Desktop

• Dell XPS 7390 Developer Edition with Intel Comet Lake and Ubuntu 18.04 LTS announced

  Soon hitting the American, Canadian and European markets is the new Dell XPS 13 Developer Edition that comes with a powerful processor and the Ubuntu OS.

  Being a product of Project Sputnik’s efforts, the XPS 13 7390 is quite a powerful machine for developers as it brings to the table Intel’s 10th Gen Core™ U series processors and a Linux-based operating system in Ubuntu 18.04.

  On the 5th of September, these machines will be made available in the American and European markets with the 10th Generation Intel® Core™ i5-10210U processor (quadcore). The Canadian fans will have to wait for a couple of weeks for its availability. In addition, customers will also find the 10th Generation Intel® Core™ i7-10710U processor (hexacore) variant of these systems starting from October.

• Best Laptop For PC Users Is Here:Dell XPS 13 Developer Edition

  While you can install desktop Linux on most laptops, what makes Dell systems unique is the fact that they use hardware components – such as wireless chips – that are natively supported on Linux.

  In addition, instead of spinning yet another distro to further fragment the desktop Linux ecosystem, Dell offers support for Ubuntu and Red Hat Enterprise Linux. Dell maintains a repository of drivers and customizations that optimize the operating system for these machines.

  Dell has announced the 9th generation of the Project Sputnik portfolio – Dell XPS 13 Developer Edition (7390). The high-end machine is powered by a 6 core, Intel Core i7-10710U processor. You can get up to 16GB of RAM. It comes with Ubuntu 18.04 LTS.

Server

• IBM

  • Red Hat Enterprise Linux 6 and CentOS 6 Receive Important Kernel Security Update

    The new Linux kernel security update is marked by the Red Hat Product Security team as having an “Important” security impact due to the fact that it patches several critical flaws, including the Spectre SWAPGS gadget vulnerability (CVE-2019-1125) affecting x86 processors.

    Also patched are a security vulnerability (CVE-2019-5489) leading to page cache side-channel attacks, an issue in the Salsa20 encryption algorithm that could allow local attackers to cause a denial of service (CVE-2017-17805), and a flaw (CVE-2018-17972) that let unprivileged users inspect kernel stacks of arbitrary tasks.

  • Red Hat Launches OpenShift Service Mesh to Accelerate Adoption of Microservices and Cloud-Native Applications

    Red Hat, Inc., the world’s leading provider of open source solutions, today announced the general availability of Red Hat OpenShift Service Mesh to connect, observe and simplify service-to-service communication of Kubernetes applications on Red Hat OpenShift 4, the industry’s most comprehensive enterprise Kubernetes platform. Based on the Istio, Kiali and Jaeger projects and enhanced with Kubernetes Operators, OpenShift Service Mesh is designed to deliver a more efficient, end-to-end developer experience around microservices-based application architectures. This helps to free developer teams from the complex tasks of having to implement bespoke networking services for their applications and business logic.

  • CUDA 10.1 U2 Adds RHEL8 Support, Nsight Compute Tools For POWER

    NVIDIA last week quietly released a second update to CUDA 10.1.

    CUDA 10.1 Update 2 brings Red Hat Enterprise Linux 8.0 support, continued POWER architecture support improvements, and other additions.

  • IBM Stock and Jim Whitehurst’s Toughest Test

    What analysts say they want from IBM stock is Red Hat CEO Jim Whitehurst in current CEO Virginia Rometty’s chair. They want Red Hat running IBM.

    That wasn’t the promise when this deal was put together. The promise was that Red Hat would get autonomy from IBM, not that IBM would lose its autonomy to Red Hat. But Whitehurst’s concept of an Open Organization has excited analysts who don’t even know what it is.

    If IBM became an Open Organization, these analysts think, it would replace the top-down structure IBM has used for a century with an organic system in which employees and customers are part of the product design process. Instead of selling gear or even solutions, IBM would become a corporate change agent.

  • Going to VMWorld? Learn to help data scientists and application developers accelerate AI/ML initiatives
    

    IT experts from around the world are headed to VMworld 2019 in San Francisco to learn how they can leverage emerging technologies from VMware and ecosystem partners (e.g. Red Hat, NVIDIA, etc.) to help achieve the digital transformation for their organizations. Artificial Intelligence (AI)/Machine Learning (ML) is a very popular technology trend, with Red Hat OpenShift customers like HCA Healthcare, BMW, Emirates NBD, and several more are offering differentiated value to their customers. Investments are ramping up across many industries to develop intelligent digital services that help improve customer satisfaction, and gain competitive business advantages. Early deployment trends indicate AI/ML solution architectures are spanning across edge, data center, and public clouds.

  • RHELvolution 2: A brief history of Red Hat Enterprise Linux releases from RHEL 6 to today

    In the previous post, we looked at the history of Red Hat Enterprise Linux from pre-RHEL days through the rise of virtualization. In this one we’ll take a look at RHEL’s evolution from early days of public cloud to the release of RHEL 8 and beyond.

Audiocasts/Shows

• Command Line Heroes season 3, episode 5: The Infrastructure Effect: COBOL and Go

  Languages used for IT infrastructure don’t have expiration dates. COBOL’s been around for 60 years – and isn’t going anywhere anytime soon. We maintain billions of lines of classic code for mainframes. But we’re also building new infrastructures for the cloud in languages like Go.

• Ubuntu Podcast from the UK LoCo: S12E20 – Outrun

  This week we’ve been experimenting with lean podcasting and playing Roguelikes. We discuss what goes on at a Canonical Roadmap Sprint, bring you some command line love and go over all your feedback.

  It’s Season 12 Episode 20 of the Ubuntu Podcast! Alan Pope, Mark Johnson and Stuart Langridge are connected and speaking to your brain.

Kernel Space

• New Intel Lightning Mountain SoC Appears in Linux Code

  Intel has started Linux kernel development for what appears to be a new Atom SoC family, codenamed Lightning Mountain. It reportedly will be a network processor based on the 14nm Airmont architecture.
  Phoronix today reported on the recent Linux kernel patch notes. They state: “A forthcoming product uses a new variant of Atom Airmont CPU model.”
  Another patch note from August 21 explicitly mentions the Lightning Mountain SoC name. Intel currently does not have product families based on the Mountain suffix, so this would be a brand new line of chips.

• Linux Foundation

  • Automotive Grade Linux update clusters up — and IBM’s OpenPower opens up

    The Linux Foundation’s AGL released UCB 8.0 with new improved profiles for telematics and instrument cluster and launched an Instrument Cluster Expert Group. The LF also gobbled up IBM’s OpenPower Foundation as IBM unveiled a royalty-free Power ISA.

    Prior to today’s Embedded Linux Conference and Open Source Summit, the Linux Foundation’s Automotive Grade Linux (AGL) group announced Unified Code Base 8.0, which pushes the AGL spec deeper into telematics and instrument clusters. Also at the San Diego event, the Linux Foundation announced it was converting the IBM-backed OpenPower Foundation into a new LF working group. IBM also announced that it was open sourcing the Power CPU ISA (see farther below).

  • Automotive Grade Linux Announces New Instrument Cluster Expert Group and UCB 8.0 Code Release

    Automotive Grade Linux (AGL), an open source project developing a shared software platform for in-vehicle technology, today announced a new working group focused on Instrument Cluster solutions, as well as the latest code release of the AGL platform, the UCB 8.0.

    The AGL Instrument Cluster Expert Group (EG) is working to reduce the footprint of AGL and optimize the platform for use in lower performance processors and low-cost vehicles that do not require an entire infotainment software stack. Formed earlier this year, the group plans to release design specifications later this year with an initial code release in early 2020.

