Guest Post: Enough is Enough!

Posted in EFF, Free/Libre Software, Microsoft at 11:16 pm by Dr. Roy Schestowitz

By figosdev


Not even two weeks ago, Techrights founder Roy Schestowitz said:

“I have been writing for many years about threats to Linux and more recently I focused on threats to Git (development processes, centralisation, censorship etc.) as well. I think we’re now at a critical point.”

And I agree. The FSF has settled into focusing too much on matters of licensing, even as they dabble with other important issues such as the “cloud” (clowncomputing) and hardware that respects your freedom. I’m concerned that long term — years from now — the FSF will shift its focus towards being a hardware standard almost exclusively; as the software ecosystem moves further and further from the GPL and the FSF needs a way to justify itself to sponsors and members alike.

“…as the software ecosystem moves further and further from the GPL and the FSF needs a way to justify itself to sponsors and members alike.”If software becomes almost completely controlled by monopolies again, the FSF won’t have any serious influence over software anymore and thus like Mozilla since Eich left, its real mission will be defunct. But their RYF campaign is both important and about something you can rarely get for free, so the FSF can focus on something meaningful and commercial; even while it backs away from its primary mission of fighting for software freedom.

For years, half a decade even — people have complained about the threat that systemd poses to freedom. It is designed to consolidate power into the hands of a single corporation. Microsoft outlined 20 years ago that to compete with Open source, they would need to target “a process, not a company.” With systemd hosted on Github, they can now do both.

The FSF recognised the threat of code being on Github even before Microsoft owned it — now that Microsoft hosts (controls) the code used in the FSF’s most popular fully-free operating systems, they continue to ignore the problems that systemd brings to the table:

- It reduces the security of every GNU/Linux distro that adopts it (it already won a Pwnie.)

- It divides the communities that adopt it (quite deliberately, but let’s blame every critic, and give a divisive project a limitless benefit of the doubt.)

- It reduces the modularity in every distro that adopts it, which reduces the user’s freedom.

“Microsoft outlined 20 years ago that to compete with Open source, they would need to target “a process, not a company.” With systemd hosted on Github, they can now do both.”The FSF in the past has talked about backdoors that Microsoft puts in their own products, but it won’t talk about how systemd is hosted on servers owned by Microsoft (and that this is one more reason people shouldn’t use systemd) and it doesn’t acknowledge that Microsoft can now add backdoors to systemd (and every distro that uses it) themselves. Do you trust Microsoft to run secure servers, when they deliberately compromise their own operating system?

And what people are waiting for is a concrete example of this grand f***-up in the making, and all we have are smaller examples for now, but those are ignored year after year. Meanwhile, various major problems that the FSF has acknowledged in the past continue to cluster around the software weapon formerly known as an init system, and the FSF doesn’t dare speak against it or advise people to even question it.

I’ve said for well over a year, that systemd is not the only problem — just the biggest so far. Google has its own anti-POSIX weapon, which it is a little more honest about being a way to crush POSIX itself, in the long-standing Microsoftian tradition of “de-commoditising protocols.”

POSIX more than anything, is what the free software ecosystem has in common. Sure, there are many exceptions. But POSIX is the biggest rule even if implementation is incomplete, and attacking it is a great way to win the war against free software.

Finally, these attacks are not just against the core of most operating systems. Thankfully, along with their aging flagships Trisquel and GnewSense, FSF is at least welcoming Hyperbola– the most free FSF distro of all time, and GuixSD — what will probably become the most customisable FSF distro of all time. In the long run these may help a lot, but for now, Trisquel continues to destroy itself.

There are additional problems of infiltration of non-profits, which the FSF will not talk about. There are additional problems of degradation of software quality and security, followed up with denial and inappropriate claims of “FUD.”

There are shills in the tech press, as many as ever before, misleading the public that the FSF will not talk about. And one of the best weapons these shills have, is the facts about what is happening to the quality and reliability of free software. systemd critics have warned about those for years, only for it to fall on deaf ears.

“Do you trust Microsoft to run secure servers, when they deliberately compromise their own operating system?”The facts matter — always. While some of the points raised by shills in the media are accurate, others actually deserve to be called “FUD.” The FUD about VLC is a great example — they tried to paint VLC as insecure, but left out that the vulnerability was actually in a 3rd-party library. That’s FUD if I ever heard it, and FUD is an age-old weapon used by Microsoft to fight competitors.

The problem with KDE however, is a fine example of the sort of design problems that we used to make fun of Windows for. It turns out, some designs are so terrible that they don’t just compromise the security of non-free software — quite a few bad security practices work on multiple platforms, including FLOSS platforms, and some designs count as bad security practices themselves.

As with systemd, Windows cared far more about new features than security or good design. Their constant design compromises and lack of care dragged security and privacy into crisis, with really awful technologies like ActiveX, Office macros, Hidden extensions that let people fake safe-to-open document types that were actually executables — you think you’re opening a file in notepad but it’s actually malware — users could improve security just by turning off “Hide known file extensions” but that one stupid feature alone caused how much damage?

When you bring these historically terrible designs from Windows to GNU/Linux, they don’t get better. Sure, they are more likely to get patched after the damage is done — and that’s an advantage over non-free software. So is freedom, of course! Ben Mako Hill wrote “When Free Software Isn’t Better” in 2010, and all of the points are valid — but so is the fact that people are making free software WORSE.

That’s a real threat to the free software ecosystem, and the FSF refuses to talk about it. They prefer denial and compartmentalisation.

The FSF ignores free software advocates when they talk about systemd making free software worse — they ignore other people working to make free software worse — they ignore the infiltration of Microsoft employees into highly relevant organisations like the Linux Foundation, who control a trademark that the FSF uses on a daily basis.

“Because we made fun of Windows for all of these things, many of us got into free software as a way to get away from all these terrible designs.”And the war against free software continues, with KDE adding the equivalent of autorun.inf behaviour (another of those terrible Windows designs) to its software.

As with macros, non-executable formats should never, ever execute code unless the user runs them and knows they’re running them. OFF is the only secure default for such features. Windows made all sorts of exceptions to good practices along these lines, while other problems like buffer overflow vulnerabilities are more about bugs in code than terrible design (perhaps there is some small overlap.)

But terrible designs are terrible designs, and at a minimum these features should be turned off. The motives of paid/bribed shills disclosing vulnerabilities is relevant, but do not change facts — when dangerously stupid designs are exposed, it’s alright — even a good idea — to note the motives of shills, but it’s also still relevant that the designs are stupid and dangerous.

Because we made fun of Windows for all of these things, many of us got into free software as a way to get away from all these terrible designs. The people working on free software were avoiding these pitfalls, because their priorities did not put really dumb features over general safety. Modern free software developers are increasingly of the wrong priority set, and we are already experiencing the results.

Every bad design idea brought in needs to be heavily mitigated, preferably avoided whenever reasonable, and above all not simply denied when pointed out.

Either “outsiders” are attacking the quality of well-established free software products, or “insiders” are attacking the projects themselves — which one it is doesn’t matter as much as the fact that software we rely in is being degraded and made less reliable, harder to control, harder to secure, and harder to get away from — in an awful trend lasting for at least half a decade now.

All of these things are problems for free software, and as with any bad war — the denial only extends the ability of the people responsible to do more damage.

By all means, if you want to suffer more, then say nothing! Or better yet, deny the facts. But don’t do so and expect people to be able to offer something better, or even good to people that want freedom.

“Questions are not dealt with honestly, goals are compromised and critics are abused.”I can’t think of a single distro to recommend right now, because too many of the people who cluster around the only distro I’ve loved to use in 5 years are COMPLETE dicks. I’m not going to subject innocent people trying free software for the first time to that. Questions are not dealt with honestly, goals are compromised and critics are abused.

Things are not just critical — we are actually losing now, more than we were a few years ago. GNU/Linux reached its height in 2014, and it’s been largely downhill ever since.

“GNU/Linux reached its height in 2014, and it’s been largely downhill ever since.”I’m VERY grateful to the people working hard to fix this, including the Hyperbola team. Everybody else, needs to figure out whether they prefer to march this thing forwards, or backwards. It’s gone backwards for half a decade — perhaps it’s time to re-consult the map?

Don’t wait another five years, we’ve already lost those to the people actively trying to destroy our ecosystem. Now is the best possible time to turn around and start winning again — but only if we stay honest. If we can’t be honest about it, any victory will be hollow, fake and pointless. The history of free software is so much better than this, and it should be again.

Links 8/8/2019: Xfce Settings 4.13.8, Lars Knoll on Qt 6, VLC Fights Back Against FUD War on FOSS

Posted in News Roundup at 10:54 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Server

      • Issue #2019.08.05 ? Kubeflow 0.6 Release

        Kubeflow v0.6: support for artifact tracking, data versioning & multi-user – version 0.6 includes several enterprise features to support multiple users and better model training pipelines. For multiple users, Kubeflow v0.6 provides a flexible architecture for user isolation and single sign-on. For data, enhancements have been added to Kubeflow Pipelines and jupyter. In total, over 250+ merged pull requests!

      • State Of Cloud Native Landscape : Sysdig Founder Loris Degioanni

        In this Takeaway segment, Loris Degioanni, founder and CTO of Sysdig, talks about the evolution and state of cloud-native world.

      • Kubernetes Orchestrates Name Change For Mesosphere, It’s Called D2IQ Now

        Mesosphere, one of the earliest players to offer container orchestration platform, is re-tuning its focus with the name change. The company is now called D2iQ.

      • Mesosphere Becomes D2IQ, Moves Into Kubernetes, Big Data

        The jargonized new name means “Day 2 IQ,” with Day 2 being a DevOps term that refers to the operations part of the software development lifecycle and with IQ equating to “smart.”

      • My Favorite Infrastructure

        Working at a startup has many pros and cons, but one of the main benefits over a traditional established company is that a startup often gives you an opportunity to build a completely new infrastructure from the ground up. When you work on a new project at an established company, you typically have to account for legacy systems and design choices that were made for you, often before you even got to the company. But at a startup, you often are presented with a truly blank slate: no pre-existing infrastructure and no existing design choices to factor in.

        Brand-new, from-scratch infrastructure is a particularly appealing prospect if you are at a systems architect level. One of the distinctions between a senior-level systems administrator and architect level is that you have been operating at a senior level long enough that you have managed a number of different high-level projects personally and have seen which approaches work and which approaches don’t. When you are at this level, it’s very exciting to be able to build a brand-new infrastructure from scratch according to all of the lessons you’ve learned from past efforts without having to support any legacy infrastructure.

      • IBM

        • Red Hat Enterprise Linux 7.7 Released with Live Kernel Patching, Improvements

          Red Hat Enterprise Linux 7.7 is here nine months after the release of Red Hat Enterprise Linux 7.6 as the last maintenance and security update in the series to add one more layer of stability and reliability to the Red Hat Enterprise Linux 7 operating system series, which Red Hat promises to keep alive for a few more years, but without releasing additional maintenance updates. As such, Red Hat Enterprise Linux 7.7 will be supported for two years, until August 30th, 2021.

          “As the hybrid cloud takes hold as a preferred production environment for mission-critical workloads, maintaining stability and consistency across all IT footprints is key. With Red Hat Enterprise Linux 7.7, we show our continued commitment to the 10-year Red Hat Enterprise Linux lifecycle while also introducing key new features, like image builder and Red Hat Insights, to help IT organizations get the most from their existing Red Hat Enterprise Linux 7 investments,” said Stefanie Chiras, vice president and general manager, Red Hat Enterprise Linux, Red Hat.

        • Integration overload? Global systems integrators can help

          Harnessing the power of emerging technologies like artificial intelligence, machine learning and big data analytics to make smarter business decisions and improve customer experiences?

          Sure, that sounds great. It will, however, require that you make some complex technology decisions that work for your unique business needs.

    • Audiocasts/Shows

      • FLOSS Weekly 541: Hack-a-day

        Hackaday is a website that promotes the free and open exchange of ideas and information. Besides the articles that the website publishes, it also has hardware development community called Hackaday.io where you can discover, create, collaborate, and get feedback on your projects.

      • mintCast 314 – Moss Interview (for real)

        I started playing with Linux in the early 2000s, I got Slackware and Red Hat disks but was too timid to look up all the information on all my cards. I finally got Mandrake to run, and it was fun but was not ready to replace all the things I did. Mandrake had a numerical upgrade, which would not work on my computer. Then I tried SuSE (just before OpenSUSE started), and it ran. But it was strictly niche at that point. My next-door neighbor played with things and eventually had two Windows boxes, a homemade Hackintosh, and a Fedora box, all networked; years later, he passed and bequeathed all those computers to me. When XP users were being pushed to 7, I moved to Ubuntu Gnome. When Ubuntu moved to Unity, that would not run on my computer, and I went back to Win7. I had some Win 8/8.1 computers but got over that, and went back to 7. Then when they tried to force me to Win 10, I tried it, saw all the open holes, found I couldn’t close all the security holes, went back to 7, and found most of the holes were left open. So I installed Linux Mint 17 and have not gone back. Linux has grown substantially in the last 15 years, and is now, in my opinion, a better system than Windows.

    • Kernel Space

      • I Never Had a Machine With More Than 2GB of RAM. But Phoronix Portrays GNU/Linux as Sucking on Memory Management.

        GNU/Linux is handling reasonably well a complete system with 2GB of RAM (or less). Super-bloated applications is where things start getting trickier.

      • Linux Foundation

      • AMD and NVIDIA

        • AMD EPYC 7002 Series Unveiled With Primed Linux Support & Strong Server Performance

          One month ago today we were talking about the AMD Ryzen 3000 series processor and new Radeon RX 5700 series graphics cards, all manufactured on TSMC’s 7nm process. Today, for 7th August, the embargo has now lifted and we are talking about something arguably more exciting, or at least the ability to more profoundly impact an industry (data centers): AMD’s EPYC 7002 series is ready and their line-up and ultimately the resulting performance is the most exciting and competitive we have seen ever out of AMD in the server space.

        • AMD EPYC 7502 + EPYC 7742 Linux Performance Benchmarks

          Now that you have read our AMD EPYC “Rome” 7002 series overview, here is a look at the initial performance benchmarks from our testing over the past few weeks. This testing focused on the new AMD EPYC 7502 and EPYC 7742 processors in both single (1P) and dual (2P) socket configurations using AMD’s Daytona server reference platform. Tests were done on Ubuntu Linux and compared to previous AMD EPYC processors as well as Intel Xeon Scalable.

        • AMD Submits Navi 12/14 & Arcturus GPU Support Code For Linux 5.4 Kernel Queue

          AMD sent in their initial pull request of feature changes to their AMDGPU Direct Rendering Manager graphics driver to begin queuing in DRM-Next for September’s kick off the Linux 5.4 kernel cycle. Notable to this batch of AMDGPU DRM-Next work is a lot of new unreleased GPU support.

          Unlike where the Navi 10 support landed in the mainline kernel after the AMD product launches, Navi 12 and Navi 14 GPU support is now ready to go and will be sitting in DRM-Next until the Linux 5.4 cycle begins. Of course, AMD could end up releasing Navi 12/14 products prior to Linux 5.4 stable going out as stable around November, but at least this support is available. We’ve also already seen Navi 12/14 happenings go on within the user-space OpenGL/Vulkan drivers and related code.

        • RADV Driver Plumbs Navi Support For Performance-Improving DCC On Storage Images

          Another set of patches was merged on Tuesday for the upcoming Mesa 19.2 to further along its Radeon “Navi” support within the RADV Vulkan driver.

          Following a series of patches, Mesa 19.2′s RADV driver has experimental support for delta color compression (DCC) on storage images. Storage images within Vulkan are for operations on image memory from within shaders bound to pipelines. RADV has added the new code for the architecture improvements with Navi for handling DCC on storage images where as previously it was unsupported.

        • NVIDIA Starts Publishing GPU Hardware Documentation To Help Open-Source Drivers

          Today is a wild one for open-source/Linux users. Let’s begin with the unexpected news: NVIDIA is releasing more GPU hardware documentation at long last! Yes, freely-available hardware interface documentation to assist in the development of the open-source NVIDIA Linux driver (Nouveau).

        • NVIDIA have released some GPU documentation on GitHub

          Someone check the weather in hell, as NVIDIA seem to be opening themselves up a bit more with the release of some GPU documentation.

    • Benchmarks

      • Initial Benchmarks Of The Spectre “SWAPGS” Mitigation Performance Impact

        Yesterday the SWAPGS vulnerability was made public as a new variant of Spectre V1 that affects all operating systems and is believed to affect only Intel CPUs. The SWAPGS discovery by Bitdefender was quietly mitigated by Microsoft for Windows 10 last month while yesterday the patches were posted for the mainline Linux kernel as the Grand Schemozzle. As soon as learning of this SWAPGS vulnerability and seeing the kernel code, I began running some preliminary performance tests to look at the impact of this latest CPU mitigation.

