cars in the HQ Parking lot were gone.”

I told him “it would be a PR disaster if he spoke” (because what Microsoft had done was indefensible).

Lundgren recalled: “I then asked, “Do you know who I am?” and he said, “You’re Clifford Eric Lundgren and you just dropped off petitions at our other campus”… So then I said, “Well.. I don’t care — I’ll wait to speak to Satya Nadella for as long as it takes…”

“The guard replied, “Sir, we know you don’t have a lot of time left.. You may want to spend it with your family.”

“The last 13 months of my life were hell and the (3) years leading up to it.. I really hope good can come from all this.”
      –Eric Lundgren
“He was right too.. I was scheduled to self-surrender the very next day.”

So that’s the story about how Microsoft’s CEO responded to this PR disaster — one of Microsoft’s own making.

“The last 13 months of my life were hell,” Lundgren told me, “and the (3) years leading up to it.. I really hope good can come from all this. My plan is to keep fighting eWaste and helping people. I just need to be smarter at how I go about doing so.”

Microsoft has a lot of lawyers and PR agencies. They even edit Wikipedia and they can defame Lundgren with impunity (as they do; wait for future parts). They can control the media, e.g. by retaliating against publishers (taking away “access”, not buying ads anymore, ending relationships with a company like Netflix etc.)

In fact, “when I published EPO leaks,” I told Lundgren, “the EPO started silencing media companies in Europe” (often by paying them and threatening them). It’s not just a theory; we have documented facts that prove this. In the above case, think along the lines of, “if you cover Eric blah blah… we will stop buying ads etc.” (ads are reverse-bribe-type media leverage and we have internal Microsoft documents showing how they do it and plan it). But that’s a subject for another part and another day.

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources




Samba logo

We support

End software patents


GNU project


EFF bloggers

Comcast is Blocktastic? SavetheInternet.com

Recent Posts