    “AGL is now supported by nine major automotive manufacturers, including the top three producers by worldwide volume, and is currently being used in production for a range of economy and luxury vehicles” said Dan Cauchy, Executive Director of Automotive Grade Linux at the Linux Foundation. “The new Instrument Cluster Expert Group, supported by several of these automakers, will expand the use cases for AGL by enabling the UCB platform to support solutions for lower-cost vehicles, including motorcycles.”

  • Microsoft, Google, Red Hat and others join forces for cloud security in ‘confidential computing’ group

    The Confidential Computing Consortium, announced this morning by the Linux Foundation, will work to establish standards, frameworks and tools to encrypt data when it’s in use by applications, devices and online services. Current techniques focus on data at rest, and in transit. The group describes encrypting data in use as “the third and possibly most challenging step to providing a fully encrypted lifecycle for sensitive data.”

  • Shhh! Microsoft, Intel, Google and more sign up to the Confidential Computing Consortium

    The Linux Foundation has signed up the likes of Microsoft and Google for its Confidential Computing Consortium, a group with the laudable goal of securing sensitive data.

    The group – which also includes Alibaba, Arm, Baidu, IBM, Intel, Red Hat, Swisscom and Tencent – will be working on open-source technologies and standards to speed the adoption of confidential computing.

    The theory goes that while approaches to encrypting data at rest and in transit have supposedly been dealt with, assuming one ignores the depressingly relentless splurts of user information from careless vendors, keeping it safe while in use is quite a bit more challenging. Particularly as workloads spread to the cloud and IoT devices.

  • Tech giants come together to form cloud security watchdog

    Some of the world’s biggest technology companies are joining forces to improve the security of files in the cloud. This includes Google, IBM, Microsoft, Intel, and many others.

    The news first popped up on the Linux Foundation, where it was said that the Confidential Computing Consortium will work to bring industry standards and identify the proper tools to encrypt data used by apps, devices and online services.

    At the moment, cloud security solutions focus to protect data that’s either resting, or is in transit. However, when the data is being used is “the third and possibly most challenging step to providing a fully encrypted lifecycle for sensitive data.”

  • Tech firms join forces to boost cloud security

    Founding members of the group – which unites hardware suppliers, cloud providers, developers, open source experts and academics – include Alibaba, Arm, Baidu, Google Cloud, IBM, Intel, Microsoft, Red Hat, Swisscom and Tencent.

    [...]

    “The earliest work on technologies that have the ability to transform an industry is often done in collaboration across the industry and with open source technologies,” said Jim Zemlin, executive director at the Linux Foundation.

    “The Confidential Computing Consortium is a leading indicator of what is to come for security in computing and will help define and build open technologies to support this trust infrastructure for data in use.”

  • Google, Intel and Microsoft form data protection consortium

  • Intel Editorial: Intel Joins Industry Consortium to Accelerate Confidential Computing

    Leaders in information and infrastructure security are well versed in protecting data at-rest or in-flight through a variety of methods. However, data being actively processed in memory is another matter. Whether running on your own servers on-prem, in an edge deployment, or in the heart of a cloud service provider’s data center, this “in-use” data is almost always unencrypted and potentially vulnerable.

  • Confidential Computing: How Big Tech Companies Are Coming Together To Secure Data At All Levels

    Data today moves constantly from on-premises to public cloud and the edge, which is why it is quite challenging to protect. While there are standards available that aim to protect data when it is in rest and transit, standards related to protecting it when in use do not exist. Protecting data while in use is called confidential computing, which the Confidential Computing Consortium is aiming to create across the industry.

    The Confidential Computing Consortium, created under the Linux Foundation, will work to build up guidelines, systems and tools to ensure data is encrypted when it’s being used by applications, devices and online services. The consortium says that encrypting data when in use is “the third and possibly most challenging step to providing a fully encrypted lifecycle for sensitive data.” Members focused on the undertaking are Alibaba, ARM, Baidu, Google Cloud, IBM, Intel, Microsoft, Red Hat, Swisscom and Tencent.

  • IT giants join forces for full-system data security

    Apple is conspiciously missing from the consortium, despite using both Intel hardware and inhouse designed ARM-based processors.

    Of the first set of commitments, Intel will release its Software Guard Extensions (SGX) software development kit as open source through the CCC.

  • Google, Intel, and Microsoft partner to improve cloud security

    Some of the biggest names in tech have banded together in an effort to promote industry-wide security standards for protecting data in use.

  • Alibaba, Baidu, Google, Microsoft, Others Back Confidential Computing Consortium

    The Confidential Computing Consortium aims to help define and accelerate open-source technology that keeps data in use secure. Data typically gets encrypted by service providers, but not when it’s in use. This consortium will focus on encrypting and processing the data “in memory” to reduce the exposure of the data to the rest of the system. It aims to provide greater control and transparency for users.

  • Microsoft, Intel and others are doubling down on open source Linux security

    In other words, the operating system could be compromised by some kind of malware, but the data being used in a program would still be encrypted, and therefore safe from an attacker.

  • Microsoft, Intel, and Red Hat Back Confidential Computing

    The Linux Foundation’s latest project tackles confidential computing with a group of companies that reads like a who’s who of cloud providers, chipmakers, telecom operators, and other tech giants.

    Today at the Open Source Summit the Linux Foundation said it will form a new group called the Confidential Computing Consortium. Alibaba, Arm, Baidu, Google Cloud, IBM, Intel, Microsoft, Red Hat, Swisscom, and Tencent all committed to work on the project, which aims to accelerate the adoption of confidential computing.

• Graphics Stack

  • CoreCtrl: A Radeon Settings Alternative For Linux

    It’s a frustrating reality for Linux users that Windows software counterparts tend to be better. They may offer greater functionality, better design, and be easier-to-use. There are some exceptions, such as with the NVIDIA Linux GPU driver, which offers two features the Windows version doesn’t: temperature monitoring, and fan control. For the most part, though, things like driver control panels are a scarcity in Linux.

Applications

• Top 3 Video Players for Ubuntu

  There are a lot of free and open-source video players available for Ubuntu. Most of them do the basic job pretty well and you do not miss anything from Windows that you could use on Ubuntu. However, some players provide additional features and you can pick which one would suit you best depending on the feature list. In this article, we will give you an introduction to some famous video players for Ubuntu. We will also tell you where to find their websites and how to install them on Ubuntu. All of these players can be reliably downloaded graphically from the Ubuntu Software but we will also explain other methods of installation for educational purposes. Also, some methods let you install the latest available version of the software from the Internet so we will not miss out on those.

• Translatium – Simply Yet Powerful Translation Tool For Linux

  Translatium is an open-source translation application that translate words, phrases, and text between over 90 languages.

  [...]

  For Ubuntu 18.04 and higher, Translatium snap package can be easily installed from Ubuntu Software utility…

• Gammy: Adaptive Screen Brightness Tool For Linux

  Gammy, an adaptive screen brightness GUI tool that that was originally only available for Microsoft Windows, was ported to Linux (X11 only) recently.

  The Qt5 application takes a screenshot periodically, then gradually adjusts the pixel brightness based on the screen (screenshot) contents, dimming the screen if its content is too bright, or brightening the screen if its content is too dark. This is especially useful for reducing eye strain when switching between dark and light windows.

  The Gammy settings allows setting a minimum and maximum brightness, and an offset (the offset adds to the screen brightness, with a higher value meaning a brighter image). Also, because it conflicts with Redshift, the Gammy developer decided to add basic temperature control, which you’ll also find in the application settings.