        Especially with that text, I was quite interested in seeing what the performance is looking like as a result of this latest kernel activity for tightening up the Intel CPU security. This morning I have results wrapped up on an Intel Core i9 9900K processor. SWAPGS or the “Grand Schemozzle” is believed to affect all Intel CPUs from at least Ivybridge through their latest products.

    • Applications

      • ANNOUNCE: gtk-vnc 1.0.0 release

        I’m pleased to announce a new release of GTK-VNC, version 1.0.0.

      • Top 4 Best Blogging Software for Linux in 2019

        In the last few years, blogging has become a popular way of sharing one’s thoughts about almost anything. While people use blogs to express themselves, businesses go with blogging to cement their position as a competent authority in their area of operations. Over the past years, many have taken on blogging as various blogging software makes it as simple and straightforward as possible. Now, you can create a blog site even if you lack technical skills such as coding and web development.

        Today, blogging software is being created for every operating system, not just for Windows and Mac. Since bloggers who want to make themselves heard are using different operating systems, it is essential to help you identify the best blogging software for Linux as well. Here are the top four blogging software for Linux.

      • RV Offsite Backup Update

        I’ve been very pleased with using my RV media center as an offsite backup, and with the addition of a VPN, it’s been even better to have new media while I’m on the road. I just need to find a cost-effective way to keep the Raspberry Pi on and online without racking up a huge cell-phone bill, and then I’ll truly have an always-up-to-date off-site backup. Since my last road trip, I’ve thought of a number of improvements to this setup, so stay tuned for future articles where I’ll describe even more updates.

      • 11 Best Free Linux Astronomical Data Analysis Tools

        Astronomy is a branch of science that deals with the study of celestial objects (including stars, planets, moons, comets, asteroids, meteor showers, nebulae, star clusters, galaxies) and other phenomena such as gamma ray bursts and supernovae.

        Astronomy is particularly well suited to the layperson. It is a wonderful hobby which has almost no age limits, it is open to individuals of all financial means, and there is always the potential for an amateur to discover something that has eluded professional astronomers, or to help monitor stars and track asteroids. Professional astronomers are in a very fortunate profession. They have the opportunity to continue their love of astronomy, travel the world, make significant discoveries, and get paid at the same time.

        Professional astronomers spend far more of their time analyzing data and writing articles than actually observing celestial objects. Amateur astronomers are also keen to analyze the data they have collated. Software that can process and analyze images is therefore essential to astronomers. Fortunately, high performance scientific software has always been a strong area for Linux.

      • FFmpeg 4.2 releases with AV1 decoding support through libdav1d, decoding of HEVC 4:4:4 content and more

        Two days ago, the team behind FFmpeg released their latest version of FFmpeg 4.2, nicknamed “Ada”. This release comes with many new filters, decoders, and demuxers.

        FFmpeg is an open-source project composing software suite of libraries and programs to handle multimedia files. It has cross-platform multimedia framework which is used by various games and applications to record, convert and stream audios and videos. The previous version FFmpeg 4.1 was released last year in November. The FFmpeg team has announced on Twitter that the follow-up point release (4.2.1) will be released in a few weeks.

        FFmpeg 4.2 has a AV1 decoding support through libdav1d. It also supports decoding of HEVC 4:4:4 content in nvdec, cuviddec and vdpau. It has many new filters like tpad, dedot, freezedetect, truehd_core bitstream, anlmdn, maskfun, and more.

    • Instructionals/Technical

    • Games

      • 18th century city-builder “Ostriv” still planning to support Linux

        Ostriv is a game I’ve not heard anything about for quite some time, after initially covering it here on GamingOnLinux back in 2017. It’s heading to Steam Early Access this year!

      • Anodyne 2: Return to Dust confirmed for launch on August 12th, Linux support included

        Anodyne 2: Return to Dust, the standalone followup to Anodyne that doesn’t require you play the original is officially launching with Linux support on August 12th.

      • Tactical action-platformer Gunslugs:Rogue Tactics is out

        Jump, dodge, shoot and hide in the latest game from Orangepixel, the tactical action-platformer Gunslugs:Rogue Tactics is out now.

      • Porting Games To Linux Is A Waste Of Time? This Game Developer Says You’re Doing It Wrong

        It may surprise you to learn, then, that Bearded Giant Games’ latest release on Steam — Space Mercs — has a whopping 35-percent sales share on Linux. Not only is that significantly higher than the norm, but Bacioiu insists his Linux customers make the development process easier.

        What’s going on here?

        I immediately interviewed Bacioiu (who goes by “Zapa” within his community) on my podcast Linux For Everyone after he told me this unusual statistic. I was fascinated with his story.

        Basically, Bacioiu believes there are 2 things the majority of game developers are doing wrong.

        “People say ‘OK I know about Linux so I’ll just do an export in Unity and make a Linux build and that’s it,’” Bacioiu says. “But they don’t do any QA [Quality Assurance testing], and it’s a terrible experience. People are going to ask for refunds, and then your average developer is going to say ‘well Linux isn’t worth my time.’”

        Bacioiu also argues that developing on a Linux platform ensures that your game will have better cross-platform compatibility than developing on Windows.

        “All the middleware that I’m using on Linux is guaranteed to work on Windows, because it’s not relying on DirectX or any Windows-specific things,” he says.

      • Platform Exclusives – A Linux Perspective

        Every time an Epic Store exclusive is announced, the developer/publisher is flooded with messages ranging from dissatisfied to utterly vile. On the latter, just don’t, please. The Ooblets developers have been flooded with racist, misogynistic and otherwise needlessly aggressive comments from the cesspits of the internet. I’m not even sure any of those people had any interest in the game to begin with.

        Some of the ire is justified, however. The word “platform” is used in so many contexts that it’s becoming meaningless, and extending to areas it should probably not. It once was enough to consider your hardware the platform, or your operating system. And generally people are okay-ish with a game that is exclusive to a different platform, like say Nintendo. But now this has extended to the online store you bought something on. Your “platform” is no longer “PC”, or “Windows”, it’s Microsoft Store, or Steam, or Epic Games Store.

        And people more erudite than myself have given many reasons for why this is bad for PC gaming as a whole. But instead of focusing on ideological reasons, allow me to tell you what this means for a Linux gamer. A platform exclusive announcement for a Windows user might mean the difference between buying/playing via the Fortnite Launcher vs. using the Half-Life launcher. For a Linux user this could well mean that any chance of playing the game goes away entirely. And what makes it irksome, is that there’s no good reason for that. It’s all artificial barriers.

      • The Best Command-Line-Only Video Games

        rundown of the biggest, most expansive and impressive games that you can run entirely in your Linux shell.

        The original UNIX operating system was created, in large part, to facilitate porting a video game to a different computer. And, without UNIX, we wouldn’t have Linux, which means we owe the very existence of Linux to…video games.

        It’s crazy, but it’s true.

        With that in mind, and in celebration of all things shell/terminal/command line, I want to introduce some of the best video games that run entirely in a shell—no graphics, just ASCII jumping around the screen.

        And, when I say “best”, I mean the very best—the terminal games that really stand out above the rest.

        Although these games may not be considered to have “modern fancy-pants graphics” (also known as MFPG—it’s a technical term), they are fantastically fun. Some are big, sprawling adventures, and others are smaller time-wasters. Either way, none of them are terribly large (in terms of drive storage space), and they deserve a place on any Linux rig.

      • Screaming Steel: 1914-1918, a WWI total conversion for Day of Infamy has a major update

        If you’re after your next FPS fix, perhaps the Screaming Steel: 1914-1918 mod for Day of Infamy might be worth a look.

      • Dota 2 is going through some big changes to matchmaking

        Valve are attempting to address numerous complaints and issues with the Dota 2 community and matchmaking system, with some experimental changes. These changes have been explained in some detail in their latest update.

        Starting off by giving some reasons for the changes, they said over the next year they will be focusing on all sorts including “intra-team balance, player conduct, new player experience, abusive behaviors, account buying, friend and teamplay aspects, high mmr matchmaking dynamics” and more. Why? They want to make Dota 2 more fun for people playing at any level.

        The first set of major experimental are already up and will last until the end of the season. When the experiment is over, they will be requesting feedback sometime after The International tournament concludes.

      • After a mishap losing code, the dev of Exodemon has recovered some making a Linux build possible

        Exodemon, a fast paced first person shooter that recently released on Steam has an unfortunate history with some code being lost. The good news is some has been recovered and work continues, with a Linux version possible again.

        It release on Steam on August 3rd and it came without the previously confirmed Linux version. I was aware of what happened after chatting to the developer previously, but waited until they said something more public on it.

    • Desktop Environments/WMs

      • Xfce Settings 4.13.8 Released

        As we prepare to release Xfce 4.14, each component is receiving another round of reviews and polish. Xfce Settings 4.13.8 includes a bevy of fixes and translations, and forms a solid foundation for the Xfce desktop.

      • GNOME Desktop/GTK

        • Running GNOME in a Container

          Virtualization has always been a rich man’s game, and more frugal enthusiasts—unable to afford fancy server-class components—often struggle to keep up. Linux provides free high-quality hypervisors, but when you start to throw real workloads at the host, its resources become saturated quickly. No amount of spare RAM shoved into an old Dell desktop is going to remedy this situation. If a properly decked-out host is out of your reach, you might want to consider containers instead.

          Instead of virtualizing an entire computer, containers allow parts of the Linux kernel to be portioned into several pieces. This occurs without the overhead of emulating hardware or running several identical kernels. A full GUI environment, such as GNOME Shell can be launched inside a container, with a little gumption.

          You can accomplish this through namespaces, a feature built in to the Linux kernel. An in-depth look at this feature is beyond the scope of this article, but a brief example sheds light on how these features can create containers. Each kind of namespace segments a different part of the kernel. The PID namespace, for example, prevents processes inside the namespace from seeing other processes running in the kernel. As a result, those processes believe that they are the only ones running on the computer. Each namespace does the same thing for other areas of the kernel as well. The mount namespace isolates the filesystem of the processes inside of it. The network namespace provides a unique network stack to processes running inside of them. The IPC, user, UTS and cgroup namespaces do the same for those areas of the kernel as well. When the seven namespaces are combined, the result is a container: an environment isolated enough to believe it is a freestanding Linux system.

          Container frameworks will abstract the minutia of configuring namespaces away from the user, but each framework has a different emphasis. Docker is the most popular and is designed to run multiple copies of identical containers at scale. LXC/LXD is meant to create containers easily that mimic particular Linux distributions. In fact, earlier versions of LXC included a collection of scripts that created the filesystems of popular distributions. A third option is libvirt’s lxc driver. Contrary to how it may sound, libvirt-lxc does not use LXC/LXD at all. Instead, the libvirt-lxc driver manipulates kernel namespaces directly. libvirt-lxc integrates into other tools within the libvirt suite as well, so the configuration of libvirt-lxc containers resembles those of virtual machines running in other libvirt drivers instead of a native LXC/LXD container. It is easy to learn as a result, even if the branding is confusing.

        • Matthias Clasen: Pango 1.44 wrap-up

          In my last post discussing changes in Pango 1.44, I’ve asked for feedback. We’ve received some, thanks to everybody who reported issues!

          We tried to address some of the fallout in several follow-up releases. I’ll do a 1.44.4 release with the last round of fixes before too long.

          Here is a summary.

    • Distributions

      • Fedora Family

        • Open Position: NeuroFedora is looking for a Spin/Lab master

          Now that we are about a year into the project, we have quite a bit of software ready for users to use.

        • Fedora 30 on Google Compute Engine

          Fedora 30 is my primary operating system for desktops and servers, so I usually try to take it everywhere I go. I was recently doing some benchmarking for kernel compiles on different cloud plaforms and I noticed that Fedora isn’t included in Google Compute Engine’s default list of operating system images.

      • Debian Family

        • RQuantLib 0.4.10: Pure maintenance

          A new version 0.4.10 of RQuantLib just got onto CRAN; a Debian upload will follow in due course.

          QuantLib is a very comprehensice free/open-source library for quantitative finance; RQuantLib connects it to the R environment and language.

          This version does two things related to the new upstream QuantLib release 1.16. First, it updates the Windows build script in two ways: it uses binaries for the brand new 1.16 release as prepapred by Jeroen, and it sets win-builder up for the current and “prospective next version”, also set up by Jeroen. I also updated the Dockerfile used for CI to pick QuantLib 1.16 from Debian’s unstable repo as it is too new to have moved to testing (which the r-base container we build on defaults to). The complete set of changes is listed below:

      • Canonical/Ubuntu Family

        • Linux Mint 19.2 released, here is how to upgrade
        • Canonical set to bring ZFS improvements over the coming Ubuntu cycles

          Canonical has announced that beginning with Ubuntu 19.10, it will begin improving the state of the ZFS file system to make it more practical for desktop users. Ubuntu 19.10 will be the first release with improvements but it’ll be a multi-cycle effort until a time when Canonical feels that it’s production-ready.

          In the first place, Canonical wants to make improvements to Ubuntu’s ZFS support for it to work better on the desktop. In its announcement, the firm said further down the road it’d like to bring it to server releases, presumably when the technology is more mature. Although improvements will be available with Ubuntu 19.10, Canonical warns not to use it on production systems because data may get erased at any time.

        • Ubuntu 19.10 Will Offer Experimental ZFS File System Option

          Have you been itching to know more about Ubuntu’s ZFS file system plans? Well, get ready to stop scratching, ‘cos Canonical has revealed all.

          Now, I know as much about filesystems as I do about world wrestling: that’s to say nothing, other than it can be painful if you’re an amateur. Yet even I’m getting a tiny bit excited by Canonical’s efforts with ZFS.

          The newly announced plan — which I should stress could still go south, but probably won’t, but could, but shouldn’t — is to include an ZFS install option in Ubuntu 19.10, the next short term release due this October.

        • Ubuntu 19.10 to Support ZFS on Root as an Experimental Option in the Installer

          Ubuntu 19.10 (Eoan Ermine) will be the next major release of the popular Ubuntu Linux operating system, and also a testbed for Canonical to implement new features and see if they prove to be useful to the community for upcoming LTS (Long Term Support) releases, such as next year’s Ubuntu 20.04 LTS.

          One of these new features coming to the Ubuntu 19.10 release this fall is an experimental option implemented in the graphical installer to let users create a root file system formatted with the ZFS file system. But Canonical warns users that they should not use it on a production machine.

        • Canonical Confirms Their Experimental ZFS Plans For The Ubuntu 19.10 Desktop
        • Enhancing our ZFS support on Ubuntu 19.10 – an introduction
        • Linux Mint 19.2 “Cinnamon” overview | Sleek, modern, innovative

          In this video, I am going to show an overview of Linux Mint 19.2 “Cinnamon” and some of the applications pre-installed.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Intro to Corteza, an open source alternative to Salesforce

        Corteza is an open source, self-hosted digital work platform for growing an organization’s productivity, enabling its relationships, and protecting its work and the privacy of those involved. The project was developed entirely in the public domain by Crust Technology. It has four core features: customer relationship management, a low-code development platform, messaging, and a unified workspace. This article will also explain how to get started with Corteza on the command line.

      • Events

        • Christopher Allan Webber: ActivityPub Conf 2019 Speakers

          Good news everyone! The speaker list for ActivityPub Conf 2019 is here! (In this document, below, but also in ODT and PDF formats.)

          (Bad news everyone: registration is closed! We’re now at 40 people registered to attend. However, we do aim to be posting recordings of the event afterwards if you couldn’t register in time.)

        • The upcoming Linux-Tech&More event’s [Ed: I don’t think he knows the meaning of the word “event”… ]
      • Productivity Software/LibreOffice/Calligra

        • LibreOffice or FreeOffice? Manjaro Gives You the Right to Choose

          In the last week of July, Manjaro Linux suddenly decided to drop the popular open source productivity suite LibreOffice in favor of Softmaker’s FreeOffice. The decision faced heavy criticism from people who prefer using open source software.

          The Manjaro team listened to the community feedback and modified its decision of including FreeOffice as the default office suite. From next release, users will get the option to choose between FreeOffice and LibreOffice while installing Manjaro Linux.


          Personally, I am glad that Manjaro Linux changed its earlier decision and took a more balanced approach about including the proprietary software.

          There are a few Linux distributions that are determined to include only open source software (like Trisquel) but Manjaro is not one of them. Manjaro Linux is more mainstream and it (seems to) cater to the need of a regular user who would be happy to get his/her work done without going into details of whether or not the software is open source.

      • Education

        • Can toys teach coding to kids?

          On a Christmas morning in the early 2000s, my mom found herself slaving over a freshly unwrapped copy of Lego Mindstorms: Star Wars. The commercials aired on Cartoon Network for months, offering a fantasy that was too appealing for me to pass up: Supposedly, with a sturdy hard drive, an elementary understanding of computer science, and my own recess-honed Lego skills, a 10-year-old like me could construct and program his very own AT-ST mech from The Empire Strikes Back all by himself. With a press of a button, my robot would be able to walk along the kitchen table and swing its head side to side.