Instructionals/Technical

• Making Sink(ed) contacts accessible to Plasma-Phonebook App

• How to Delete MySQL Users Accounts

• How to sync Google Contacts with Thunderbird

• How to set the GNOME idle delay from the command line

• How to navigate Ansible documentation

• [Short Tip] Handling “can’t concat str to bytes” error using the uri module

• How to Protect Zip file with Password on Ubuntu 18.04 LTS

• The mktemp Command Tutorial With Examples For Beginners

• How To Install Java 12 On Debian/Ubuntu

• Explain: {,} in cp or mv Bash Shell Commands

• How to install the Newaita icon theme on Linux

• How to install htop on RHEL 8 using yum

• How to downgrade Ubuntu to a previous version

• AlertManager and Prometheus Complete Setup on Linux

Games

• Dynasty Mode & Eight Princes DLC for THREE KINGDOMS out for Linux, plus a Total War sale

  Feral Interactive announced earlier today that the Eight Princes DLC for Total War: THREE KINGDOMS is now officially available on Linux. Plus there’s a nice big Total War sale going on.

• Total War: THREE KINGDOMS – Eight Princes DLC out now on macOS and Linux

  Feral Interactive today announced that The Eight Princes Chapter Pack, DLC for the historical strategy game Total War™: THREE KINGDOMS is out now on macOS and Linux.

• Zombie apocalypse action RPG Zombasite has a big update and a big sale to match

  Ahead of the upcoming full release of Din’s Legacy, Soldak Entertainment aren’t forgetting their older titles. They recently gave Zombasite a huge update and a big discount too.

  Why? Well Zombasite is turning three years old so they decided to give everyone a little gift for their support.

• ‘No Man’s Sky Beyond’ Just Got Patched For Linux, Even Though It’s A Windows-Only PC Game

  Yep, it’s right there in the notes for Beyond Patch 2.08a: “Fixed Steam VR in Linux.”

  The game was recently treated to a massive update which makes it almost resemble an MMO. There are new social hubs, 16-32 player multiplayer, the addition of virtual reality, Vulkan API support and quite a bit more of everything.

  As you probably know, Hello Games is a fairly small indie game studio, and it never developed a native Linux version of No Man’s Sky. But that’s OK, because the game proudly bears a “Gold” rating on ProtonDB, a website that tracks Steam Play compatibility with Windows games.

  Because Proton translates Windows-exclusive game APIs like DirectX to Vulkan (an API that Linux understands), this allows thousands of games that never appeared on Linux to work anyway, simply by installing it on the Steam for Linux client. Proton also has support for SteamVR, meaning many VR titles also run well.

Desktop Environments/WMs

• K Desktop Environment/KDE SC/Qt

  • KDE ISO Image Writer – Release Announcement

    My GSoC project comes to an end and I am going to conclude this series of articles by announcing the release of a beta version of KDE ISO Image Writer.

  • How I got a project in Labplot KDE

    When the organisation names got revealed, I started digging into projects to find out which one interests me a lot. Many projects were quite interesting but my restriction was coding language. Still, I started keeping a note of all the projects which interest me with a little note on what interests me in them and what are the skills required for that particular project. After completing the list, I shifted my focus from a huge number of projects to very few (almost 50). Originally, I planned to create a ranking of some sort and then start attacking individually from the top each one of them. But fortunately, I didn’t have to do that much. When I was taking a quick look at the list, I notice labplot and it seems a perfect project for me. I had used KDE desktop before and I knew how big the KDE community is. I had already done some work on data analysis before (as a course and during my last year summer internship) and the language requirement was C++ and Qt. Though Qt (more broadly I can say GUI Programming) was new to me, looking at the basic documentation, I realised it would not be much difficult as it is like C++ with extended features, also, the documentation of Qt is quite elaborated.

• GNOME Desktop/GTK

  • Meet the GNOMEies: Max Huang

    Max Huang has been GNOME since 2010, starting with forming a GNOME users group in Taiwan. Max has a story you may understand: being a user, meeting the right person, and slowly finding yourself more and more deeply involved with a community in terms of working together and making friends.

  • Gaurav Agrawal: Google Summer of Code 2019 FINAL REPORT

    My Google Summer of Code (GSOC) project was focused on “Implementing split view” in gnome-gitg. This blog posts serves as my final submission to my Google Summer of Code project.

Distributions

• Fedora Family

  • Fedora Switching To The BFQ I/O Scheduler For Better Responsiveness & Throughput

    Following Chromebooks switching to BFQ and other distributions weighing this I/O scheduler for better responsiveness while maintaining good throughput capabilities, beginning with Fedora 31 there will be BFQ used as well.

    In-step with today’s systemd 243 RC2 update, the Fedora packages in Rawhide and F31 have switched to using BFQ.

• Debian Family

  • Debian: No longer a “Universal” operating system

    The Debian project has removed support for the MIPS architecture. This is the latest CPU architecture to be removed from Debian, betraying their tagline of being “The Universal Operating System”.

    I take issue not only with their removal of the MIPS architecture, but of their reasoning for doing it.

• Canonical/Ubuntu Family

  • GPD Micro PC: Can a 6-inch Ubuntu Laptop Really Be Usable?

    It’s not that GPD, a China-based hardware outfit, aren’t skilled at creating diminutive devices that appeal to gadget heads like myself as, clearly they are: both the GPD Win 2 and the GPD Pocket 2 were warmly reviewed by many.

    It’s just that I thought that a laptop this small simply wouldn’t be usable.

    6-inch screen? What a squint fest! Blackberry phone-style keyboard? Typo city! Intel Celeron processor? What is this, a Chromebook?!

    And yet…

    After a week of using the GPD MicroPC (with Ubuntu MATE) as a companion device alongside my regular, full-sized computers, I have to say that I totally get it.

    This thing is nuts.

Devices/Embedded

• Review: Raspberry Pi 4

  The Raspberry Pi began life as a hacker’s dream: a cheap, low-power, highly extendable, hackable PC that shipped as a bare circuit board. Intended as one part educational device, one part tinkering tool, it became something of a phenomenon that has been used to power everything from scaled-down Mars rovers to millions of science and hackday experiments in schools around the world.

• Four Apollo Lake Pico-ITX SBCs start at $245 in single units

  Logic Supply has launched four Ubuntu-ready “EPM16x” Pico-ITX SBCs with Apollo Lake SoCs starting at $245. The $426 and up EPM163 has a Pentium N4200, 4GB LPDDR4, 64GB eMMC, mSATA, mini-PCIe, and 2x each of GbE, DP, and USB 3.0.

  We’ve reported on over a dozen Linux-friendly Pico-ITX boards with Intel Apollo Lake processors over the last few years, including most recently, Axiomtek’s PICO319 and IEI’s Hyper-AL. Yet, as some of our readers have complained, they are rarely announced with ship dates or prices, and if they are, they usually list only volume pricing.

• Huawei Covers Android Gap with IoT OS

  If you’ve been watching the smartphone world, you may know of Huawei’s problems with the United States. Huawei has had a spotty history of spying on American technology, to the point where Huawei products have been banned from being sold in the US.

  Huawei responded by saying they would very much like to continue relations with Android and have been hoping they get a second chance with the technology giant. They have stated, however, that if they are officially cut off from Android, they would make their own OS.

• Mobile Systems/Mobile Applications

  • Samsung has responses for Android users to send to green bubble haters

  • HTC U12+ is finally getting Android 9 Pie a year later

  • OnePlus 7T and 7T Pro: Will there still be ‘T’ models?

  • How to use an Android phone as a Wi-Fi hotspot

  • Alphabet Scoop 068: Nest Mini, Android gets a new name and logo, Google Stadia

  • Why You Need the ‘Google Go’ App on Your Older Android Device

  • Google to blame for Android parking app hiccup, says Penang exco man

  • Google deserts desserts: Android 10 is the official name for Android Q

  • Google Drive for Android and iOS can now fill out PDF forms

  • 10 best hunting games for Android!

  • Denuvo Introduces Mobile Game Protection To Android Devices

  • Nokia shares its Android 10 roadmap with updates starting in Q4 2019

  • How to monitor and limit your data usage on an Android phone

  • Samsung’s Galaxy Note 10+ is the best Android phone you can buy

Free, Libre, and Open Source Software

• Open-Source Project Unveils Detailed Road Map for New Mainnet

  An open-source project that aims to create a smart economy based on blockchain technology has unveiled a new program designed to fuel its ecosystem’s growth — while setting out a detailed road map for its new mainnet.
  Neo says its EcoBoost scheme has been designed to support developers and projects that are already in its ecosystem, as well as those that wish to join. A total of $100 million has been allocated to the initiative — and in the first phase, the firm is seeking to establish long-term partnerships that will fuel the organic growth of its network. Media outlets, exchanges, decentralized application (DApp) distribution platforms and other blockchain infrastructures are being encouraged to express an interest in becoming an EcoBoost Partner, and Neo says it has already received numerous applications from “leading institutions and projects in the industry.”

• Square Crypto Hires Blockstream Co-Founder, Open Source Bitcoin Dev

  Square Crypto announced on Twitter that they have hired Matt Corallo, Bitcoin software developer and co-founder of Blockstream.

• 5 Arenas Where Open Source is the Undisputed Champion

  Open source software has come of age. It has now reached a level of maturity and capability where it simply cannot be ignored. Recent research[1] suggests that 82 percent of large organizations are more receptive to open source than they were five years ago and that C-level IT executives are now most likely to prefer an open source solution over proprietary alternatives.
  Over the years, everyone’s confidence and trust in open source software has been steadily growing. We’ve now reached the point where open source is the dominant player in many of the key technology trends shaping our world.

  [...]

  It’s widely acknowledged that Linux is the power behind the vast majority of public internet servers and that Unix-like operating systems are being used by about 70 percent of all web servers, with Linux taking the lion’s share.
  Why is that important? Because even though we pay them little thought or attention, web and internet servers are responsible for stitching together the digital fabric that most of us rely on for communications and services every day.

  [...]

  There’s no denying that open source is here to stay. I’ve been working with open source for almost a decade now and over that time I’ve seen how quickly open source solutions have taken off, gained acceptance and become the front runner is so many areas.

• U-Boot Has Been Seeing Better x86 Support, EFI Improvements

  Google’s Simon Glass who is part of the Chromium / Chrome OS team presented at this week’s Embedded Linux Conference in San Diego on U-Boot.

  U-Boot continues making good progress particularly on the embedded front for where this bootloader is most well known, but it’s also been seeing increasing x86 support. Currently U-Boot supports around 10 different Intel SoCs and can handle booting from Coreboot on most boards. Intel Apollolake support is forthcoming to U-Boot. Additionally, FSP2 support for the newer version of Intel’s firmware support package is being worked on for U-Boot. Also new on U-Boot’s x86 front is slimbootloader support.

• Web Browsers

  • Mozilla

    • Dustin J. Mitchell: Outreachy Round 20

      Outreachy is a program that provides paid internships working on FOSS (Free and Open Source Software) to applicants from around the world. Internships are three months long and involve deep, technical work on a mentor-selected project, guided by mentors and other developers working on the FOSS application. At Mozilla, projects include work on Firefox itself, development of associated services and sites like Taskcluster and Treeherder, and analysis of Firefox telemetry data from a data-science perspective.

      The program has an explicit focus on diversity: “Anyone who faces under-representation, systemic bias, or discrimination in the technology industry of their country is invited to apply.” It’s a small but very effective step in achieving better representation in this field. One of the interesting side-effects is that the program sees a number of career-changing participants. These people bring a wealth of interesting and valuable perspectives, but face challenges in a field where many have been programming since they were young.

• Funding

  • AI open source leader H2O.ai secures funding worth $72.5 million

    Over the past couple of years, the Silicone-based company has raised a total of $147 million. Since its founding, H2O.ai has gone through a series of funding including its seed round in 2013. In 2017, it saw one of its biggest growth after a Series C funding that raised $75 million. Wells Fargo and NVIDIA led the funding with their $40 million investment. Other participants included Crane Venture Partners, New York Life, Transamerica Ventures, and Nexus Venture Partners.

• FSF/FSFE/GNU/SFLC

  • GNU Parallel 20190822 (‘Jesper Svarre’) released [stable]

    GNU Parallel 20190822 (‘Jesper Svarre’) [stable] has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/

    No new functionality was introduced so this is a good candidate for a stable release.

    GNU Parallel is 10 years old next year on 2020-04-22. You are here by invited to a reception on Friday 2020-04-17.

• Programming/Development

  • Jupyter Notebook for Beginners: A Tutorial

    The Jupyter Notebook is an incredibly powerful tool for interactively developing and presenting data science projects. This article will walk you through how to set up Jupyter Notebooks on your local machine and how to start using it to do data science projects.

    First, though: what is a “notebook”? A notebook integrates code and its output into a single document that combines visualizations, narrative text, mathematical equations, and other rich media. This intuitive workflow promotes iterative and rapid development, making notebooks an increasingly popular choice at the heart of contemporary data science, analysis, and increasingly science at large.

    Best of all, as part of the open source Project Jupyter, they are completely free.

    The Jupyter project is the successor to the earlier IPython Notebook, which was first published as a prototype in 2010. Although it is possible to use many different programming languages within Jupyter Notebooks, this article will focus on Python as it is the most common use case. (Among R users, R Studio tends to be a more popular choice).

  • Python for NLP: Creating Multi-Data-Type Classification Models with Keras

    This is the 18th article in my series of articles on Python for NLP. In my previous article, I explained how to create a deep learning-based movie sentiment analysis model using Python’s Keras library. In that article, we saw how we can perform sentiment analysis of user reviews regarding different movies on IMDB. We used the text of the review the review to predict the sentiment.

    However, in text classification tasks, we can also make use of the non-textual information to classify the text. For instance, gender may have an impact on the sentiment of the review. Furthermore, nationalities may affect the public opinion about a particular movie. Therefore, this associated info, also known as meta data can also be used to improve accuracy of statistical model.

    In this article, we will build upon the concepts that we studied in the last two articles and will see how to create a text classification system that classifies user reviews regarding different business, into one of the three predefined categories i.e. “good”, “bad”, and “average”. However, in addition to the text of the review, we will use the associated meta data of the review to perform classifcation. Since we have two different types of inputs i.e. textual input and numerical input, we need to create a multiple inputs model. We will be using Keras Functional API since it supports multiple inputs and multiple output models.

  • Django Template Fiddle Launched !!!!

    This is not an article. We just want to inform you that we have launched our new platform where you can experiment, play or fiddle with Django Templates.

  • Python Script 16: Generating word cloud image of a text using python

    Word cloud is an image composed of words used in a particular text or subject, in which the size of each word indicates its frequency or importance.

  • Python 3.7.3 : Using the inotify.

  • Git is eating the world

    The inception of Git (2005) is more or less the halfway point between the inception of Linux (1991) and today (2019). A lot has happened since. One thing is clear however: software is eating the world and Git is the fork with which it is being eaten. (Yes, pun intended).

  • CloudBees and Google Cloud accelerate app development in hybrid and public cloud environments

    CloudBees, the enterprise DevOps leader powering the continuous economy, and Google Cloud, announced that the two companies are collaborating to deliver a modern DevOps platform based on open source technologies powered by Google Cloud’s Anthos.

    CloudBees provides companies large and small with Jenkins-based continuous delivery solutions that are secure, open toolchain-enabled and scalable to transform software delivery processes across hybrid computing environments.

    Google Cloud is delivering to enterprises a secure, open, intelligent and transformative enterprise cloud platform. Anthos, a hybrid and multi-cloud platform, is built on open source technologies pioneered by Google Cloud and enables consistency between on-premise and cloud environments.