          And Robo Wunderkind is just the tip of the iceberg. The Chinese company Makeblock offers several DIY programming kits, including one where children can construct their own drones. With a Bitsbox subscription, every month your kids will receive a new create-an-app adventure.

      • Funding


        • Fundraiser membership drive comes to an end and we all win!

          The Free Software Foundation (FSF) spring fundraiser has come to an end and we would like to thank you for your help in surpassing our ambitious goal of 200 new members in 28 days, and for all the inspirational words of support we’ve received over the past weeks.

      • Licensing/Legal

        • REUSE makes copyright and licensing easier than ever

          The licensing of a software project is critical information. Developers set the terms under which others can reuse their software, from individuals to giant corporations. Authors want to make sure that others adhere to their chosen licenses; potential re-users have to know the license of third-party software before publication; and companies have to ensure license compliance in their products that often build on top of existing projects. The REUSE project, led by the Free Software Foundation Europe (FSFE), helps all of these parties.

          REUSE aims to have all copyright and licensing information stored as close to the source files as possible. This is achieved by directly adding this information to the file in a standardised and machine-readable form. If a file does not support that, a .license file or central DEP-5 configuration file can be used instead. This way, developers can be assured that re-users will not oversee copyright holders and their intended license.

      • Programming/Development

        • Technical vision for Qt 6

          7 years ago, Qt 5 was released. Since then, a lot of things have changed in the world around us, and it is now time to define a vision for a new major version. This blog post captures the most important points that can and should define Qt 6.

          Qt 6 will be a continuation of what we have been doing in the Qt 5 series and should as such not be disruptive to our users. But a new major version will give us a higher degree of freedom to implement new features, functionality and better support the requirements of today and tomorrow than we currently can within the Qt 5 series. As described in more detail below, Qt 6 will aim for a large degree of compatibility with the Qt 5 series. We are also still working on new versions of Qt 5, and we’re aiming to bring some of the features that will define Qt 6 in a slightly reduced form to Qt 5.14 and Qt 5.15 LTS. With the feature freeze of Qt 5.14, more R&D focus will shift towards Qt 6, and we’re aiming to have Qt 6.0 ready for a first release by the end of 2020. Before we dive into all the things that will be new, let’s also remember some of the core values of Qt for our users, to define the things we don’t want to change.

        • Lars Knoll Shares His Technical Vision For The Qt 6 Tool-Kit

          Longtime KDE/Qt developer Lars Knoll (and current CTO of The Qt Company) has shared his technical vision for the upcoming Qt 6 tool-kit.

          Qt 6 development will begin heating up more with the initial Qt 6.0 release expected out by the end of 2020. During some summer holidays, Lars Knoll spent some time thinking about his technical vision for how he would like Qt6 to shape-up in relation to Qt5.

        • Documenting Proper Git Usage

          Jonathan Corbet wrote a document for inclusion in the kernel tree, describing best practices for merging and rebasing git-based kernel repositories. As he put it, it represented workflows that were actually in current use, and it was a living document that hopefully would be added to and corrected over time.

          The inspiration for the document came from noticing how frequently Linus Torvalds was unhappy with how other people—typically subsystem maintainers—handled their git trees.

          It’s interesting to note that before Linus wrote the git tool, branching and merging was virtually unheard of in the Open Source world. In CVS, it was a nightmare horror of leechcraft and broken magic. Other tools were not much better. One of the primary motivations behind git—aside from blazing speed—was, in fact, to make branching and merging trivial operations—and so they have become.

          One of the offshoots of branching and merging, Jonathan wrote, was rebasing—altering the patch history of a local repository. The benefits of rebasing are fantastic. They can make a repository history cleaner and clearer, which in turn can make it easier to track down the patches that introduced a given bug. So rebasing has a direct value to the development process.

        • Experts Attempt to Explain DevOps–and Almost Succeed

          Luckily, I’m in a position to know some pretty doggone smart people who work in DevOps in one way or another. So I reached out to them with a simple challenge:

          “Explain to me what DevOps means. Bonus points for not using any buzz words.”

          What followed were wonderful conversations with four “DevOps experts” during the course of several weeks. To make it all easier to follow for everyone, I’ve taken the key bits of those conversations and edited them together into one semi-real, semi-fictional chat with a singular DevOps expert that is a combination of all four of them.

        • Why fear of failure is a silent DevOps virus
        • Understanding Python’s asyncio

          Earlier this year, I attended PyCon, the international Python conference. One topic, presented at numerous talks and discussed informally in the hallway, was the state of threading in Python—which is, in a nutshell, neither ideal nor as terrible as some critics would argue.

          A related topic that came up repeatedly was that of “asyncio”, a relatively new approach to concurrency in Python. Not only were there formal presentations and informal discussions about asyncio, but a number of people also asked me about courses on the subject.

          I must admit, I was a bit surprised by all the interest. After all, asyncio isn’t a new addition to Python; it’s been around for a few years. And, it doesn’t solve all of the problems associated with threads. Plus, it can be confusing for many people to get started with it.

        • This Week in Rust 298
        • Building C++ modules, take N+1

          Modules were voted in C++20 some time ago. They are meant to be a replacement for #include statements to increase build speeds and to also isolate translation units so, for example, macros defined in one file do not affect the contents of another file. There are three major different compilers and each of them has their own prototype implementation available (GCC documentation, Clang documentation, VS documentation).

          As you would expect, all of these implementations are wildly different and, in the grand C++ tradition, byzantinely complicated. None of them also have a really good solution to the biggest problem of C++ modules, namely that of dependency tracking. A slightly simplified but mostly accurate description of the problem goes like this:

  • Leftovers

    • Nobel laureate Toni Morrison dead at 88

      Few authors rose in such rapid, spectacular style. She was nearly 40 when her first novel, “The Bluest Eye,” was published. By her early 60s, after just six novels, she had become the first black woman to receive the Nobel literature prize, praised in 1993 by the Swedish academy for her “visionary force” and for her delving into “language itself, a language she wants to liberate” from categories of black and white. In 2019. She was featured in an acclaimed documentary, “Toni Morrison: The Pieces I Am.”

    • Breaking Things Takes Time

      The Georgia Association of Broadcasters notes that another Emergency Alert System test will be taking place on August 7th. Another communications law-related site notes that the test will be unique. Unlike prior tests this will be restricted to radio and television broadcasters and will be confined to testing the ability to pass the message down the chain from the Primary Entry Point stations. The closest entry point stations to me would be AM broadcast band stations WTAM and KDKA.

      Now, we need to remember that Ashtabula County is served by six separate radio stations that have no main studio locally and are otherwise completely satellite fed. Another five radio stations are “voice-tracked” where there is a studio but content is either satellite-fed or produced under automation that is prepared quite a bit in advance. Another two stations are about half voice-tracked and half satellite-fed.

      In short, if something goes wrong with the test at any of those stations on Wednesday the likelihood of local staff being there to respond to the situation is minimal to none.

      Now, I ended up writing on Monday about funding needs in SeekingSupport but was somewhat vague as to what is going on. In part that’s been due to the complexity of the problem at hand. I haven’t been satisfied with any of the preliminary solutions I’ve come up with. At this point I should lay out what I have.

    • Health/Nutrition

      • Risk of being killed by police use of force in the United States by age, race–ethnicity, and sex

        The average lifetime odds of being killed by police are about 1 in 2,000 for men and about 1 in 33,000 for women. Risk peaks between the ages of 20 y and 35 y for all groups. For young men of color, police use of force is among the leading causes of death.

      • Police Use of Fatal Force Identified as a Leading Cause of Death in Young Men

        Police violence is a leading cause of death of young men in the United States with black men 2.5 times more likely to be killed by law enforcement over their lifetime than white men, according to a Rutgers study.

      • Fatal Use of Force by Police a Leading Cause of Death for Young Men

        But Edwards and others in the study also caution relying on anecdotal evidence like news reports and called for a more data-based approach to track the issue of police violence and its relation to race.

        “What we lack in this country are the solid estimates of police related deaths because there is no official database where this information is stored,” Edwards said.

        The Rutgers study used data compiled by the National Vital Statistic System’s mortality files along with Fatal Encounters, a journalist-run database that uses local news reports and public records to create a database.

    • Security (Confidentiality/Integrity/Availability)

      • Better Encrypted Group Chat

        End-to-end encrypted group messaging is also a hard problem to solve. Existing solutions such as Signal, WhatsApp, and iMessage have inherent problems with scaling, which I’ll discuss in detail, that make it infeasible to conduct group chats of more than a few hundred people. The Message Layer Security (MLS) protocol aims to make end-to-end encrypted group chat more efficient while still providing security guarantees like forward secrecy and post-compromise security.

      • KDE has an unpatched security issue that’s been made public [Ed: As KDE clarified, do not run malicious things from malicious sources. This is always common sense; same with Macros.

        However, that might not be good enough. Going by what else Penner also said on Twitter, it’s not just .desktop or .directory files as any unknown filetype can be detected by KDE as an application/desktop mimetype making it a lot worse than originally thought. As long as a file contains “[Desktop Entry]” at the top, it seems KDE will have a go at parsing it.

        On top of that, the KDE team were not made aware of the issue before this was all made public. So if you’re running KDE, time to be super careful until a patch is out. Hopefully all distributions shipping KDE will be keeping a close eye on this for when a patch is available.

      • Top 20 Best Cybersecurity Courses That You Can Sign Up Now

        Cybersecurity or information security (IT) refers to the practice or process of ensuring the integrity of different networks. In a broad sense, this concept is all about protecting our data, apps, networks or devices from cyber-attacks or unauthorized access. The necessity of securing our networks is increasing day by day. Few people have that master skill to secure the networks. As the increasing demand for cybersecurity specialists, we believe that one of the cybersecurity courses below will enhance your skill.

      • Security updates for Wednesday

        Security updates have been issued by Fedora (hostapd), openSUSE (aubio and spamassassin), Oracle (kernel), Red Hat (augeas, kernel-rt, libssh2, perl, procps-ng, redis:5, and systemd), SUSE (bzip2, evince, kernel, linux-azure, nodejs4, nodejs8, osc, python, python-Twisted, and python3), and Ubuntu (BWA and Mercurial).

      • evil wifi 4 qualcomm – QualPwn – Exploiting Qualcomm Snapdragon via WLAN Wifi and Modem Over The Air

        Researchers discovered the QualPwn vulnerabilities in February and March this year and responsibly reported them to Qualcomm, who then released patches in June and notified OEMs, including Google and Samsung.

        Google just yesterday released security patches for these vulnerabilities as part of its Android Security Bulletin for August 2019. So, you are advised to download the security patches as soon as they are available

        Since Android phones are infamously slow to get patch updates, researchers have decided not to disclose complete technical details or any PoC exploit for these vulnerabilities anytime soon, giving end-users enough time to receive updates from their device manufacturers.

      • KDE4/5 Zero-Day Vulnerability Alert! [Ed: Many steps are needed here (in order to cause actual harm) and also purusing rogue files from untrusted sources. Linux-hostile sites promoted this nonsense, overhyping it.]

        An unpatched zero-day vulnerability exists in KDE 4 & 5 that could allow attackers to execute code simply by tricking a user into downloading an archive, extracting it, and then opening the folder.

      • What we Can Learn from the Recent VLC Security Vulnerability Fiasco: A Conversation with VideoLAN President Jean-Baptiste Kempf

        About a week ago, the LinuxSecurity staff started tracking a security issue related to VLC, the popular open source media player. Security vulnerabilities are a regular part of the software development lifecycle. These vulnerabilities are identified, then a solution is created and distributed to its users. In this case, it wasn’t completely clear whether that’s what happened, though. We decided to find out.

        On July 23rd, CERT-Bund published a security advisory for the popular open-source VLC media player for a vulnerability that had been fixed for the past 16 months. In the advisory, CERT-Bund warned that VLC media player version, the latest build available, contained a critical security vulnerability with a CVSS score of 9.8 out of 10. This warning indicated that the security flaw did not require privilege escalation to exploit.

        It is now evident that many aspects of CERT-Bund’s advisory were incorrect. While a vulnerability did exist, it is in a third party library as opposed to in VLC itself, as security experts incorrectly indicated. It was also fixed over a year ago. The security researcher who reported the vulnerability was using Ubuntu version 18.04, which includes an older, unpatched version of the libebml library. As long as users have VLC 3.0.3 or newer installed, they are protected from the vulnerability. Once the correct information about the security bug was revealed, NIST has downgraded the vulnerability’s rating to a 5.5 (Medium).

    • Defence/Aggression

      • Erdogan threatens to attack Syrian Kurdish militia ‘very soon’

        Erdogan has repeatedly warned that the Turkish military is preparing an operation in Syria against the Kurdish YPG militia, which the US has supported as the main fighting force against the Islamic State (IS) group.

      • Tensions Spike as Turkey Threatens Syria Offensive

        A U.S. military delegation is currently in Turkey to meet with Turkish officials, Esper said. The delegation is reportedly part of a last-ditch attempt to head off the offensive.

        As NATO’s southern flank and home to a key launching pad for U.S. operations in the Middle East, Incirlik Air Base in Turkey is a crucial U.S. partner in European security and the fight against extremism. But the alliance has frayed in recent years, especially after Turkey’s failed 2016 military coup, U.S. support for the Syrian Kurds, and Turkey’s increasingly cozy relationship with Russia.

      • Wired’s Gee-Whiz High-Tech Militarism

        A deluge of major Western publications stated last month that the US destroyed an Iranian drone in the Strait of Hormuz between the Persian Gulf and the Gulf of Oman (e.g., New York Times, 7/18/19; NPR, 7/19/19; NBC News, 7/18/19). Citing unproven reports from Donald Trump and the US Department of Defense, the outlets stated that the drone came within 1,000 yards of a US Navy warship, after ignoring “multiple calls to stand down.”

        Iran denied the accusations, providing a time-stamped video meant to demonstrate that the drone remained airborne “before and even after the time Americans claim” (BBC, 7/19/19). The US, meanwhile, provided a dubious series of photos, with no indication of when they were taken or their relationship to each other.


        Wired has a history of portraying US military operations as dazzling, do-good technological marvels. Days before championing the Marines’ energy weapon, the outlet published a ringing endorsement of the Air Force’s new rescue helicopter (7/19/19), which doubled as an advertorial for both the Air Force and aircraft manufacturer Lockheed Martin. Not unlike a car commercial, the article detailed the vehicle’s bells and whistles: Twice the fuel capacity! Extra range! New surveillance cameras! Weapon mounts! The idea that some of the countries targeted might seek to develop defenses to these devastating attacks was described as the “challenge” of “rapid evolution of opposition to the American military.”

        A new fighter-jet ejection system garnered equally glowing coverage (8/31/18), promising to make “rocketing out of a B-2 bomber surprisingly safe.” A five-pound Lockheed Martin “hit-to-kill” missile, which Wired (5/5/18) playfully termed a “pocket rocket,” received the same PR sheen for its size. Lockheed (11/28/17) was similarly lavished with praise for supplying the US Army and Air Force with “sci-fi” laser weapons, described as a “toy” that “lets you waltz into enemy territory, do your job while zapping missiles out of the sky, and cruise home.” Noting that that “job” involves dropping high explosives on human beings is left unmentioned, lest all the fun be taken out of it.

    • Transparency/Investigative Reporting

      • Judge Denies Chelsea Manning A Hearing, Insists Hundreds Of Thousands Of Dollars In Fines Are Not Punishment

        A federal judge denied Chelsea Manning’s motion to reconsider fines imposed against her for refusing to testify before the grand jury investigating WikiLeaks. He also undermined due process and refused to hold a hearing.

        “Manning has the ability to comply with the court’s financial sanctions or will have the ability after her release from confinement,” Judge Anthony Trenga ruled. “Therefore, the imposed fines of $500 per day after 30 days and $1,000 per day after 60 days is not so excessive as to relieve her of those sanctions or to constitute punishment rather than a coercive measure.”

        Trenga additionally insisted that he had the authority to confine her and impose fines as well.

        “I am disappointed but not at all surprised. The government and the judge must know by now that this doesn’t change my position one bit,” Manning declared in response to the decision.

        Manning has been in jail for 147 days. She already owes $38,000 in fines, as of August 7, and she could owe up to $441,000—nearly a half million dollars—if the sanctions continue.

        Her legal team said Manning will “remain confined for another year and will face ongoing financial hardship,” unless Judge Trenga or a higher court is convinced that the fines imposed will “never coerce her compliance” and amount to punishment.

    • Environment

      • Chernobyl’s ‘sarcophagus,’ which helped contain the spread of radiation, is being dismantled because it’s teetering on collapse

        The Ukrainian company that manages the Chernobyl plant, SSE Chernobyl NPP, said in an online statement that expert evaluations revealed that the sarcophagus had a “very high” probability of collapse. Only gravity has kept the structure tethered to its supporting blocks, the company said.