MIT Media Lab chief apologizes for Epstein ties

Joi Ito, in an open letter on the MIT Media Lab’s website, acknowledged for the first time that he had several ties to Epstein. Ito said that he had traveled to Epstein’s homes and accepted money from him for both the research center and Ito’s own investments into tech startups.

“I take full responsibility for my error in judgment,” Ito wrote.

The world’s oldest live webcam is about to be switched off

Its creators, Jeff Schwartz (Webdog) and Dan Wong (Danno) have decided that as it gets harder to find a secure location to keep it, its also time to let it go. As such, it will breathe its last on the 30th of August.

Security (Confidentiality/Integrity/Availability)

• One more Steam Windows Client Local Privilege Escalation 0day

  Not long ago I published an article about Steam vulnerability. I received a lot of feedback. But Valve didn’t say a single word, HackerOne sent a huge letter and, mostly, kept silence. Eventually things escalated with Valve and I got banned by them on HackerOne — I can no longer participate in their vulnerability rejection program (the rest of H1 is still available though).

  You can read the story in more detail in previous article, here is a couple of words about current situation.

  And it’s sad and simple — Valve keeps failing. Last patch, that should have solved the problem, can be easily bypassed (https://twitter.com/general_nfs/status/1162067274443833344) so the vulnerability still exists. Yes, I’ve checked, it works like a charm.

  But this article is not about an old vulnerability, it’s about new one. Since Valve decided to read a public report instead of private report one more time, I won’t take that pleasure away from them.

• Security updates for Thursday

  Security updates have been issued by Fedora (nginx), openSUSE (ImageMagick and putty), Red Hat (Ansible, atomic-openshift-web-console, ceph, and qemu-kvm-rhev), SUSE (kvm, libssh2_org, postgresql96, qemu, and wavpack), and Ubuntu (libzstd and openjpeg2).

• Major Metapackage Makeover

  With our 2019.3 Kali release imminent, we wanted to take a quick moment to discuss one of our more significant upcoming changes: our selection of metapackages. These alterations are designed to optimize Kali, reduce ISO size, and better organize metapackages as we continue to grow.

  Before we get into what’s new, let’s briefly recap what a metapackage is. A metapackage is a package that does not contain any tools itself, but rather is a dependency list of normal packages (or other metapackages). This allows us to group related tools together. For instance, if you want to be able to access every wireless tool, simply install the kali-tools-wireless metapackage.

• Securing Your Crypto Wallet

  When it came time to create my CryptocurrencyOS, based on Linux Mint I wanted to solve some practical user and security issues. The end result was for people to have their own crypto wallets in a secure, opensource, environment and encourage more adoption of cryptocurrency. I applied some of my experience with some of the products I developed for compevo and Techrich.

  The first problem is that a lot of people don’t even know how to find or download a wallet (at least safely, since there are a lot of fake / malware wallets that steal people’s coins). If they don’t know how to avoid the above, then how would they be able to secure their computer?

• Cryptojacking Code Found in 11 Open Libraries, Thousands Infected

  A cryptojacking code was found in 11 open-source code libraries written in Ruby, which have been downloaded thousands of times.
  Hackers downloaded the software, infected it with malware, and subsequently reposted it on the RubyGems platform, industry news outlet Decrypt reported on Aug. 21.

• Malicious cryptojacking code found in 11 Ruby libraries

  Cryptojacking software has been found in 11 code libraries for the programming language Ruby—exposing thousands of people.

  The latest heist, discovered yesterday on code repository Github made use of a package manager called RubyGems, a popular program that allows developers to upload and share improvements on existing pieces of software.

• Cryptojacking Scripts Found in 11 Open-Source Code Libraries

  According to a Decrypt report, the malware was discovered on Tuesday inside Github code repository, infecting the language manager called RubyGems.

• First‑of‑its‑kind spyware sneaks into Google Play

• Open-source spyware bypasses Google Play defenses — twice

  Radio Balouch — the app in question — is a legitimate radio application serving Balouchi music enthusiasts, except that it also included AhMyth, a remote access espionage tool that has been available on GitHub as an open-source project since late 2017.

  Lukas Stefanko, ESET researcher who uncovered the campaign, said the app was uploaded twice on Google Play — once on July 2 and a second time on July 13 — only to be swiftly removed by Google within 24 hours upon being alerted by the security team. It continues to be available on third-party app stores.

  While the service’s dedicated website “radiobalouch.com” is no longer accessible, the attackers also seem to have promoted the app on Instagram and YouTube. The app, in total, attracted over 100 installs.

• 61 impacted versions of Apache Struts left off security advisories

  Security researchers have reviewed security advisories for Apache Struts and found that two dozen of them inaccurately listed affected versions for the open-source development framework.

  The advisories have since been updated to reflect vulnerabilities in an additional 61 unique versions of Struts that were affected by at least one previously disclosed vulnerability but left off the security advisories for those vulnerabilities.

• Sectigo Sponsors Automated Certificate Issuance and Renewal in Electronic Frontier Foundation’s Certbot Open Source Software Tool

  Sectigo, the world’s largest commercial Certificate Authority (CA) and a provider of purpose-built and automated PKI management solutions, today announced its sponsorship of Electronic Frontier Foundation’s (EFF) free, open source software tool, Certbot, to support efforts to encrypt the entire internet and build a network that is more structurally private, safe, and protected against censorship.

Defence/Aggression

• Indonesia deploys troops in Papua as pro-independence protests surge

  The Ministry of Communications and Information Technology has slowed down the access to the internet in the two provinces since the protests kicked off on Monday, where the journalists and foreign academics have been granted restricted access.

Environment

• Trump is mad some automakers want to make cleaner cars [iophk: more tweets in place of official channels of communications ]

  The EPA and the NHTSA are expected to unveil the final version of the rollback the Trump administration has been promising sometime this year, but The New York Times reports that staff members at those agencies are “struggling to assemble a coherent technical and scientific analysis required by law to implement a rule change of this scope.”

• Trump’s Rollback of Auto Pollution Rules Shows Signs of Disarray

  The White House, blindsided by a pact between California and four automakers to oppose President Trump’s auto emissions rollbacks, has mounted an effort to prevent any more companies from joining California.

  Toyota, Fiat Chrysler and General Motors were all summoned by a senior Trump adviser to a White House meeting last month where he pressed them to stand by the president’s own initiative, according to four people familiar with the talks.

• Scientists and economists are warning the world’s governments that climate change will destroy capitalism as we know it

  “In the post-World War II period, societies rebuilt their infrastructures and practices; now we need something similar so that our economies and practices can operate without fossil fuels.

  The scientist considers that we have a margin of up to 30 years for this, although in any case it can be understood as an optimistic period that can only be reduced to 15 years.

• No, you don’t have to publicly declare that Instagram can’t use your photos — you already said yes when you signed up

  Not only is the hoax pushing false information, it’s missing the point: You already granted Facebook and Instagram those permissions when you signed up. It’s in the terms of service you likely didn’t read.

• Energy

  • How an Application for Propane Fracking Attempts to Circumvent New York’s Fracking Ban

    Four years after New York announced the state was banning hydraulic fracturing (fracking), Tioga Energy Partners, LLC has filed an application with the state to frack for natural gas, but there’s a catch. The company is proposing to swap propane into the industry standard mix that usually calls for water.

    Environmental advocates consider this application to use liquefied petroleum gas (LPG), and specifically a propane gel, an attempt to circumvent New York’s 2015 ban on fracking for fossil fuels.