      • Uber and Lyft finally admit they’re making traffic congestion worse in cities

        The findings show that Uber and Lyft account for just 1-3 percent of VMT in the broader metropolitan areas of each city. But those numbers spike when zooming in on the core county of each city. In San Francisco County, for example, Uber and Lyft make up as much as 13.4 percent of all vehicle miles. In Boston, it’s 8 percent; in Washington, DC, it’s 7.2 percent.

        These figures suggest that Uber and Lyft are hitting some cities harder than previously thought. An independent study commissioned by the San Francisco County Transportation Authority looked at 2017 traffic patterns in the county and concluded that TNCs generated about 6.5 percent of the total VMT on weekdays, and 10 percent on weekends. (TNC, which stands for transportation network company, is an industry term used to describe ride-hailing apps like Uber and Lyft.)

      • Airship’s return can boost hydrogen economy

        The airship could be on the way back. Tomorrow’s fuel could be delivered at all-but zero carbon cost by the ultimate in high-technology supertankers: vast dirigibles, sailing round the world at stratospheric heights on the jet stream.

        Enormous balloons or airships more than two kilometres in length, laden with hydrogen and an additional burden of cargo could, according to new calculations, circumnavigate the northern hemisphere in 16 days. They could, on route, deliver their heavy goods, and at the same time transfer 60% or even 80% of their hydrogen in gas form.

        And then, the holds empty, the same airship could float back home in the same direction on the jet stream with the remaining hydrogen to provide the necessary lift, for another trip.

      • Energy

        • Documents Shine New Light on Koch Brothers’ Early Efforts to Abolish the Department of Energy

          A scheme to abolish the Department of Energy (DOE) helped spur a failed 1980 Libertarian Party presidential bid — and in the process laid the groundwork for Charles and David Koch’s powerful network of influence — as documents from a newly published archive show.

          The documents in the new KochDocs.org archive include a relatively little-noticed column penned by fossil fuel industrialist Charles Koch for the Libertarian Review in August 1977, in which Charles, who had served as a member of President Carter’s energy task force in 1976, argued against Carter’s energy policy, writing that the “only ‘certainty’ to be associated with governmental planning is that it will not work, will tend to produce results opposite to those intended, and will doom any substantial private long-range planning in energy development.”

          Within three years, the Energy Department had been established by federal law — and its abolishment had become a central plank of the Libertarian Party’s 1980 presidential campaign, which featured Ed Clark as its presidential candidate and Koch Industries’ David Koch as his running-mate.

        • Announcing DeSmog’s Koch Network Database

          The Koch Network Database is a new resource library built by DeSmog to assist journalists, academic researchers, and the public to learn more about the backgrounds of individuals and organizations associated with billionaire fossil fuel industrialists Charles Koch and David Koch’s free market approach to a broad spectrum of civic issues.

          The Koch Network Database will chronicle the historical and present deeds and quotes associated with the people and organizations that have helped to advance the Kochs’ free market approach to environmental regulations, and the subsequent consequences of such approaches for climate change, public health, and democracy.

      • Wildlife/Nature

        • Earth’s Hottest Month Lights a Fire for Progress

          All the while, the Trump administration has been actively suppressing climate science while pushing scientists and other officials out of their jobs. It also proposed weakening coal-burning power plant emissions rules, relaxed sage-grouse protection in land coveted by energy developers, continued to weaken protections for Bears Ears National Monument, and greenlit a controversial plan to allow drilling in Alaska’s Cook Inlet that could harm beluga whales and other marine mammals.

          The administration also appointed William Perry Pendley, a staunch foe of America’s public lands, as acting head of the Bureau of Land Management, which oversees 250 million acres. The appointment could set the stage for the liquidation of public lands and unfettered fossil-fuel development around the country, further driving greenhouse gas emissions fueling the climate crisis.

          Oh yeah, and Trump’s reelection campaign also started selling plastic straws to “own the libs.”

    • Finance

      • [Old] Half of Americans Are Effectively Poor Now. What The?

        There are days I feel like I read dystopian statistics for a living. And then there are day when the dystopian statistics take even my jaded breath away. Here’s one: 43% of American households can’t afford a budget that includes housing, food, childcare, healthcare, transportation, and a cellphone. Translation: nearly half of Americans can’t afford the basics of life anymore.
        Does that take your breath away too? It should. And yet it might not come as a surprise. You might know it intimately. The statistics say there’s an even chance you’re…living it. What a grim and bizarre reality. Half of people are effectively poor in the world’s richest country. What the?
        The folks that did the study above call this new class of people ALICE, for “asset limited, income constrained, employed.” It’s a sharp way to think about American collapse. Let me translate this term, too: the people formerly known as the American middle class.
        Let’s take each of those terms one by one. “Asset limited” means that these households don’t have the resources — the hard financial assets — to drawn down on anymore. That tallies with other research which says the majority of Americans now have a negative net worth. In short, “asset limited” is a polite way of saying: indebted for life, with no real way of ever not getting out of the trap. It’s a nice way of saying: broke.

      • Once More With Feeling: Nearly All General Interest News Paywalls Will Fail

        Just a few weeks ago we pointed out (for not the first time) that news paywalls for general interest publications did not seem likely to succeed outside of a very small number of exceptions: mainly three giant east coast newspapers which have established themselves as key news sources: the NY Times, the Washington Post and the Wall Street Journal (arguably the last one, with its focus on finance, might not even count as “general interest”). In that last post, we pointed out that even people who liked to pay for news tended to only subscribe to a single news source. That helps create a winner take all proposition where only a very small number (see above) can actually build a sustainable business model through an internet paywall.


        That’s the wrong approach. Subscription growth would be one way to increase revenue — but to do that you have to give people a reason to subscribe, and just doing the same things as those other newspapers isn’t going to cut it. I’m surprised that the LA Times hasn’t, instead, decided to buck the paywall trend and go in the other direction. Why not focus on opening itself up, building up traffic, and providing an alternative to the east coast papers who got all the subscribers by doing strong reporting, and then layering in other, better business models?

    • AstroTurf/Lobbying/Politics

      • Judge Not Impressed With DOJ’s Attempt To Claim Presidential Tweets And Orders Don’t Mean Anything

        The DOJ wants its secrecy. The President keeps taking it away. Over the past couple of years, FOIA litigants have received unexpected support from President Trump, often in the form of tweets. While the DOJ is arguing nothing the records seekers are seeking should be handed over, Trump is tweeting out demands that everything should be released — largely due to his unwavering belief that selective transparency will somehow expose a massive Deep State operation against him and his associates.

        The stuff Trump wants exposed relates to FISA court orders and other documents related to investigations of Trump’s campaign team and their ties to Russia. Trump is convinced there’s nothing there and wants the public to see this for themselves. It’s inadvertently commendable, even though there’s a strong possibility the documents won’t actually prove what Trump thinks they’ll prove.

      • Yes, The DNC’s Debate Format Sucks, And There’s An Easy Fix

        Man, these presidential election years sure seem to last longer than a year, don’t they? And, in our hyper-partisan world of never ending political stupidity, it’s somewhat comforting that the one thing we can all agree on is that the debate formats recently have basically sucked out loud. The complaints about debate formats started with the 2016 RNC primaries, with its crowded field and strange varsity/JV debate night structure. Fast-forward to 2019 and the DNC’s Democratic debates are being pilloried as well. In the latter case, the chief criticism appears to be that there is far too little substance discussed, with moderators for cable and OTA networks instead focusing on getting the candidates to clash in the most easy-to-soundbite fashion.

    • Censorship/Free Speech

      • Twitter says it won’t verify new candidates until they win their primaries

        “Verification was meant to authenticate identity & voice but it is interpreted as an endorsement or an indicator of importance,” the platform said at the time.

      • Second Circuit Rules That Section 230 Bars Civil Terrorism Claims Against Facebook

        The U.S. Court of Appeals for the Second Circuit last week became the first federal appellate court to rule that Section 230 bars civil terrorism claims against a social media company. The plaintiffs, who were victims of Hamas terrorist attacks in Israel, argued that Facebook should be liable for hosting content posted by Hamas members, which allegedly inspired the attackers who ultimately harmed the plaintiffs.

        EFF filed an amicus brief in the case, Force v. Facebook, arguing that both Section 230 and the First Amendment prevent lawsuits under the Anti-Terrorism Act that seek to hold online platforms liable for content posted by their users—even if some of those users are pro-terrorism or terrorists themselves. We’ve been concerned that without definitive rulings that these types of cases cannot stand under existing law, they would continue to threaten the availability of open online forums and Internet users’ ability to access information.

        The Second Circuit’s decision is in contrast to that of the Ninth Circuit in Fields v. Twitter and the Sixth Circuit in Crosby v. Twitter, where both courts held only that the plaintiffs in those cases—victims of an ISIS attack in Jordan and the Pulse nightclub shooting in Florida, respectively—could not show a sufficient causal link between the social media companies and the harm suffered by the plaintiffs. Thus, the Ninth and Sixth Circuit rulings are concerning because they tacitly suggest that better pleaded complaints against social media companies for hosting pro-terrorism content might survive judicial scrutiny in the future.

      • NY Times Joins Lots Of Other Media Sites In Totally And Completely Misrepresenting Section 230

        So, about a week ago, the NY Times properly mocked politicians for totally misrepresenting Section 230 of the Communications Decency Act. This week it needs to mock itself. Reporter Daisuke Wakabayashi wrote a piece provocatively titled (at least as it was originally published) Why Hate Speech On The Internet Is A Never Ending-Problem, with a subhead saying: “Because this law shields it.” And in case you believed it might be talking about some other law, between the head and the subhead it showed part of the text of Section 230 (technically, it showed Section (c)(1)).


        Yeah. So that’s kind of a big deal. The original version blamed Section 230 — a bill currently under attack from both sides of the aisle — for somehow being the root cause of hate speech online, saying it’s what “protected” it. And now the article admits in the fine print that, oh, whoops, actually it’s that old 1st Amendment that protects it. Kind of a big difference, and one that completely undermines the entire point and thrust of the original article. That’s a pretty massive fuck up

        Of course, it’s not entirely clear who is to blame here. Editors, not reporters, tend to write the headlines, so it’s very likely that the incorrect headline came from the editorial team at the NY Times, and not Wakabayashi himself. After all, the article itself suggested that he had done some research on the matter, including speaking to Section 230 expert Jeff Kosseff, who spends much of his time these days debunking myths about 230. It also notes the actual history of Section 230, and how it was designed in order to encourage content moderation, not block it. Of course, you would not get that from that original headline, which suggested something very, very different.

    • Privacy/Surveillance

      • AT&T staff took bribes to plant malware on corporate network

        Initially, the conspiracy, led by Pakistan-based Muhammad Fahd and Ghulam Jiwani, used the insiders to submit large numbers of IMEI numbers to unlock the devices that AT&T had supplied to customers as part of a mobile plan.

        From around April 2013, Fahd and Jiwani, according to the indictment, bribed their contacts to install malware on AT&T’s corporate network that would enable them to submit IMEI numbers themselves, using the network credentials of AT&T employees.

      • Japan: Piracy Warning Popups Could Violate Privacy

        A report compiled by Japan’s Ministry of Internal Affairs and Communications has concluded that presenting Internet users with warnings that they are visiting ‘pirate’ sites could breach privacy laws. Citizens’ traffic can’t be monitored without permission so any system would currently need users to opt in, something that would limit the effectiveness of any trial.

      • Facebook is suing 2 developers for allegedly hijacking people’s phones to fraudulently click on ads

        In a blog post on Tuesday, Facebook announced that it has filed suit against LionMobi and Jedimobi, app developers based in Hong Kong and Singapore respectively, with claims of “click injection” ad fraud.

        The Silicon Valley tech giant claims the two companies launched malicious apps in the Google Play app store that once installed used users’ phones to trick Facebook’s advertising system into paying out cash to them by pretending to be “real” people clicking on online advertisements.

      • Yelp is Screwing Over Restaurants By Quietly Replacing Their Phone Numbers

        Yelp has historically functioned like an enhanced Yellow Pages, listing direct phone numbers for restaurants along with photos, information about the space, menus, and user reviews. But Yelp began prompting customers to call Grubhub phone numbers in October 2018 after the two companies announced a “long-term partnership.”

        Restaurant owners may not be aware of the change. Mohammad Zaman, an owner of Afghan Kabab and Grill House in Brooklyn, insisted the phone number that showed up in Yelp was a mistake until a call placed to the number rang at his desk.

      • No Aadhaar? You might not be able to obtain a driving licence in future

        The Motor Vehicles (Amendment) Bill, 2019 has proposed several major changes that could go a long way in improving road safety, bolstering transportation network, providing last mile connectivity and weeding out corruption from the system. However, there is one clause regarding driving licences and it seems rather interesting. The new legislation seeks to make Aadhaar mandatory for getting a driving licence.

      • Tutanota Interviews Tim Verheyden, the Journalist Who Broke the Story on Google Employees Listening to People’s Audio Recordings

        Investigative journalist Tim Verheyden, who broke the story on how Google employees listen to people’s audio recordings, explains in an interview how he got hold of the story, why he is now using the encrypted contact form Secure Connect by Tutanota and why the growing number of “ghost workers” in and around Silicon Valley is becoming a big issue in Tech.

      • Microsoft Nabs Russian Hackers Exploiting Flimsy IOT Security [Ed: Microsoft is often the cause of the issues described here]

        Year after year after year, we’re connecting millions upon millions of devices to home and business networks with paper-mache grade security. And while there’s some fleeting efforts to address the problem (like incorporating flaws into product reviews), it’s still not something folks are taking seriously enough. And while such proclamations are often dismissed as hyperbole, it’s something folks like Schneier predict isn’t likely to change until these vulnerabilities result in some notable human casualties.

      • What all the stuff in email headers means—and how to sniff out spoofing

        I pretty frequently get requests for help from someone who has been impersonated—or whose child has been impersonated—via email. Even when you know how to “view headers” or “view source” in your email client, the spew of diagnostic wharrgarbl can be pretty overwhelming if you don’t know what you’re looking at. Today, we’re going to step through a real-world set of (anonymized) email headers and describe the process of figuring out what’s what.

        Before we get started with the actual headers, though, we’re going to take a quick detour through an overview of what the overall path of an email message looks like in the first place. (More experienced sysadmin types who already know what stuff like “MTA” and “SPF” stand for can skip a bit ahead to the fun part!)

      • Don’t let the crooks ‘borrow’ your home router as a hacking server [Ed: Sophos is badmouthing GNU/Linux and SSH right now. Why? Check what proprietary software this firm is selling. Machines with open SSH ports and generic passwords don't mean SSH or Linux are at fault. Companies that make machines with passwordless (or weak/unchanged password) remote access basically use GNU/Linux to construct honeypots. The outcome is, as expected, bad for security. Not the fault of GNU/Linux.]

        SSH, short for Secure Shell, is the probably the most common toolkit for remotely managing computers.

        Windows users may be more familiar with RDP, or Remote Desktop Protocol, which gives you full graphical remote control of a Windows computer, with access to the regular Windows desktop via mouse and keyboard.

        But almost every Linux or Unix sysadmin out there, plus many Windows sysadmins, use SSH as well as or instead of RDP, because of its raw power.

    • Civil Rights/Policing

      • A DNA test connected two distant cousins — and filled out a family history that slavery erased

        Lakes, who is a graduate student at Fisher College in Boston, wanted to explore her ancestry and also did a DNA test to find out where she was from. She also chose to be notified whenever someone’s DNA matched hers. This is how Kapenda was able to reach Lakes and begin building a relationship.

      • ISIS Is Using Internet Propaganda to Maintain a ‘Virtual Caliphate,’ UN Report Says

        According to the report, ISIS has recently focused on improving the technical skills of potential attackers abroad by disseminating “online tutorials on building home-made chemical and biological weapons.” At the same time, the group is continually encouraging the kinds of “low-tech” attacks—among them stabbings and car attacks against civilian populations—seen across Europe and elsewhere in recent years.

      • Rwandan Women Want to Move the Country Past Its Association With the 1994 Genocide

        That was only the beginning. Over the next three months, Honorine and thousands of other ethnic Tutsis endured a reign of horror. It would be called “the Genocide,” and by the time it ended in July, between 500,000 and 1 million people would be dead.

        This year marked the 25th anniversary of the Rwandan genocide, and as it has nearly every year since the initial events, the international community descended upon the country to recognize the devastating human loss — and its own collective shame for failing to stop it.

    • Internet Policy/Net Neutrality

      • 8chan owner called to testify before U.S. Congress

        Online message board 8chan’s fortunes worsened Tuesday, as the site was once again made homeless by a technical services provider and its owner was called to testify before the U.S. Congress.

      • The owner of 8chan is being summoned to testify before Congress over its link to mass shootings, but no one seems to have his mailing address

        Watkins, a US Army veteran, is said to have relocated his family in 2004 to the Philippines, where he reportedly lives today — raising pigs and running various websites, including an audiobook company and, 8chan.