AstroTurf/Lobbying/Politics

• Twitter Helps Beijing Push Agenda Abroad Despite Ban in China

  “We know China is adept at controlling domestic information, but now they are trying to use Western platforms like Twitter to control the narrative on the international stage,” said Jacob Wallis, a senior analyst at the Australian Strategic Policy Institute’s International Cyber Policy Centre.

• LinkedIn says it blocked or removed more than 21M fake accounts during first half of 2019

  LinkedIn announced this week that it had blocked or removed 21.6 million fake accounts on its platform between January and June of this year.

  The professional networking platform, which has about 645 million users, wrote in a Tuesday blog post that 95 percent of the face accounts were blocked from being created during the registration process and never went live.

  Another 2 million fake accounts were restricted by LinkedIn before a user reported them, while 67,000 accounts were taken down after being flagged by users.

• Facebook is looking for journalists with ‘excellent news judgment’ to run its forthcoming news section

  The social networking giant has posted three job openings for “experienced journalists” to be “news curators.” The curators will pick content from publishers covering the most important stories of the day; develop plans for news events; analyze data to inform news strategy; and work with product teams to improve user experience.

• Concerns Growing that China’s Influence Operations Getting Bolder

  However, U.S. intelligence officials and some private sector analysts saw indications China was preparing to escalate its efforts. And less than three months later, the U.S. director of national intelligence sounded an additional alarm, accusing China, along with Russia, of actively meddling in the 2018 congressional elections.

Censorship/Free Speech

• Facebook’s Weird Pointless Auditless Audit Of Political Bias On Its Platform

  Facebook has continued to do the most Facebooky of Facebook things. Faced with almost entirely baseless claims of “anti-conservative bias” in how it moderates content, Facebook claimed to be doing something useful: bringing in a big outside law firm with big name partners (lead by former Republican Senator Jon Kyl) to analyze those claims. In response, they published… a whole lot of nothing. Kyl released an 8 page report that nearly anyone could have written (at much lower hourly rates, I’m sure). In it, it details areas that 133 different conservative users expressed concerns about how Facebook’s platform operates.

  But the report does literally nothing to say (or better yet, show) whether or not those concerns are valid. It just lists them out. Yes, the “conservatives” interviewed were “concerned” that hate speech designations might disproportionately impact them. Duh. But did it? The report doesn’t say. Even more importantly, did such designations lead to disparate treatment for analogous behavior? Again, the report fails to say. it just lists out what “concerns” were raised. Which is about as totally fucking useless as you can imagine. In short, it’s Facebook’s standard operating procedure.

• Three nights of tear gas-free protests as Hong Kong’s anti-government movement gives peace a chance

  It cites a consumer backlash against the company, whose second-largest market for long-haul travel is China.

• State Rep Tries To Bring Criminal Harassment Charges Against Journalists For Being Journalists

  In a small county in Oregon, free speech — specifically the act of journalism — is being threatened. The Malheur Enterprise, a weekly newspaper, has been investigating a state lawmaker’s ties to business deals and contracts being executed in the county. Doing what journalists do, the paper’s reporters have been trying to get answers or statements from people working with State Rep. Greg Smith, whose business dealings are currently under the small paper’s microscope.

  No one seems to want to talk to the paper, but good journalists are persistent and willing to talk to anyone who might give them a new lead or verify findings. This is how journalism works. Rep. Greg Smith thinks journalism is a criminal act.

• China (Yes, China) Complains About Attack On Its ‘Free Speech Rights’ After Twitter/Facebook Boot Propaganda Accounts

  Oh come on. Earlier this week we wrote about both Twitter and Facebook shutting down a bunch of Chinese accounts that both companies claimed were state-backed accounts pushing propaganda/misinformation/attacks against Hong Kong protesters. Separately, Twitter also changed its policies to no longer accept advertising from state-backed media operations. The Chinese government — the very same government famous for aggressively censoring the entire internet — apparently is not happy about it, arguing that it’s a violation of free speech rights.

Privacy/Surveillance

• Baffled student tells Twitter: ‘I’m not a Chinese agent’

  The most likely explanation points to Marin’s decision to try and boost the number of people following his and his son’s accounts last December.

  “I had a social media freelancer supporting the start of the accounts,” Marin said, “and I suspect he bought some Twitter followers/bots, which I thought explained the suspension – until today.”

• Cash sales to end on Finnish trains

  Finnish state railway firm VR is to end cash sales of tickets on long-distance services. The company says ticket machines and conductors will from 1 September only accept cards or contactless payments.

• Browsers Take a Stand Against Kazakhstan’s Invasive Internet Surveillance

  Back in July, Kazakhtelecom, Kazakhstan’s state telecommunications operator, began regularly intercepting encrypted web (HTTPS) connections. Usually, this kind of attack on encrypted HTTPS connections is detectable and leads to loud and visible browser warnings or other safeguards that prevent users from continuing. These security measures work because the certificate used is not trusted by user devices or browsers.

  However, Kazakh ISPs also sent instructions telling users to compromise their own security by manually trusting the certificate on their devices and browsers, bypassing the security checks that are built into most devices.

  The two-step of Kazakh ISPs deploying an untrusted certificate, and users manually trusting that certificate allows the ISPs to read and even alter the online communication of any of their users, including sensitive user data, messages, emails, and passwords sent over the web. Research and monitoring from Censored Planet found around 40 domains that were being regularly intercepted, including Google services, Facebook services, Twitter, and VK (a Russian social media site).

Civil Rights/Policing

• A Killer Cop Gets Fired, and Somehow the Cops Are Angry [iophk: to paraphrase an old expression, a single bad apple spoils the /entire/ batch]

  But how many officers are actually investigated and fired because of these allegations? New York City keeps that information secret, but Buzzfeed got ahold of a data dump of secret disciplinary files last year. Those files showed that between 2011 and 2015, 1,800 NYPD employees were charged with misconduct, but only a handful were ever fired. They showed that 250 employees were charged with excessive force, including employees who work as school safety agents. They showed that over 100 employees lied on official documents or in open court. They showed that the overwhelming majority of these people kept their jobs and received minimal internal discipline.

  To put these numbers in context, the NYPD employs around 55,000 officers and civilian auxiliaries. The department made some 200,000 arrests in 2018. Usually, these stats are used to support the ridiculous claim that it’s just a “few bad apples” who are on the police force. But the cops and police boosters around the country misunderstand the meaning of the phrase. The line is “a few bad apples spoils the bunch.” Not “a few bad apples should be overlooked and fed to black and brown citizens until they choke to death on worms.”

• Why There’s No End in Sight to the Hong Kong Protests

  None of this, however, seems to have produced the desired effect: As Carrie Lam tried to dismantle the legal firewall between Hong Kong and Beijing by allowing suspected criminals to be extradited to China, all the rage that had been simmering for five years erupted. Yet another protest movement began, only this one has been much more stubborn. Its main demands are for the complete withdrawal of the extradition bill (which is only shelved at the moment) and a full inquiry into police violence, together with an amnesty for all the protesters who have been arrested. But as we enter the third month of the crisis, the impasse shows no signs of abating. The government obfuscates and tries to scare the protesters—and it is aided by Beijing, which also refuses to open a dialogue and keeps distributing videos and photos of military exercises just across the border from Hong Kong, in Shenzhen.

• Hong Kong Police Officers Arrested Over Beating of Man in Hospital

  Two Hong Kong police officers were arrested on Tuesday after a video appeared to show them hitting a 62-year-old man in the genitals, stomach and face while he was strapped to a gurney in a hospital in June.

• Helsinki preps schools, NGOs to spot FGM, forced marriage trips

  According to a report by tabloid daily Ilta-Sanomat, the guidelines will advise adults working with immigrant-background children (in Finnish) how to ensure that when youngsters travel abroad they are not subjected to female genital mutilation (FGM) or forced marriage and that their studies are not interrupted for extended periods.

• China’s Delivery Drivers Rage Against the Algorithm

  In the first half of 2019, the Hong Kong–based China Labour Bulletin, which tracks labor movements in China, recorded 33 strikes by food delivery drivers, compared to 48 in all of 2018 and just eight in 2017, according to researcher Aiden Chau. Approximately 90 percent of these strikes are spurred by sudden wage decreases; in some cases, drivers have claimed their average daily earnings had abruptly dropped by half.

  “A lot of drivers never see their employer before they stage a strike,” Chau said. “Companies say it’s just the algorithm. Workers don’t know how to respond to this, because they know nothing about the algorithm.”

  Aside from unannounced wage cuts, striking workers also reported being assigned impossibly short delivery times, leading to more road accidents involving delivery drivers. Independent contractors face liability should they get into a collision–and according to multiple drivers, they are docked pay, or suspended by the platform, if even a single order is late.

• North Carolina Appeals Court’s Second Take On Retaliatory Arrests Just As Bad As Its First One

  The North Carolina Appeals Court has revised its earlier decision finding that retaliatory arrests over free speech are a thing that is right and good and supported by case law.

  A man flipped the bird at a state trooper while passing him as he performed a traffic stop. The trooper decided this needed further investigation and pursued the passing vehicle. After demanding the rude passenger’s identification (and being rebuffed), the trooper arrested him on contempt of cop charges (obstructing a public officer).

  The man sued. The appeals court reached the weird-as-fuck conclusion that the officer had probable cause to initiate a traffic stop because one man’s extended middle finger could have conceivably resulted in an eventual disturbance of the peace.

  The court had to do a lot of work on behalf of the state trooper to reach this conclusion as there were several logical and legal hurdles to jump. It released this opinion to universal derision. Seemingly chastened by the backlash (and a seething dissent), the appeals court hastily withdrew the decision.

Internet Policy/Net Neutrality

• The Barlowian Internet: The Faults Of The Internet Are Also Its Opportunity, But It’s Up To Us To Embrace Them

  John Perry Barlow is all too frequently held up as the patron saint of a sort of “techno-utopian” internet, in which the internet will save us all and open up all sorts of wonderment and good feels — and all the bad stuff is whisked away on a rainbow cloud of TCP/IP. Critics of Barlow sometimes delight in mocking his flowery language or predictions that didn’t come quite true (though many did). They especially delight in pointing to the current internet hellscape as proof that Barlow’s vision of the internet-for-good was a vision through impossibly rose-colored glasses. As I noted upon his passing, this is a near total misunderstanding of Barlow, who saw both the promise and the peril of the internet, and his writings were designed as a call to action for those developing the future (i.e., all of us), to embrace the good and avoid the bad. His presentments were an attempt to urge us all in the right direction, not a suggestion that that direction was inevitable, or easy, or guaranteed.

  That framing is useful context for reading through an amazing collection of essays and reflections on Barlow put together by Duke’s Law & Technology review, in what it has entitled The Past and Future of The Internet: A Symposium for John Perry Barlow. Edited by Jamie Boyle, with some amazing contributions from folks like Cindy Cohn, Cory Doctorow, Yochai Benkler, Pam Samuelson, Jessica Litman, Jonathan Zittrain and more, it’s absolutely worth reading, no matter where you stand on Barlow and his legacy. It is not — as you might think — a hagiography designed solely to praise Barlow. Indeed, it contains quite a few essays that are critical of Barlow — arguing that he was over-optimistic, that he didn’t recognize the downsides of the internet, and that he was misguided in his views of how the internet and (especially) copyright law might change over time.

Monopolies

• Sanders targets gig economy as part of new labor plan

  As part of the platform, Sanders promised to crack down on the gig economy, which critics say has allowed companies to exploit workers by treating them as contractors instead of offering them the full benefits that come with being an employee.

  Under the plan, “companies will no longer be able to ruthlessly exploit workers by misclassifying them as independent contractors or deny them overtime by falsely calling them a ‘supervisor,’ ” it reads. “When Bernie is president, his administration will end the ability of corporations to misclassify workers as ‘independent contractors’ or label them as a ‘supervisor.’ ”

• EU antitrust regulators have Facebook’s Libra currency in their sights

  The European Commission would not be the first regulator to have raised concerns about the digital currency, which will be run by a group of companies, including Facebook, as part of the Libra Association. In the US, Facebook’s cryptocurrency chief David Marcus has faced questions from the House Financial Services committee, during which one representative told him that they didn’t think Facebook should launch Libra at all. Lawmakers in France and Germany were also quick to object to Facebook becoming a “shadow bank” with its own sovereign currency. Earlier this month, data privacy regulators around the world asked for transparency about how the Libra Association will process personal data.

• Patents and Software Patents

  • Judge Koh schedules Continental v. Avanci et al. FRAND trial for October 2021, denies defendants’ motion to stay discovery

    The 10-day bench trial (reminiscent of FTC v. Qualcomm) will kick off on October 15, 2021.

    The next case management conference will take place on December 18, 2019, and I’ll probably be in the area and may stop by out of curiosity (which wasn’t possible yesterday).

    Also, the defendants’ (i.e., Avanci, Nokia, and privateers that Nokia once fed with patents; and meanwhile, Sharp has also been properly served) motion to stay discovery was denied. While their forthcoming motion to dismiss and already-pending venue transfer motion have yet to be adjudicated, it’s possible that Avanci’s related arguments at least haven’t overwhelmed Judge Koh, which may be the reason she doesn’t see a point in staying discovery.

    The just-mentioned motion to transfer the case from San Jose to Dallas is already the second attempt to avoid Judge Koh’s jurisdiction over the case. In June, Law.com’s Scott Graham reported on the denial of a venue-internal transfer motion: the Northern District of California has several divisions; Judge Koh is based in San Jose; and Avanci wanted to at least get the case moved out of that place (with San Francisco being their preferred alternative), even before it was formally assigned to Judge Koh (at the time it was still pending with Magistrate Judge Nathaniel Cousins, which already made it likely that it would be assigned to Judge Koh). As Scott Graham mentioned, Nokia’s testimony in FTC v. Qualcomm didn’t appear credible to Judge Koh (for undestandable reasons as Nokia itself once complained over Qualcomm’s practices, at a time when Nokia was still in the mobile handset business).

    [...]

    When Continental and Avanci briefed Judge Koh ahead of yesterday’s case management hearing, Continental listed those German patent infringement actions against Daimler as related cases, while Avanci and its co-defendants deny that there is a link.

  • Patent case: TQ Delta LLC v Zyxel Communications UK Ltd & anr, United Kingdom

    The Court of Appeal allowed ZyXEL’s appeal, finding that in light of its waiver of its RAND licence rights, declaratory relief to determine the scope and terms of the licence which TQD was bound to offer to the two ZyXEL parties would no longer serve a useful purpose.

  • Enzo Life Sciences, Inc. v. Becton, Dickinson and Co. (Fed. Cir. 2019)

    Last week, the Federal Circuit affirmed a decision by the Patent Trial and Appeal Board (PTAB) finding claims of U.S. Patent No. 7,064,197 to be invalid for anticipation or obviousness, in Enzo Life Sciences, Inc. v. Becton, Dickinson and Co. (Fed. Cir. 2019). Because Enzo raised the issue du jour, that subjecting a patent granted prior to enactment of the Leahy-Smith America Invents Act (AIA) to inter partes review (IPR) was unconstitutional, the U.S. government joined the appeal to defend the constitutionality of PTAB proceedings under these circumstances.

    [...]