      • The Weird, Dark History of 8chan

        He goes on to complain that 8chan is being treated unfairly. “It is actually sinister behavior,” Watkins says of being kicked offline, a decision he attributes to Cloudfare’s upcoming IPO. “Ours is one of the last independent companies that offer a place you may write down your thoughts free from having to worry about whether they are offensive to one group or the other.” He ends by calling Cloudflare’s actions “cowardly” and “not thought out.” (After some preliminary emails, Watkins declined to be interviewed by WIRED.)

        Also on Tuesday the House Homeland Security Committee sent a letter to Jim Watkins demanding that he appear to answer questions about 8chan’s extremist content.

      • AT&T Hopes A Confusing Rebranding Will Help Its Muddled Video Plans Make Sense

        Despite spending more than $150 billion on mergers intended to help it dominate the video space, AT&T’s video ambitions are falling flat. The company just posted a loss of more than 778,000 “traditional” video subscribers last quarter (satellite TV, IPTV), but also lost another 168,000 subscribers at its DirecTV Now streaming service. The reason? The company’s acquisitions of DirecTV ($67 billion) and Time Warner ($86 billion) saddled it with so much debt, the company was forced to raise rates. This, in turn, helped drive AT&T’s customers to the exits.

        Despite its voracious appetite for M&A, it’s not entirely clear the company knows what to do from here. The same week it announced record subscriber losses, AT&T proclaimed it would be engaged in a rebranding that will kill off the DirecTV brand. AT&T’s DirecTV Now streaming video service will now be, quite creatively, named just AT&T TV Now…

      • After Missing Cord Cutting Trend, Nielsen Falls Apart

        For years, we’ve noted how popular TV ratings firm Nielsen has turned a bit of a blind eye to cord cutting and the Internet video revolution, on one hand declaring that the idea of cord cutting was “pure fiction,” while on the other hand admitting it wasn’t actually bothering to track TV viewing on mobile devices. It’s not surprising; Nielsen’s bread and butter is paid for by traditional cable executives, and really, who wants to take the time to pull all those collective heads of out of the sand to inform them that their precious pay TV cash cow is dying?

        Eventually, the cord cutting trend became too big to ignore, forcing Nielsen to change its tune and start acknowledging the very real trend (though they called it “zero TV households” instead of cordcutters). Broadcasters (especially those hardest hit by cord cutting) didn’t much like that, and began bullying the stat firm when it showed data that didn’t jive with the view a foot below ground. While Nielsen slowly improved its methodologies, it would occasionally back off on certain data collection and reporting changes if the cable and broadcast industry complained loudly enough.

Linux Foundation Nowadays Resembles Fake Charities That Exist Not to Support What They Claim to Support

Posted in Deception, GNU/Linux at 10:15 am by Dr. Roy Schestowitz

Linux Foundation fund laundering

Summary: The Linux Foundation exists only to support vast corporations that aren’t even Linux-focused corporations; but to the public the Foundation presents itself as anything but a front group of corporations

WHEN the Linux Foundation started about 12 years ago (under this current name) it looked or least presented itself very differently. It could be viewed as somewhat community-centric (at least somewhat). Now, 12 years later, the Linux Foundation still welcomes people to donate money and says something along the lines of “we support diversity…”

“Then there’s the issue with their sites and their endorsements that they sell.”Techrights investigated this and found that they ‘launder’ these funds to pay truly massive salaries (almost a million bucks a year for particular roles!) to millionaire executives who don’t use Linux. This is troubling. A lot of what this Foundation does is similar if not identical to scam ‘charities’ which ask for money, proclaiming to support some cause while in reality paying the bunch of ‘fat cats’ who ‘manage’ them the lion’s share of deposits.

Then there’s the issue with their sites and their endorsements that they sell. We wrote about this before. That’s actually done very crudely. They even sell article placements at Linux.com.

This morning Microsoft was at the top of Linux.com and it’s not even unusual. “Sadly,” I wrote in my personal blog, “this has become far too common in that site under its new (and sole) editor. Whose interests are served now? Linux Foundation sponsors.”

Today’s Linux Foundation is doing some Linux-hostile things, too… even its site does. Why would people wish to donate to this? It’s like a defunct non-profit that became something else completely.

Links 7/8/2019: Linux 5.2.7, NetworkManager 1.20, FFmpeg 4.2, GNOME 3.33.90

Posted in News Roundup at 3:13 am by Dr. Roy Schestowitz

  • GNU/Linux

    • Desktop

      • System76 Adder WS is a Linux laptop with a 4K OLED display

        Measuring 14.1″ x 10.2″ x 1.8″ and weighing about 5.5 pounds, the Adder WS is a bit larger than the laptops I usually write about. But it will be one of the most powerful laptops to ship with GNU/Linux software rather than Windows or macOS when it goes on sale later this week.

    • Server

      • The Data Center is Changing, so is SUSE Enterprise Storage: Say Hello to Version 6

        Data growth is explosive – a challenge for all regardless of business sector. There’s the vast quantity of data from mobiles – all that data on your phone (and everyone else’s). There’s the data from the IoT – with just about everything having a sensor these days – the much-celebrated fridge that orders groceries or adds to your shopping list has actually become a reality. If you’re in the medical sector, there’s the epic growth in X-Ray, and MRI data – with each new wave of improvements in scans bringing new data, and new processing requirements. Ordinary businesses selling on and offline have every increasing volumes of data of transactional history – things bought, and things nearly bought. Then of course there is video – reams of footage from stores, or the emergency services, or even field engineers – needs a home. And let’s not forget about email… which just so happens to have all those other sources of data in attachments. We’ve got lots of data, we’re going to have loads more, and a lot of it is unstructured.

      • Linux Academy Monthly Update for August

        During July, we started creating transcripts for many of our course videos. During August, we are working on adding even more transcripts to our courses! These transcripts will make it even easier to follow along with the course authors, and allow you to pause and re-read a section instead of having to rewind.

      • OPA Gatekeeper: Policy and Governance for Kubernetes

        The Open Policy Agent Gatekeeper project can be leveraged to help enforce policies and strengthen governance in your Kubernetes environment. In this post, we will walk through the goals, history, and current state of the project.

      • IBM

        • Red Hat Launches Enterprise Linux 7.7

          Red Hat today announced the general availability of Red Hat Enterprise Linux 7.7, the final Full Support Phase release of the Red Hat Enterprise Linux 7 platform. As hybrid and multicloud computing helps to transform enterprise IT, Red Hat Enterprise Linux 7.7 delivers enhanced consistency and control across cloud infrastructure for IT operations teams while also providing a suite of modern, supported container creation tools for enterprise application developers.

          Beyond new capabilities, Red Hat Enterprise Linux 7.7 also marks the transition of Red Hat Enterprise Linux 7 to Maintenance Phase I within the Red Hat Enterprise Linux 10-year lifecycle. Maintenance Phase I emphasizes maintaining infrastructure stability for production environments and enhancing the reliability of the operating system. Future minor releases of Red Hat Enterprise Linux 7 will now focus solely on retaining and improving this stability rather than net-new features.

        • Red Hat Enterprise Linux 7.7, it’s a bit better than 7.6

          Red Hat… no, wait, stop there — not Red Hat the IBM company, actually just Red Hat — that’s how the company is still putting out news stories.

          We’ll start again, open source enterprise software company Red Hat has announced a point release for Red Hat Enterprise Linux (RHEL) as it now hits its 7.7 version.

          But what could Red Hat have put into version 7.7 that it failed to markedly address in version 7.6 may we ask?

          The company points to terms like ‘enhanced consistency and control’ across cloud infrastructures (plural) for IT operations teams.

          There’s also ‘modern supported container creation tools’ for enterprise application developers — as opposed to the old fashioned ones, that shipped in 7.6, presumably.

        • Final Red Hat Enterprise Linux 7 version released

          With almost a third of all servers running Red Hat Enterprise Linux (RHEL, the final release of the RHEL 7 platform is a big deal. Of course, as the IBM-Red Hat acquisition shows, Red Hat is not just about Linux anymore, it’s all about supporting the cloud. This last RHEL release, RHEL 7.7 underlines this with its built-in hybrid and multicloud support.

          But, first, let’s go over RHEL 7.7′s Linux foundation. From here on out, RHEL 7.7 moves to Maintenance Phase I within the RHEL 10-year lifecycle. Maintenance Phase I emphasizes maintaining infrastructure stability and reliability for production systems. Future minor releases will be all about security and stability patches. If you want new features, you should look at RHEL 8.

        • Red Hat Enterprise Linux 7.7 Drives Cloud-Native Flexibility & Boosts Security

          “As hybrid and multicloud computing helps to transform enterprise IT, Red Hat Enterprise Linux 7.7 delivers enhanced consistency and control across cloud infrastructure for IT operations teams while also providing a suite of modern, supported container creation tools for enterprise application developers,” according to a company press release.

        • Red Hat Drives Cloud-Native Flexibility, Enhances Operational Security with Latest Version of Red Hat Enterprise Linux 7

          Red Hat, Inc., the world’s leading provider of open source solutions, today announced the general availability of Red Hat Enterprise Linux 7.7, the final Full Support Phase release of the Red Hat Enterprise Linux 7 platform. As hybrid and multicloud computing helps to transform enterprise IT, Red Hat Enterprise Linux 7.7 delivers enhanced consistency and control across cloud infrastructure for IT operations teams while also providing a suite of modern, supported container creation tools for enterprise application developers.


          Frequently, modern applications built to run across the hybrid cloud are developed using Linux containers. Building cloud-native apps requires cloud-native development tools, like a container daemon, but these tools can introduce unnecessary risk and complexity into development environments. Red Hat Enterprise Linux 7.7 now includes full support for Red Hat’s distributed container toolkit – buildah, podman and skopeo – on Red Hat Enterprise Linux workstation deployments with the Red Hat Universal Base Image, enabling developer teams to build, run and manage containerized applications across the hybrid cloud with a smaller, more manageable tool footprint.

        • Red Hat Enterprise Linux 7.7 released
        • OpenStack Stein feature highlights: edge deployments, storage and single node deployments

          Recently, we looked at how OpenStack’s use of vGPUs enables new technology use cases such as time series forecasting and autonomous vehicle image recognition. Now let’s examine the deployment options that can enable those applications.

          Red Hat and the OpenStack community recognize that to serve the needs of today’s providers of telecommunications service, IoT, retail apps and other workloads, centralized infrastructure only may not be a feasible approach. Instead, applications and their underlying infrastructure likely need to move out to the edge to be as close to the client or data source as possible in order to deliver processing and insights in near real time.

          Let’s look at some of the new capabilities that are available in OpenStack’s Stein release or may come to future versions of Red Hat OpenStack.

        • Talking High Bandwidth With IBM’s Power10 Architect

          As the lead engineer on the Power10 processor, Bill Starke already knows what most of us have to guess about Big Blue’s next iteration in a processor family that has been in the enterprise market in one form or another for nearly three decades. Starke knows the enterprise grade variants of the Power architecture designed by IBM about as well as anyone on Earth does, and is acutely aware of the broad and deep set of customer needs that IBM always has to address with each successive Power chip generation.

          It seems to be getting more difficult over time, not less so, as the diversifying needs of customers run up against the physical reality of the Moore’s Law process shrink wall and the economics of designing and manufacturing server processors in the second and soon to be the third decade of the 21st century. But all of these challenges are what get hardware and software engineers out of bed in the morning. Starke started out at IBM in 1990 as a mainframe performance analysis engineer in the Poughkeepsie, New York lab and made the jump to the Austin Lab where the development for the AIX variant of Unix and the Power processors that run it is centered, first focusing on the architecture and technology of future systems and then Power chip performance and then shifting to being one of the Power chip architects a decade ago. Now, Starke has steered the development of the Power10 chip after being heavily involved in Power9 and is well on the way to mapping out what Power11 might look like and way off in the distance has some ideas about what Power12 might hold.

        • IBM: Better Cash Flows Together

          On Friday, International Business Machines (IBM) finally provided detailed financial projections on the Red Hat merger. The company had always provided an indication that the deal was immediately cash flow accretive while not EPS accretive until the end of year two. The headlines spooked investors, but the details should bring investors back with a smile.

        • Using Metrics to Guide Container Adoption, Part I

          Earlier this year, I wrote about a new approach my team is pursuing to inform our Container Adoption Program. We are using software delivery metrics to help keep organizations aligned and focused, even when those organizations are engaging in multiple workstreams spanning infrastructure, release management, and application onboarding. I talked about starting with a set of four core metrics identified in Accelerate: Building and Scaling High Performance Technology Organizations (by Nicole Forsgren, Jez Humble, and Gene Kim) that act as drivers of both organizational and noncommercial performance.

          Let’s start to highlight how those metrics can inform an adoption program at the implementation team level. The four metrics are: Lead Time for Change, Deployment Frequency, Mean Time to Recovery, and Change Failure Rate. Starting with Lead Time and Deployment Frequency, here are some suggestions for activities that each metric can guide in initiatives to adopt containers, with special thanks to Eric Sauer, Prakriti Verma, Simon Bailleux, and the rest of the Metrics-Driven Transformation working group at Red Hat.

    • Audiocasts/Shows

      • Episode 11: A Conversation with Randy Bias of the OpenStack Foundation

        In this episode, David speaks with long time friend and OpenStack Foundation founding member Randy Bias about the future of Cloud Computing and disrupting technology.

      • SMLR 312 Merge branch ‘floppy’
      • I Spy With My Little Pi | LINUX Unplugged 313

        We put the Raspberry Pi 4 to the desktop test, and try it as our daily driver.

        Plus some neat and powerful uses for recent Pis, and our thoughts on Manjaro’s change of heart.

        Special Guests: Alan Pope, Alex Kretzschmar, and Brent Gervais.

      • LHS Episode #295: TLF Contest Logger Deep Dive

        Hello and welcome to Episode 295 of Linux in the Ham Shack. In this episode, the hosts address two e-mails received which both talk about native contest logging under Linux. A brief compare and contrast of YFKtest and TLF leads into a deep dive into the setup, operation and special features of TLF and why it may be a better choice as a lightweight contest logging option for Linux users. Thank you for listening and have a great week.

      • Myth #1: Can’t Make Money From Open Source

        People often say it’s hard to commercialize open-source. They are wrong. GitLab co-founder and CEO Sid Sijbrandij talks about the first open-source project that he helped commercialize. No, it was not GitLab.

      • Blender 2.80, Linux Mint, VR Desktop, System76, Librem 5, Manjaro, Proton: Episode 77 | This Week in Linux

        On this episode of This Week in Linux, we have a jam pack show for you with a huge release from Blender of .Blender 2.80. Linux Mint has released their latest version of 19.2 and System76 announced a brand new laptop. We’ll also check out some Linux Kernel news because Valve is proposing some new game-friendly changes and there’s some news regarding Floppy Drives of all things. We got some more exciting news from Valve as they teamed up with Collabora to develop a project to bring the Linux Desktop into the Virtual Reality space. Purism announced the final specs for the Librem 5, Manjaro made some waves this week and Latte Dock has released their latest version of 0.9. Later in the show, we’ll check out some more Linux Gaming news regarding the Official Valve Steam Play Whitelist. All that and much more on Your Weekly Source for Linux GNews.

    • Kernel Space

      • Linux 5.2.7

        I’m announcing the release of the 5.2.7 kernel.

        All users of the 5.2 kernel series must upgrade.

        The updated 5.2.y git tree can be found at:

        git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.2.y

        and can be browsed at the normal kernel.org git web browser:


      • Linux 4.19.65
      • Linux 4.14.137
      • Linux 4.9.188
      • Linux 4.4.188
      • Linux Performs Poorly In Low RAM / Memory Pressure Situations On The Desktop

        It’s been a gripe for many running Linux on low RAM systems especially is that when the Linux desktop is under memory pressure the performance can be quite brutal with the system barely being responsive. The discussion over that behavior has been reignited this week.

      • Yes, Linux Does Bad In Low RAM / Memory Pressure Situations On The Desktop

        It’s been a gripe for many running Linux on low RAM systems especially is that when the Linux desktop is under memory pressure the performance can be quite brutal with the system barely being responsive. The discussion over that behavior has been reignited this week.

        Developer Artem S Tashkinov took to the kernel mailing list over the weekend to express his frustration with the kernel’s inability to handle low memory pressure in a graceful manner. If booting a system with just 4GB of RAM available, disabling SWAP to accelerate the impact/behavior, and launching a web browser and opening new web pages / tabs can in a matter of minutes bring the system down to its knees.

      • Graphics Stack

        • Etnaviv Gallium3D Picks Up A NIR Compiler

          Open-source developer Jonathan Marek merged the support yesterday that allows for a NIR-based compiler as an alternative to its own homegrown compiler infrastructure for dealing with OpenGL shaders. NIR is the “new” Mesa common IR used by the likes of Intel’s OpenGL/Vulkan drivers, RADV, optionally for RadeonSI, and other drivers like Freedreno and V3D. By leveraging NIR, this should help in their OpenGL (ES) advancement and potential for squeezing more performance optimizations as the Etnaviv reverse-engineered driver continues maturing.

        • ROCK Pi and an easy place: Panfrost & Wayland on a Rockchip board

          With the release of the 5.2 Linux kernel, you might have noticed that Collabora has done a lot of work with Rockchip’s RK3399 platform, more specifically with the ROCK Pi 4 single-board computer.

          Our ongoing work on the reverse-engineered Panfrost OpenGL ES driver for Arm Mali GPUs turns the RK3399 SoC into a very attractive platform to try out Wayland on ARM devices, especially since it’s such a versatile platform that is both affordable to buy and is available in multiple form factors, including system-on-module (SoM) and single-board computer (SBC).

        • Intel’s Iris Gallium3D Driver Gets A 1 Line Patch To Bump The Performance By ~1%

          Intel’s Iris Gallium3D driver as their new OpenGL Linux driver aiming to be the default Mesa driver by year’s end continues seeing more performance optimizations now that the fundamentals are in place. The latest optimization is a one line tweak yielding around one percent higher performance across the board.

    • Applications

      • Please welcome: NetworkManager 1.20

        The libnm-glib library, deprecated in favor of libnm since NetworkManager 1.0 release almost five years ago, was dropped. At this point it’s almost certain to have no users.

        If you’re developing a program that has anything to do with network configuration, libnm is the way to go. You can also use it from other languages than C via GObject instrospection — just check out our examples.

        Also gone is the settings plugin for use with iBFT. For those who don’t know: iBFT is the way for the boot firmware to pass the network configuration it has used to the operating system. It really was rather unlike what other settings plugins are — its role was to create a single virtual connection profile that would be there so that NetworkManager won’t tear down the network configuration applied by the early boot firmware. This doesn’t mean that we don’t support network booted installations. Quite the opposite. Since the last release we support configuring the network on early boot with NetworkManager and we preserve configuration done outside NetworkManager without the need of a placeholder connection profile.

      • NetworkManager 1.20 Released With WiFi Mesh Network Support, WireGuard Improvements

        NetworkManager 1.20 brings with it a random assortment of new and improved features. Some of the highlights for NetworkManager 1.20 include support for Open vSwitch DPDK interfaces (OVS DPDK), work towards handling policy routing for WireGuard, the DHCP client defaulting to its internal code path, removal of the old libnm-glib library, a reworked implementation of the settings plugins, support for restarting NetworkManager while maintaining in-memory profiles, support for disabling IPv6 on selected devices, and support for Wi-Fi Mesh Networks. More details on the mesh support can be found via its merge request.

      • FFmpeg 4.2 “Ada”

        FFmpeg 4.2 “Ada”, a new major release, is now available! Some of the highlights:

        tpad filter
        AV1 decoding support through libdav1d
        dedot filter
        chromashift and rgbashift filters
        freezedetect filter
        truehd_core bitstream filter
        dhav demuxer
        PCM-DVD encoder
        GIF parser
        vividas demuxer
        hymt decoder
        anlmdn filter
        maskfun filter
        hcom demuxer and decoder
        ARBC decoder
        libaribb24 based ARIB STD-B24 caption support (profiles A and C)
        Support decoding of HEVC 4:4:4 content in nvdec and cuviddec
        removed libndi-newtek
        agm decoder
        KUX demuxer
        AV1 frame split bitstream filter
        lscr decoder
        lagfun filter
        asoftclip filter
        Support decoding of HEVC 4:4:4 content in vdpau
        colorhold filter
        xmedian filter
        asr filter
        showspatial multimedia filter
        VP4 video decoder
        IFV demuxer
        derain filter
        deesser filter
        mov muxer writes tracks with unspecified language instead of English by default
        added support for using clang to compile CUDA kernels

        We strongly recommend users, distributors, and system integrators to upgrade unless they use current git master.

      • FFmpeg 4.2 “Ada” Open-Source Multimedia Framework Released, Here’s What’s New

        Dubbed “Ada,” the FFMpeg 4.2 series introduces some exciting new features and improvements, among which we can mention support for decoding AV1 files via the libdav1d library, support for ARIB STD-B24 caption (profiles A and C) based on the libaribb24 library, and support for decoding HEVC 4:4:4 content in nvdec and cuviddec.

        FFmpeg 4.2 also comes with support for decoding HEVC 4:4:4 content in VDPAU (Video Decode and Presentation API for Unix), support for using Clang to compile CUDA kernels, the ability for the mov muxer to write tracks with unspecified language instead of English by default, a GIF parser, as well as the removal of the libndi-newtek component.

      • FFmpeg 4.2 Released With AV1 Decoding Support, GIF Parser

        Given the time since the last FFmpeg release, FFmpeg 4.2 is quite big. FFmpeg 4.2 introduces AV1 video decoding support via the DAV1D library, a variety of new filters and demuxers have been added, a GIF parser has been added, there is now support for HEVC 4:4;4 decoding with NVIDIA’s NVDEC and CUDA, support for HEVC 4:4:4 decoding was also added to VDPAU, an AV1 frame split bitstream filter was added, a VP4 video decoder added, and support for Clang to compile CUDA kernels.

      • Daniel Stenberg: more tiny curl

        Without much fanfare or fireworks we put together and shipped a fresh new version of tiny-curl. We call it version 0.10 and it is based on the 7.65.3 curl tree.

        tiny-curl is a patch set to build curl as tiny as possible while still being able to perform HTTPS GET requests and maintaining the libcurl API. Additionally, tiny-curl is ported to FreeRTOS.

      • Proprietary

        • Sysdig Injects More AI into Container Security

          At the Black Hat USA conference, Sysdig today announced it has extended the capabilities of Sysdig Secure to include runtime profiling and anomaly detection enabled by machine learning algorithms with Kubernetes environments.

          At the same time, Sysdig unveiled Falco Rule Builder, a more flexible user interface (UI) for creating runtime security policies, which integrates tightly with Sysdig Secure.

          Knox Anderson, director of product management for Sysdig, says these extensions will make it easier for organizations to embrace best DevSecOps processes by relying on container monitoring and security tools for Kubernetes environments delivered via a software-as-a-service (SaaS) application, dubbed Sysdig Cloud Native Visibility and Security Platform (VSP).

          Sysdig Secure is extending its syscall-level integration to gain deep insights into container runtime activity. Within 24 hours of the image being profiled, enterprises can access a profile that provides insights in all process and file system activity, networking behavior and system calls. DevOps and security teams then can use the learned profile snapshot to create a policy that can be applied to container images in the environment automatically.

        • Multi-cloud: 8 tactics for stronger security

          The “multi” in multi-cloud should make clear from the outset that your security plans will need an update for this modern IT paradigm. You’re no longer protecting a single environment or network, but multiple threat surfaces.

          That’s not a cause for panic. Rather, it’s an impetus for incorporating new tools and tactics into your security strategy – and reinforcing some existing processes.

    • Instructionals/Technical

    • Games

      • Deadly Days continues to be a really fun strategic zombie survival rogue-lite

        After leaving the strategic zombie survival rogue-lite Deadly Days to cook for a while, it’s had a few major updates while in Early Access and it’s really coming along nicely.

        In Deadly Days, your task is to manage a group of survivors as they go through looting various locations while you progress towards finding a cure. Every game is different with a new set of survivors with their own abilities, a different set of missions to go through and so on. As you explore various locations, you guide your crew around the map to find loot, while they automatically use their weapons (or with you manually aiming) to deal with all the Zombies around.

        Looking over recent updates they’ve added in quite a lot to the game since I last checked it out. There’s an entirely new intro, a new main menu, an interactive tutorial to help you understand what to do, a Daily Challenge mode, the start of some Twitch integration, animated trees that can be destroyed, more visual feedback, a new sparkle effect to show you what your survivors can interact with when looting (really helpful), new powers available to you, new items to find, optional objectives you can do during looting missions and loads more.

      • Lost Flame is a new roguelike in Early Access with a focus on the combat and different weapons

        Need a new roguelike to sink some time into? Lost Flame recently arrived on Steam in Early Access and it now has Linux support included too.

      • Non-linear RPG “Dark Envoy” from the developer of Tower of Time announced, planned for Linux

        Developer Event Horizon has my attention, with the announcement of their brand new non-linear RPG called Dark Envoy.

      • Psyonix are removing randomized loot boxes from Rocket League

        Rocket League, the awesome sports game about smacking balls into goals using rocket powered cars is going through some changes.

        Psyonix announced today, that “all paid, randomized Crates” will be removed from Rocket League sometime later this year. Instead, they’re going with “a system that shows the exact items you’re buying in advance” noting similar changes by the Fortnite Save the World team and since Psyonix is now owned by Epic Games it’s no surprise they’re doing this.

      • This War of Mine has a third narrative-driven episode now available with Fading Embers

        11 bit studios have today released This War of Mine: Stories – Fading Embers, the third episode in their narrative-driven expansion set to the popular survival game.

        Offering a very different experience to other survival games, This War of Mine takes place in a besieged city with you trying to keep a group alive against all odds. I enjoyed it a lot, although that feels a bit weird to say considering how bleak the game is.

        Lead Artist on Fading Embers, Tomasz Kisilewicz, said this about the new story: “The new This War of Mine: Stories episode touches on the subject of cultural heritage and what it means during the war. Is it worth preserving even at the darkest times? Or maybe when we’re pushed to our limits, when death and starvation are omnipresent – we change our perception of art and culture? And despite the artistic value – paintings, sculptures and rare books – become mere tools of survival. Just because by destroying them we can postpone our own demise. Is this cost justifiable? Players will have to face those dilemmas for themselves.”

      • Want a copy of Slay the Spire? Enter our competition

        Slay the Spire, the absolutely brilliant fusion of a roguelike and a deck-building card game released with Linux support in January, now is your chance to win a copy.

      • Looks like we might see the end of developers constantly changing their Steam release date

        Steam isn’t perfect, that’s for sure and one particular issue that constantly comes up is how some developers have been abusing the release date display.

        Previously, it seems developers were able to change their upcoming release date whenever they wanted to. Some took advantage of this, to constantly ensure their game showed up on the first two pages of the Coming Soon section on Steam. The issue is that it constantly pushed games with legitimate release dates back, sometimes multiple pages of searching. I saw it all the time and it was a massive nuisance, when clearly a lot of these games had no intention to release then.

    • Desktop Environments/WMs

      • Sean Davis: Xfce Screensaver 0.1.7 Released

        We’ve been hard at work optimizing Xfce’s screensaver to give users the best possible lock and screensaver experience in Xfce. With 0.1.6 and 0.1.7, we’ve dropped even more legacy code, while implementing a long-requested feature, per-screensaver configuration!

      • K Desktop Environment/KDE SC/Qt

        • KDevelop 5.4 Released With Meson Support, Scratchpad Plug-In

          With KDevelop 5.4 one of the main feature additions is finally offering Meson build system support for projects within this IDE. There is support for managing Meson build system setups within KDevelop, auto-completion support, and initial support for the Meson rewriter.

        • Gnome and KDE Coming Together

          The two major Linux projects will work together to create a compatible ecosystem.

          Linux dominates the world, except for the desktop. One of the problems associated with the Linux desktop is fragmentation. In an exclusive interview, Linus Torvalds told me that,”fragmentation of the different vendors have held the desktop back.”

          Primarily this fragmentation comes from competing and often conflicting desktop projects. The good news is that two major Linux desktop community are working on joining hands to eliminate this fragmentation. The GNOME Foundation and KDE e.V. have announced Linux App Summit (LAS) 2019, which will be held in Barcelona from November 12th to 15th, 2019.

      • GNOME Desktop/GTK

        • GNOME 3.34 Desktop Environment Enters Beta, Final Release Lands on September 11

          Released a day earlier than expected, the GNOME 3.34 beta (GNOME 3.33.90) milestone is now available for public testing, also marking the API/ABI, UI and Feature Freeze development stages. The beta release of the GNOME 3.34 desktop environment comes with many updated core components and apps, as detailed here.

          “This is the first beta release for GNOME 3.34. To ensure the quality of the final release, we have entered feature freeze, UI freeze, and API freeze, so now is a good time for distributors planning to ship GNOME 3.34 to start testing the packages,” said Michael Catanzaro in an email announcement.

        • GNOME 3.33.90 released
          Hi developers and testers,
          GNOME 3.33.90 is now available, slightly ahead of schedule for a change!
          This is the first beta release for GNOME 3.34. To ensure the quality of the final release, we have entered feature freeze, UI freeze, and API freeze, so now is a good time for distributors planning to ship GNOME 3.34 to start testing the packages.
          If you want to compile GNOME 3.33.90, you can use the official BuildStream project snapshot. Thanks to BuildStream's build sandbox, it should build reliably for you regardless of your host system:
          The list of updated modules and changes is available here:
          The source packages are available here:
          This release is a snapshot of development code. Although it is buildable and usable, it is primarily intended for testing and hacking purposes. GNOME uses odd minor version numbers to indicate development status.
          For more information about 3.33, the full schedule, the official module lists and the proposed module lists, please see our 3.33 wiki page:
        • GNOME 3.34 Beta Released – Now Under UI/Feature/API/ABI Freezes

          The GNOME 3.34 beta (v3.33.90) release is now available one day early and also marks the point at which the feature freeze is in effect along with the user-interface changes and no API/ABI breakage.

        • Cinnamon Desktop (Gnome3 fork) vs MATE Desktop (Gnome2) a review

          Cinnamon is the principal desktop environment of the Linux Mint distribution and is available as an optional desktop for other Linux distributions and other Unix-like operating systems as well.

          The development of Cinnamon began as a reaction to the April 2011 release of GNOME 3 in which the conventional desktop metaphor of GNOME 2 was abandoned in favor of GNOME Shell.

          Following several attempts to extend GNOME 3 such that it would suit the Linux Mint design goals, the Mint developers forked several GNOME 3 components to build an independent desktop environment.

          Separation from GNOME was completed in Cinnamon 2.0, which was released in October 2013.

          Applets and desklets are no longer compatible with GNOME 3.

    • Distributions

      • Screenshots/Screencasts

      • PCLinuxOS/Mageia/Mandriva Family

        • PCLinuxOS Family Member Spotlight: Aragorn

          In December 1999. I had never been one to accept the hardware manufacturer’s choice of operating system, and while my first ever PC came with DOS 5.0 and Windows 3.0 – which I’ve used for about six months – I wanted to have OS/2 on my computer, and so I’ve used OS/2 for over five years. Then I needed a new computer, and I really wanted a UNIX system, but that would have been very expensive, and it was hard to come by. My friends were (of course) all using Windows 95, but that was a DOS-based system, and after having used a real 32-bit operating system for over five years, and with the new computer having a Pentium II processor, I wasn’t going to settle on anything DOS-based. So I compromised and I got Windows NT 4.0. I used that for two years.

          Then, late in 1999, I read an article in a computer magazine in which they were discussing several GNU/Linux distros – SuSE, Mandrake, RedHat, Slackware, Debian, Caldera and TurboLinux. Two weeks later I was at a software shop to buy a Microsoft Encarta for my brother as a Christmas gift, and there on the shelf were several of those distros that the magazine had touched upon. I hesitated, but eventually I picked up the Mandrake box – it was the 6.0 PowerPack – and I took it with me to the cashier.

          I ran Mandrake in dual-boot with NT 4.0 for about a month, and then, on the 1st of January 2000, NT 4.0 refused to boot, in spite of the service packs and the official Microsoft Y2K pack I had installed. GNU/Linux booted up fine, and so my choice to stick with that was easily made. I was already seriously impressed by GNU/Linux and the whole Free & Open Source Software philosophy anyway. I’ve never looked back.

          I’ve used several distros over the years. On my own computers, it has mainly been Mandrake (before it became Mandriva), PCLinuxOS, Mageia and Gentoo. But between 2002 and 2009 or so, I ran an IRC network with a bunch of people, and we ran Mandrake and CentOS on our servers. We also had one machine with Debian, but that one was located in Norway and I wasn’t the admin of that box.

      • Arch Family

        • Is Arch Linux Better than Ubuntu?

          Arch Linux and Ubuntu are two major players in the Linux world. Both have a gigantic fan base, with many people taking a hard stance in favor of one and against the other. These distributions have each spawned a whole family of derivative distributions which are large players in their own right. But which is better? Is Ubuntu the undisputed and reigning king? Is Arch really the best distribution, reserved for the Linux elite? The answer is both sort-of-yes and yes.

      • Debian Family

        • SparkyLinux Gets New Development Cycle Based on Debian GNU/Linux 11 “Bullseye”

          Work on the SparkyLinux “Po Tolo” series has started as a semi-rolling release version where users install the operating system once and receive updates forever. The first snapshot, SparkyLinux 2019.08, is now available to download based on the software repositories of Debian GNU/Linux 11 “Bullseye.”

          SparkyLinux 2019.08 “Po Tolo” is contains an updated system from the Debian Testing repositories as of August 1st, 2019, and comes with the GCC 9 system-wide compiler, though GCC 8 is still used by default. This release is powered by Linux kernel 4.19.37, though Linux kernel 5.2.5 is available on the SparkyLinux unstable repos.

      • Canonical/Ubuntu Family

        • Launchpad news, March 2019 – July 2019

          Here’s a brief changelog of what we’ve been up to since our last general update.

        • Declarative vs Imperative: DevOps done right

          Deciding whether to automate workloads, while designing your ICT infrastructure, is trivial. It’s 2019 and automation is everywhere around. However, deciding which DevOps paradigm to choose and which tool to use, may not be that obvious. In order to assist you with the ‘declarative vs imperative’ decision-making process, this blog briefly introduces existing DevOps paradigms, presents the main differences between them and outlines the key benefits of using declarative DevOps with charms.


          All right, all of that sounds great, but where is the ‘magic’ coming from? Imagine pieces of code which contain all necessary instructions to deploy and configure applications. This includes a collection of scripts and metadata, such as configuration file templates. Such pieces of software, called charms, provide the ‘magic’ described. The users no longer have to think about low-level instructions. This logic is already implemented in the charms. Instead they can focus on shaping the applications being deployed and modelling the entire deployment by relating one application with others. For example, should the database being deployed listen on a different port than the default one?. Or how many concurrent connections should it allow? All the user has to do is to declare the ultimate state.

        • Ubuntu Server development summary – 06 August 2019

          The purpose of this communication is to provide a status update and highlights for any interesting subjects from the Ubuntu Server Team.

        • Linux Mint 19.1 Users Can Now Upgrade to Linux Mint 19.2 “Tina,” Here’s How

          Released last week, the Linux Mint 19.2 “Tina” operating system is based on Canonical’s long-term supported Ubuntu 18.04 LTS (Bionic Beaver) operating system series and ships with up-to-date components and apps, including the latest Cinnamon 4.2, MATE 1.20, and Xfce 4.2 desktop environments.

          Linux Mint 19.1 “Tessa” has been on the market for the past seven months, so it is time to upgrade it and enjoy all the latest GNU/Linux technologies and Open Source applications. Some will choose to reinstall their computers as a fresh install is always recommended, but many will want to upgrade as it’s painless.

        • Linux Mint 19.2 ‘Tina’ Released: A Polished And Free Windows Alternative

          With each passing year, the Linux desktops are becoming more complete than ever. Multiple Linux distros are now known to offer a much better gaming experience and high-definition display performance. Pop!_OS, Manjaro, and Zorin OS are some of the notable examples.

          Over the course of last decade, Linux Mint has been able to establish itself as a user-friendly Linux distro that can be used as a replacement for Windows and macOS. Just recently, the Mint development team released Linux Mint 19.2 ‘Tina.’ As it’s a long term release that’ll remain supported until 2023, you don’t have to worry about running an insecure system that doesn’t get updates.

        • Linux Mint 19.2 “Tina” Review (Cinnamon Edition)
        • Why Canonical views the Snap ecosystem as a compelling distribution-agnostic solution

          For roughly two decades, Linux distributions have been the first choice for servers. Hardware support for Linux on the desktop has historically been an encumbrance to widespread adoption, though support for modern hardware on modern distributions has progressed such that most hardware is detected and configured correctly upon installation.

          With these advances in hardware support, the last significant challenge users face when switching from Windows or Mac to a Linux distribution is app distribution and installation. While distribution-provided repositories are useful for most open source software, the release model of distributions such as Ubuntu or Fedora lock in users to a major version for programs for the duration of a particular release.

        • Why Canonical Views the Snap Ecosystem as a Compelling Distribution-Agnostic Solution

          Canonical’s Martin Wimpress addresses Snaps, Flatpak, and other competing standards, and community unease around Canonical’s control of the Snap store.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • EFF Delegation Returns from Ecuador, says Ola Bini’s Case is Political, Not Criminal

        Globally Recognized Technologist Still Facing Charges in Drawn-Out Prosecution
        San Francisco – A team from the Electronic Frontier Foundation (EFF) has returned from a fact-finding mission in Quito for the case of Ola Bini—a globally renowned Swedish programmer who is facing tenuous computer-crime charges in Ecuador.

        Bini was detained in April, as he left his home in Quito to take a vacation to Japan. His detention was full of irregularities: for example, his warrant was for a “Russian hacker,” and Bini is Swedish and not a hacker. Just hours before Bini’s arrest, Ecuador’s Minister of the Interior, Maria Romo, held a press conference to announce that the government had located a “member of Wikileaks” in the country, and claimed there was evidence that person was “collaborating to destabilize the government.” Bini was not read his rights, allowed to contact his lawyer, or offered a translator.

        Bini was released from custody in June, following a successful Habeas Corpus plea by his lawyers. But he is still accused of “assault on the integrity of computer systems”—even though prosecutors have yet to make public any details of his alleged criminal behavior.

      • Web Browsers

        • Mozilla

          • Extensions in Firefox 69

            In our last post for Firefox 68, we’ve introduced a great number of new features. In contrast, Firefox 69 only has a few new additions. Still, we are proud to present this round of changes to extensions in Firefox.

          • Revamping Firefox’s Reader Mode this Summer

            For me, getting all set to read a book would mean spending hours hopping between stores to find the right lighting and mood to get started. But with Firefox’s Reader Mode it’s now much more convenient to get reading on the go. And this summer, I have been fortunate to shift roles from a user to a developer for the Reader Mode . As I write this blog, I have completed two months as a Google Summer of Code student developer with Mozilla. It has been a really enriching experience and thus I would like to share some glimpses of the project and my journey so far.

          • The Tall-Tale Clock: The myth of task estimates

            On the MDN team, we have begun over the past year to use a time unit we call the hypothetical ideal day or simply ideal day. This is a theoretical time unit in which you are able to work, uninterrupted, on a project for an entire 8-hour work day. A given task may take any appropriate number of ideal days to complete, depending on its size and complexity. Some tasks may take less than a single ideal day, or may otherwise require a fractional number of ideal days (like 0.5 ideal days, or 1.25 ideal days). We generally round to a quarter of a day.

      • Productivity Software/LibreOffice/Calligra

        • LibreOffice QA Report: July 2019

          LibreOffice 6.2.5 was announced on July 4
          LibreOffice 6.3 RC1, RC2 and RC3 were released throughout the month
          A Bug Hunting Session for LibreOffice 6.3 RC1 was help on July 8
          The 6 GSOC students passed the second evaluation. Reports with their weekly work are sent to the development mailing list
          Olivier Hallot has created Redaction and FOURIER function new help pages
          Ashod Nakashian (Collabora) implemented multiple selections in Slide sorter
          Tamás Zolnai (Collabora) continues his Interoperable text-based form controls work

      • Education

        • Open Source Success in Schools – Something to make a “FUSS” about

          Since he was a child, Marco Marinello has always found computers and how they operate intriguing. His father introduced him to the world of computer science early, including the basics of Linux system administration. Fortunately his own school — and in fact all of the South Tyrol region where he lives — runs a modified version of Debian (“Free Upgrade in Southtyrol’s Schools” or “FUSS”) for both administrative computing, and significantly for Marco, on student laptops as well. Free and Open Source Software provides schools and students unique educational opportunities while enhancing the technology services offered to teachers, administrators, families, and ultimately the community they serve.

          Motivated by his own interests and with the support of the Bozen-Bolzano School District and staff, Marco began volunteering with the maintenance of his local school network. The opportunity to work hands-on with the technology, learn from working professionals, and help his community, fostered his curiosity and promoted exploration of computers and computing: he soon found himself programming, teaching himself HTL and Python.

        • Genetic Survival Game ‘Niche’ Will be Free for Schools, on Sale for Everyone Else

          There is one critical caveat, however. Niche will not run on Chromebooks, smartphones, or tablets, so classrooms are going to need to be equipped with at least a low-end PC running Windows 7, Mac OSX 10.8, or Ubuntu 12.04 or higher.


        • From the Railway to the Ether

          Proprietary software is the foundation of the digital colonialism; and Richard Stallman reasoned a “nonfree program is a yoke, an instrument of unjust power.” The closed-source software has limitations of use and distribution which means users cannot create or modify the software to add capabilities not envisaged by its originators.

          However, open-source software alone is not enough to protect the public interest because surveillance capitalism has given rise to centralised internet services beyond the control of the user. The cloud service provides petabytes of information to corporations, who then use the data to train their artificial intelligence systems. So those with the best artificial intelligence services will be able to attract more users giving them even more data to make their services better, and so forth. The concentration of data becomes the concentration of power; in the sense that “data is the new oil.”

      • Programming/Development

        • What’s the point: TensorFlow, Istio, glibc, Cloudera Altus Director, and all’s well that ends well for Linux floppy driver

          If you find your machine learning models to be a bit too large, TensorFlow’s Model Optimization Toolkit now comes with an implementation for post-training float16 quantisation. The new addition quantises model constants like weights to a reduced precision floating point data type, leading to smaller models with only little accuracy lost, according to the TF team.

          To enable this algorithm, you’ll have to use the default optimisation settings on a trained float32 model with the supported types of the target spec set to float16. When using a GPU, the reduced precision parameter can be run directly, without the conversion step.

        • Python list comprehension with Examples

          Python is an object oriented programming language. Almost everything in them is treated consistently as an object. Python also features functional programming which is very similar to mathematical way of approaching problem where you assign inputs in a function and you get the same output with same input value. Given a function f(x) = x2, f(x) will always return the same result with the same x value. The function has no “side-effect” which means an operation has no effect on a variable/object that is outside the intended usage. “Side-effect” refers to leaks in your code which can modify a mutable data structure or variable.

        • Image Classification with Transfer Learning and PyTorch

          Transfer learning is a powerful technique for training deep neural networks that allows one to take knowledge learned about one deep learning problem and apply it to a different, yet similar learning problem.

          Using transfer learning can dramatically speed up the rate of deployment for an app you are designing, making both the training and implementation of your deep neural network simpler and easier.

          In this article we’ll go over the theory behind transfer learning and see how to carry out an example of transfer learning on Convolutional Neural Networks (CNNs) in PyTorch.

        • A $1 Billion Open Source Company With No Headquarters: Sid Sijbrandij Of GitLab

          GitLab is one of the most promising open source companies that is valued at $1 billion. What sets GitLab parts from other tech companies is its unique culture. First and foremost, it’s an all remote company that doesn’t have any headquarter. Its work culture focusses more on results than on how many hours you worked. One of the byproduct of this culture is tackling Climate Change in a way most of us didn’t even think of. We sat down with the founder of GitLab to better understand his ideas behind GitLab.

        • Python to Find Difference Between Two Lists

          In this tutorial, we’ll discover two Pythonic ways to find the Difference Between Two Lists. One of the methods is using the Python Set. It first converts the lists into sets and then gets the unique part out of that. Other non-set methods compare two lists element by element and collect the unique ones. We can implement these by using nested for loops and with the list comprehension. By the way, if you are not aware of the sets in Python, then follow the below tutorial. It would quickly introduce you to how Python implements the mathematical form of Set.

        • 11 Beginner Tips for Learning Python

          We are so excited that you have decided to embark on the journey of learning Python! One of the most common questions we receive from our readers is “What’s the best way to learn Python?”

          The first step in learning any programming language is making sure that you understand how to learn. Learning how to learn is arguably the most critical skill involved in computer programming.

        • PyCoder’s Weekly: Issue #380 (Aug. 6, 2019)
  • Leftovers

    • Hardware

      • Intel Xeon Cooper Lake To Offer Up To 56 Cores Per Socket Next Year

        Intel decided today to reveal a few new details about their Xeon “Cooper Lake” processors due out in H1’2020.

        Intel formally confirmed that their next-generation Xeon Scalable CPUs will offer up to 56 cores per socket, feature BFloat16 / DL-BOOST, higher memory bandwidth, and a lower power envelope than today’s Platinum 9200 AP processors.

    • Health/Nutrition

      • The Price to Consumers of Generic Pharmaceuticals: Beyond the Headlines

        Generic drug prices have been the focus of much attention in recent years, with Congressional committees, executive agencies and private organizations all conducting investigations into the pricing patterns for generic drugs. Price spikes for selected old, off-patent drugs have also been widely reported in the media. To place these generic price increases into context, we construct two chained Laspeyres consumer price indexes (CPIs), using the 2007-2016 IBM MarketScan Commercial Claims and Encounters Research Database. The first (“direct out-of-pocket CPI”) measures consumers’ direct out-of-pocket payments to the dispensing pharmacy, while the second (“total CPI”) represents the total revenues received by the dispensing pharmacy – the consumers’ direct out-of-pocket payments plus the amount paid to the pharmacy by the insurer on behalf of the consumer. We find the chained direct-out-of-pocket CPI for generic prescription drugs declines by about 50% between 2007 and 2016, while the total CPI falls by nearly 80% over the same time period. The smaller decline in the direct out-of-pocket CPI than in the total CPI is due in part to consumers’ increasingly moving away from fixed copayment benefit plans to pure coinsurance or a mixed package of coinsurance and copayments. While consumers are experiencing more cost sharing that in fact shifts more of the drug cost burden on to them, on balance in the US consumers have experienced substantial price declines for generic drugs.

    • Security (Confidentiality/Integrity/Availability)

      • Security updates for Tuesday

        Security updates have been issued by Arch Linux (chromium), Debian (glib2.0 and python-django), Fedora (gvfs, kernel, kernel-headers, kernel-tools, and subversion), Oracle (icedtea-web, nss and nspr, and ruby:2.5), Red Hat (advancecomp, bind, binutils, blktrace, compat-libtiff3, curl, dhcp, elfutils, exempi, exiv2, fence-agents, freerdp and vinagre, ghostscript, glibc, gvfs, http-parser, httpd, kde-workspace, keepalived, kernel, kernel-rt, keycloak-httpd-client-install, libarchive, libcgroup, libguestfs-winsupport, libjpeg-turbo, libmspack, libreoffice, libsolv, libssh2, libtiff, libvirt, libwpd, linux-firmware, mariadb, mercurial, mod_auth_openidc, nss, nss-softokn, nss-util, and nspr, ntp, opensc, openssh, openssl, ovmf, patch, perl-Archive-Tar, polkit, poppler, procps-ng, python, python-requests, python-urllib3, qemu-kvm, qemu-kvm-ma, qt5, rsyslog, ruby, samba, sox, spice-gtk, sssd, systemd, tomcat, udisks2, unixODBC, unzip, uriparser, Xorg, zsh, and zziplib), SUSE (ardana packages, ceph, mariadb, postgresql10, python-requests, and python3), and Ubuntu (bash and glib2.0).

      • CVE-2019-1125 “SWAPGS” Is The Newest Spectre Vulnerability

        CVE-2019-1125 was made public today or also referred to as the “SWAPGS” vulnerability as a new variant of Spectre V1 affecting Windows and Linux with Intel (and according to mixed information, AMD – though the current Linux kernel patches at least seem to only apply to Intel) x86_64 processors.

      • SWAPGS Vulnerability in Modern CPUs Fixed in Windows, Linux, ChromeOS

        Andrei Vlad Lutas of Bitdefender discovered this vulnerability while performing research on CPU internals and reported it to Intel in August 2018.

      • Silent Windows update patched side channel that leaked data from Intel CPUs
      • Zero-Day Bug in KDE 4/5 Executes Commands by Opening a Folder [Ed: This FUD was spread by a former Bleeping Computer writer whom CBS hired to attack Linux; this supposed threat requires one to download and open malicious files. Now his ex-colleagues follow. What Bleeping Computer calls "zero day" is you crafting a malicious file (or download, then execute one). But back doors don't bother these charlatans. They have been doing this for years and CBS rewarded one of them with a job.]

        An unpatched zero-day vulnerability exists in KDE 4 & 5 that could allow attackers to execute code simply by tricking a user into downloading an archive, extracting it, and then opening the folder.

      • Windows Quietly Patches Bug That Could Reverse Meltdown, Spectre Fixes for Intel CPUs

        Spectre and Meltdown was a massive flaw in the way Intel processors handled speculative execution, a technique used in modern processors to enhance performance, that was first revealed in 2018. Speculative execution relies on predicting which calculations a processor will need to perform in advance, allowing it to work on tasks in advance and in parallel fashion rather than strictly sequentially. Unfortunately, it turned out an unfixable hardware flaw in virtually every one of Intel’s CPUs meant that they didn’t check permissions correctly and leaked information about speculative commands that were never run, possibly allowing an attacker glimpses at ultra-sensitive kernel memory.

      • SWAPGS Attack — New Speculative Execution Flaw Affects All Modern Intel CPUs

        A new variant of the Spectre (Variant 1) side-channel vulnerability has been discovered that affects all modern Intel CPUs, and probably some AMD processors as well, which leverage speculative execution for high performance, Microsoft and Red Hat warned.

        Identified as CVE-2019-1125, the vulnerability could allow unprivileged local attackers to access sensitive information stored in the operating system privileged kernel memory, including passwords, tokens, and encryption keys, that would otherwise be inaccessible.

      • SWAPGS Vulnerability in Modern CPUs Fixed in Windows, Linux, ChromeOS

        At BlackHat today, Bitdefender disclosed a new variant of the Spectre 1 speculative execution side channel vulnerabilities that could allow a malicious program to access and read the contents of privileged memory in an operating system.

        This SWAPGS vulnerability allows local programs, like malware, to read data from memory that is should normally not have access to, such as the Windows or Linux kernel memory.

        Andrei Vlad Lutas of Bitdefender discovered this vulnerability while performing research on CPU internals and reported it to Intel in August 2018.

        In a statement from Intel, BleepingComputer was told that after the vulnerability was disclosed to them, they descided to address this on a software level and Microsoft took over coordination of the vulnerability.

    • Environment

      • Energy

        • Explosions in Three States Highlight Dangers of Aging Fossil Fuel Infrastructure

          On August 1, for the third time in as many years, Enbridge’s Texas Eastern Transmission gas pipeline exploded. This tragic incident in central Kentucky killed a 58-year-old woman, Lisa Denise Derringer, and injured at least five others. Flames towered 300 feet high when the 30-inch diameter pipe ruptured at 1 a.m. and forced at least 75 people to evacuate.

          “We opened the backdoor and it was like a tornado of fire going around and around and he said we were trapped,” survivor Jodie Coulter, 53, told CBS News, describing her efforts to flee on foot. Coulter, whose house was within 600 feet of the pipeline, suffered third-degree burns on her arms. “It felt like we were standing next to a blow torch.”

    • Censorship/Free Speech

      • Opening the Door for Censorship: New Trademark Enforcement Mechanisms Added for Top-Level Domains

        With so much dissatisfaction over how companies like Facebook and YouTube moderate user speech, you might think that the groups that run the Internet’s infrastructure would want to stay far away from the speech-policing business. Sadly, two groups that control an important piece of the Internet’s infrastructure have decided to jump right in.

        The organization that governs the .org top-level domain, known as Public Interest Registry (PIR), and the Internet Corporation for Assigned Names and Numbers (ICANN) are expanding their role as speech regulators through a new agreement, negotiated behind closed doors. And they’re doing it despite the nearly unanimous opposition of nonprofit and civil society groups—the people who use .org domains. EFF is asking ICANN’s board to reconsider.

        ICANN makes policies for resolving disputes over domain names, which are enforced through a web of contracts. Best-known is the Uniform Domain Name Dispute Resolution Policy (UDRP), which allows trademark holders to challenge bad-faith use of their trademarks in a domain name (specifically, cybersquatting or trademark infringement). UDRP offers a cheaper, faster alternative to domain name disputes than court. When ICANN began to add many new top-level domains beyond the traditional ones (.com, .net, .org, and a few others), major commercial brands and their trademark attorneys predicted a plague of bad-faith registrations and threatened to hold up creation of these new top-level domains, including much-needed domains in non-Latin scripts such as Chinese, Arabic, and Cyrillic.

      • Have You Heard? If You Spread ‘Hurtful’ Rumors In China, You’ll Be Thrown Off The Internet For Years

        The Chinese authorities really don’t like rumors being spread. Back in 2012, Techdirt reported on a “five strikes and you’re out” plan for throwing rumormongers off social media for 48 hours. That obviously didn’t work too well, since in 2013 a tougher line was introduced: three years in prison if you get 500 retweets of a “hurtful” rumor.

      • Gizmodo: Why Can’t YouTube Do ‘Good’ Content Moderation? Answer: Because It’s Fucking Impossible

        We’ve had something of a long-running series of posts on the topic of content moderation, with our stance generally being that any attempt to do this at scale is laughably difficult. Like, to the point of being functionally impossible. This becomes all the more difficult when the content in question is not universally considered objectionable.

        Tech firms tend to find themselves in the most trouble when they try to bow to this demand for content moderation, rather than simply declaring it to be impossible and moving on. The largest platforms have found themselves in this mess, namely Facebook and YouTube. YouTube, for instance, has released new moderation policies over the past two months or so that seek to give it broad powers to eliminate content that it deems to be hate speech, or speech centered on demographic supremacy. Wanting to eliminate that sort of thing is understandable, even if you still think it’s problematic. Actually eliminating it at scale, and in a way that doesn’t sweep up collateral damage and garners wide support, is impossible.

        Which makes it frustrating to read headlines such as Gizmodo’s recent piece on how YouTube is doing with all of this.

    • Privacy/Surveillance

      • Oversight Report Shows The NSA Did Not Delete All The Inadvertently-Collected Phone Records It Claimed It Had Deleted

        Ever since Ed Snowden doxed the NSA’s phone records collection, the agency has been coughing up documents showing its multiple collection programs have never not been abused since its was granted more power shortly after the 9/11 attacks.

        The putative sacrificial lamb offered up to angry Congressional reps and dismayed citizens was the Section 215 program. Well, only a small part of it, actually. The NSA would continue to hoover up business records without a warrant, but it was having trouble working within the confines of modifications forced upon it by the USA Freedom Act.

        Rather than use its considerable expertise to tackle the problem of over-collection, the NSA has apparently decided to abandon this collection altogether. It only took six years since the first Snowden leak, but it’s something. But the NSA’s uninterrupted string of abuses continued right up to its offer to shutter the program — something that won’t actually be official until Congress codifies the abandonment.

      • Trump Calls On Social Media Companies To Become Pre-Crime Agents

        Every time there are mass shootings in America, the public discourse disolves into a muck of tribal finger-pointing. We blame guns, video games, past Presidents, Congress, homosexuality, the decline of the nuclear family, mental illness, the internet, and on and on. Nothing gets done, no proposed solutions are adopted, and those proposed solutions gradually become all the more insane. The truth is more nuanced than can fit into a soundbite on some cable news program, but somehow the debates soaked in blood and grief never acknowledge this. If there is to be a sea change in the rate of incidents of mass violence in this country, this will have to change.


        In the case of social media companies partnering with law enforcement to do this sort of behavioral pre-crime, the problems will be all the worse. Algorithms aren’t great at nuance, nor are they good at such subtleties as humor, embellishment, vernacular, and different cultural norms. People talk to each other, and post on social media, in different ways. The number of folks that will be caught up for otherwise innocent behavior, garnering visits from law enforcement worried that they will be shooting up their local big box store, is going to be enormous.

        And that would be the case even if Trump had an actual plan rather than these vague proclamations, which he very much does not.

    • Civil Rights/Policing

      • Protest Song Of The Week: ‘Bol’ By Sarathy Korwar

        The London-based percussionist and producer Sarathy Korwar crafted a protest album centered on the backlash against refugees and immigrants. “There are more arriving, and you’re gonna have to deal with it,” his latest album declares.

        “More Arriving” features a song called “Bol,” where he cycles through a series of stereotypes used to define him as a brown man, who grew up in India (even though he was born in the United States.)

        The nine-minute track builds like a free jazz composition. Its multiple instruments capture the defiance of the lyrics.

        “I’m Shiva. I’m al Qaeda. I am auditioning for the role of Terrorist #1,” Korwar raps. “Yeah, I can do that in an Arabic accent.”

      • Corporal punishment address by KZN MEC shocking – IFP

        The IFP is shocked at the address by MEC for Arts and Culture, Sport and Recreation, Hon Hlengiwe Mavimbela over the past weekend at Umkhosi Wesivivane in Nongoma.

        The MEC is reported to have encouraged parents to implement corporal punishment. To our knowledge, this is against the law. It is shocking that a provincial member of government can take the podium at a government function and encourage law abiding citizens of the country to break the law. If the MEC has issues with the policy of government, which is ANC policy anyway, a political party that has put her in government, she should rather take this up with her political party through the correct channels of engagement within her party.

        As we speak, our department of education in the country and in our province has a major challenge of violence and assault in schools to both learners and educators. There are pending court cases relating to these incidents of violence in our schools. Hence, for an MEC to launch attacks to children by their parents and guardians with these kinds of unbecoming behaviors hanging over the communities is uncalled for.

    • Internet Policy/Net Neutrality

      • The FCC Finally Starts Taking America’s Shitty Broadband Maps More Seriously

        For a country that likes to talk about “being number one” a lot, that’s sure not reflected in the United States’ broadband networks, or the broadband maps we use to determine which areas lack adequate broadband or competition (resulting in high prices and poor service). Our terrible broadband maps are, of course, a feature not a bug. ISPs have routinely lobbied to kill any efforts to improve data collection and analysis, lest somebody actually realize the telecom market is a broken mono/duopoly whose dysfunction reaches into every aspect of tech.

        While these shaky maps have been the norm for several decades, recent, bipartisan pressure by states (upset that they’re not getting their share of taxpayer subsidies because we don’t actually know where broadband is) has finally forced even the Ajit Pai FCC to take some modest action.


        While the political pressure has finally forced industry-friendly Pai to act, there’s still plenty of issues remaining. For example the FCC still refuses to publicize the pricing data ISPs provide the FCC, because the industry claims that data will only benefit competitors. Of course the real reason they don’t want that data publicized is it would only further emphasize that Americans pay some of the highest prices for data in the developed world thanks to cable broadband monopolies across huge swaths of the US.

        The other problem is one of accountability. Pai has yet to hold giant ISPs accountable on any issue of substance, so whether his FCC would actually punish ISPs that don’t comply remains an open question. The entire proposal also shovels off much of the heavy lifting to the Universal Service Administrative Company (USAC), an agency that has never managed an effort of this scale before. So while it’s great to see the Pai FCC take steps to improve a longstanding sore spot in American broadband, it might be wise to avoid popping the bubbly until we see if the proposal is correctly applied and enforced.

    • Monopolies

      • Patents and Software Patents

        • Patent case: Válvulas Arco v Standard Hidráulica, Spain

          On 12 February 2019, the influential Barcelona Court of Appeal (Section 15) issued an interesting judgment clarifying the role played by a patent’s drawings for the purpose of interpreting the scope of protection of the claims. This judgment has reversed a previous first instance decision which, according to the Court of Appeal, unduly relied on a drawing illustrating a preferred embodiment of the invention to limit the scope of protection of the claims.

        • When will the appeal fee be refunded?: G 1/18, the decision

          The Enlarged Board of Appeal (EBA) decision G1/18 was recently published in French (IPKat post here). The decision can now also be read in English (with the aid of google translate). This Kat has thus now been able to add the decision to her summer reading! Readers who are not already familiar with this case, may also wish to keep their Visser handy…


          In order to arrive at the correct interpretation of Article 108 EPC, the EBA applied the jurisprudence of the EBA and the provision on the interpretation of treaties provided by Vienna Convention. In particular, the EPC should first be interpreted according to the ordinary meaning of the words. It should then be confirmed as to whether this interpretation is in line with the words in the context of the EPC as a whole and the intention of the legislator.

          The EBA interpreted each sentence of Article 108 EPC in turn. In English, the first sentence of Article 108 EPC refers to “The notice of appeal”. In German and French, Article 108 EPC specifies “Die Beschwerde” (roughly, “the appeal”) and not the “Die Beschwerdeschrift” (roughly, “the notice of appeal”). The initial versions of the first sentence of Article 108 EPC (EPC 1973) were written only in German and French. The EBA concluded that it was the intention of the legislator that “appeal filed” and “notice of appeal filed” should be understood as equivalent. Similarly, “appeal not filed” and “notice of appeal not filed” should also be understood as equivalent.

          The second sentence of Article 108 EPC specifies that the “the notice of appeal [i.e. appeal] shall not be deemed to have been filed until the fee for appeal has been paid”. This sentence produces the legal fiction that the appeal is only deemed to have been filed after payment of the appeal fee.

        • News from Abroad — Australia Reigns Supreme over U.S. in Patenting Diagnostic Methods [Ed: This is a disaster to patent scope and quality. Who benefits? Predatory lawyers. They can help kill some poor people by inflating treatment prices, via monopoly]

          This decision, and the recent decision in Meat & Livestock Australia Limited v Cargill, Inc [2018] FCA 51, make it clear that claims directed to practical applications of naturally-occurring phenomena, including gene sequences, used in methods of diagnosis and prognosis are patent eligible subject matter in Australia. This will come as a welcome relief to the diagnostics and personal medicine industry and can be considered as “one small step” forward for Australian patent law but also, hopefully, “one giant leap” that influences beneficial change to the patent eligibility laws in the U.S.

        • Can a robot be an inventor? A new patent filing aims to find out

          Years after a photogenic macaque snapped a photo of itself on a wildlife photographer’s unguarded camera, and PETA filed a federal lawsuit to give the monkey the copyright for his viral selfies, the Ninth Circuit Court of Appeals ruled that animals cannot hold a copyright under current law. In fact, since the dispute started, the U.S. Copyright Office went ahead and specifically listed “a photograph taken by a monkey” as an example of an item that cannot be copyrighted.

          So if monkeys and other animals can’t own copyrights, can artificial intelligence create protected intellectual property? A new patent filing in the U.K. aims to find out.

          An international team led by AI activist Ryan Abbott, a law professor at the University of Surrey, has filed the first-ever patent applications for two inventions created autonomously by artificial intelligence without a human inventor.

          The AI inventor, named DABUS by its creator, Stephen Thaler, was previously best known for creating surreal art, but it was designed to come up with new ideas and then assess those ideas for consequences, novelty, and salience. So far the series of neural networks that makes up DABUS has come up with two ideas that may be worth patenting. According to a press release, one patent application is for “a new type of beverage container based on fractal geometry,” which sounds pretty sweet, while the other is for a device that can help attract attention that could be useful in search and rescue operations.

          While patent offices in the United Kingdom and the EU have accepted that the patent applications meet the bar of “new, inventive and industrially applicable,” the question of whether an AI can be legally granted a patent has not been considered yet. “There would be no question the AI was the only inventor if it was a natural person,” said Abbott in a statement. “In these applications, the AI has functionally fulfilled the conceptual act that forms the basis for inventorship.”

        • tZERO Announces Patent for Traditional Exchange Blockchain Integration [Ed: Abstract and just because you say blockchain doesn't make these patents less fake]

          The company announced the development in a press release published on Aug. 6. The patent reportedly describes an integration by the Time Ordered Merkle Epoch (TOME) methodology. The release’s author explains TOME as “a base-layer technology that uses digital signatures to record and verify time-series data such as trades, executions and settlements.”


          The company further declared that, in conjunction with another system patented by the company, TOME enables linkage of the settlement of tokenized blockchain-based securities on a public blockchain with legacy trading systems. Crunchbase estimates tZERO’s annual revenue to be $8.5 million, and according to the press release the firm is a keiretsu company of Medici Ventures, the blockchain subsidiary of U.S. retail giant Overstock.

        • HTC smartphones pulled from sale in UK during patent row [Ed: German patent troll removes good products from the market... in the UK (showing the patent system has done all wrong)]

          HTC has stopped offering its phones for sale in the UK while it is involved in an intellectual property dispute.
          The Taiwanese company’s online store currently lists all of its models as “out of stock” despite the fact they remain available in other nations.
          HTC has been involved in a long-running dispute with research and development company Ipcom over a wireless technology developed for car phones.
          To resolve it, HTC agreed to sell only mobiles with a workaround in the UK.
          However, Munich-based Ipcom has alleged it carried out tests earlier this year that showed no workaround had been implemented.


          An HTC spokeswoman said: “As a leading innovator, HTC takes intellectual property issues very seriously.
          “We are proactively investigating an infringement claim by a third party with respect to a single handset model.”
          HTC was the first manufacturer to sell an Android handset, in 2008. A decade later, it sold part of its smartphone division to Google.

        • Microsoft Patent Application is a Advanced, Multi-Dimensional Sensor Device for Wearables [Ed: Microsoft is a creepy surveillance company. This is where it goes with patents]
        • Network-1 Receives New Patent from U.S. Patent Office Expanding Its Cox Portfolio To Include 33 Issued Patents [Ed: The patent office keeps feeding patent trolls like this one with notorious patents]

          On April 4, 2014 and December 3, 2014, Network-1 initiated litigation against Google Inc. (“Google”) and YouTube, LLC (“YouTube”) in the U.S. District Court for the Southern District of New York for infringement of several patents within its Cox Patent Portfolio. The lawsuit alleges that Google and YouTube have infringed and continue to infringe the asserted patents by making, using, selling and offering to sell unlicensed systems and related products and services, which include YouTube’s Content ID system.

      • Copyrights

        • Heather Humphreys reassured Google over EU copyright reform

          Ireland achieved “significant improvements” to European copyright reforms to “allay the concerns” of Google and other major technology firms, a Minister told the online search giant earlier this year.
          Minister for Business, Employment and Innovation Heather Humphreys made the remarks in a phone call with a senior Google executive about new European laws on copyright.

          While advocates say the laws protect the future of professional journalism and combat misinformation, several major tech companies including Google lobbied against their introduction.

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources




Samba logo

We support

End software patents


GNU project


EFF bloggers

Comcast is Blocktastic? SavetheInternet.com

Recent Posts