    The Board held in a Final Written Decision that all the claims in IPR were invalid for being anticipated by a prior art reference to Fish or obvious by the combination of Fish and secondary references, or a reference to van Prooijen-Knegt (“VPK”) with (obviousness) or without (anticipation) reliance on secondary references. The basis for these determinations based on the VPK reference relied, inter alia, on the Board finding that the ’197 patent was not entitled to its earliest priority date for failure of the priority application to satisfy the written description requirement for the “non-porous solid support” limitation recited in challenged claims. Enzo appealed.

    [...]

    The Supreme Court invited patentees to explore the extent to which IPRs could constitute a Taking under the Fifth Amendment, in its Oil States Energy Services, LLC. v. Greene’s Energy Group, LLC decision (“our decision should not be misconstrued as suggesting that patents are not property for purposes of the Due Process Clause or the Takings Clause”). Several patentees having taken the Court up on its invitation, it seems the time is ripe for Supreme Court review of the Federal Circuit’s determination that IPRs do not raise constitutional takings issues.

  • Damages for Improvement Patents: Are the Georgia-Pacific factors sufficient?

    The patent here claims voice communication via “packet communication” that is clearly broad enough to encompass the accused Voice-over-Internet-Protocol (VoIP) systems. However, the patent specification does not disclose or discuss VoIP, but rather asynchronous transfer mode (ATM). ATM uses packets, but mimics legacy circuit-switching by establishing a virtual circuit (something not done by an IP system). As IP has proven itself capable and less expensive, it is largely replacing the ATM approach. The petition here argues that the breadth of claims are not supported by the written description.

    In its opinion, the majority sided with the patentee — noting that that IP technology “is not expressly excluded” by the specification and that the document refers to ATM as one possible “broadband system.” The “such as” language “strongly suggests that the patents are not limited to ATM technology.” Here, the court also concluded that a lightweight disclosure was acceptable since IP systems were known in the art as a form of broadband.

    Judge Mayer wrote in dissent. He concluded that VoIP should not be understood as within the disclosure since the specification repeatedly focused on ATM style virtual circuits with no disclosure of other packet networks. “[T]he specification’s disclosure makes sense only in the context of ATM technology.”

• Copyrights

  • Apple Sues Corellium Over ‘Illegal Replication’ of iOS

    In other words, Apple believes Corellium creates copies of iOS, sells them to anyone willing to pay, including foreign governments, and in the process violates Apple’s rights. Apple is demanding the Corellium Apple Product be blocked from sale, all products using Apple copyrights be destroyed, cash compensation be paid, and Corellium customers informed of the violation.

  • Apple Seeks to Shut Down Corellium’s ‘Perfect Replicas’ of iOS

    Corellium’s products allow the creation of a virtual Apple device, according to the suit. It copies new versions of Apple works as soon as they are announced, and doesn’t require users to disclose flaws to Apple, the Cupertino, California-based company said in the complaint.

  • Apple is suing Corellium

    Corellium allows customers to create and interact with virtual iOS devices — a software iPhone, for example, running actual iOS firmware, all within the browser. Apple says this is copyright infringement, and is demanding Corellium stops “all uses of” its iOS virtualization products and pays Apple unspecified “damages and lost profits.”

  • Apple sues Corellium for creating virtual copies of iOS

    Apple this week filed a lawsuit against Corellium, a company that offers users a virtual replica of the iOS user experience from within a web browser. While Corellium touts its service as something of a security tool to better enable researchers to unearth serious vulnerabilities, Apple claims that Corellium’s underlying motive is to illegally profit off of Apple’s intellectual property [sic].

  • Apple Files Lawsuit Against Virtualization Company Corellium for Illegally Replicating iOS and Apple Apps

    Apple is seeking a permanent injunction to prevent Corellium from continuing to offer a product that replicates iOS. Apple also wants Corellium to destroy all infringing materials that it’s collected, and pay Apple damages, lost profits, and attorney fees.

  • ‘Enough is enough’: Apple is suing a company that claims it creates ‘perfect’ replicas of iOS

    Apple on Thursday filed a lawsuit suit against Corellium, a company which creates virtual versions of Apple’s operating system, iOS, within a web browser so people can test it for security flaws.

    In its suit, filed in the Southern District of Florida and first spotted by Bloomberg, Apple claimed that Corellium’s replication of iOS constitutes copyright infringement.

Desktop

• Dell releases latest Linux developer laptop with Comet Lake CPU

  When it comes to Linux laptops for professionals, it’s hard to beat Dell’s XPS 13 Developer Edition. Now, with its latest Ubuntu-Linux powered XPS 13 release, Dell continues to set the standard for high-end programmer laptops.

  These new laptops are built on the 10th-generation Intel Cor i5-10210U processor, Comet Lake. These will arrive on Sept. 5. In October, Dell will upgrade its laptop still further with six-core Intel Core Comet Lake CPUs. Can you say fast? I knew you could.

  For networking, the latest XPS 13s use the Killer AX1650 (2×2) built on Intel Wi-Fi 6 Chipset. This supports the latest Wi-Fi standards and Bluetooth 5.0. That means, if your routers support Wi-Fi 6 (aka 802.11ax), you’ll see significantly faster network speeds.

  It also comes with up to 16GB of RAM, a fingerprint reader, a narrow bezel around its 14-inch InfinityEdge display, as well as a 100% sRGB color gamut. Another nice upgrade in this system is the webcam has finally been moved to the top of the display. So, we can finally say good-bye to the “nose cam.”

  These new laptop models will run Ubuntu 18.04 LTS. This Ubuntu will be supported for 10 years. That means, if you wanted, you could still be running this laptop in April 2028.

• Dell XPS 13 7390 developer edition – Best laptop for Ubuntu in 2019 ?

  I love this laptop as it is preloaded with Ubuntu 18.04(LTS-Long Term Support), so you don’t have to format it and install Ubuntu as I normally do:-). And hardware-wise the specifications look brilliant as it has the latest 10th Generation Intell core i5(Quad-core) and i7 (hexacore) processors and a beautiful infinity edge display. Combined with the low power hungry the LPDDR3 RAM (Low-Power Double Data Rate Synchronous Dynamic Random Access Memory or Mobile DDR), you can expect a very good battery life as well. The Bluetooth 5.0 version supports dual audio and twice as much faster speed than that of Bluetooth 4.2. We are not quite sure about the price yet, so keep looking at the Dell official website for updates. One thing to note is that if you are in the US / Canada, you should look in the “For Work” Section instead of “For Home” section.

• Dell XPS 13 Developer Edition Announced with Ubuntu

  With the Ubuntu and Linux operating systems as a whole are being popular day-by-day, more OEMs are coming up with options includes pre-installed the popular free and open-source operating system Ubuntu. System76 and Dell is on the forefront on this venture and giving users a breathing space from tiring Windows and its fees. Earlier Dell announced the launch of Precision series of laptops powered by Ubuntu Operating system.

  Dell announced the launch of Dell XPS 13 Developer edition (7390) which soon be available in US, Europe and Canada. This Ubuntu 18.04.3 LTS pre-loaded Laptop is part of Dell’s newly unveiled consumer PC portfolio unveiled in IFA 2019.

  [...]

  Pricing of the Dell XPS 13 is still unknown at the moment. Do keep a watch on official Dell website for your country.

• Dell XPS 13 Developer Edition with Ubuntu Linux, Intel Comet Lake coming in September

  Dell’s new XPS 13 970 laptop with an Intel Comet Lake processor and Windows 10 software goes on sale August 27th for $900 and up.

  Want a model with Ubuntu Linux instead? You’ll be able to get one starting September 5th.

  Dell’s Barton George has announced that the company is updating its XPS 13 Developer Edition laptops with a new 9th-gen model based on the new Dell XPS 13 7390.

• Dell XPS 13 (7390) Developer Edition laptop comes with Ubuntu Linux, Wi-Fi 6, and 10th Gen Intel Core CPU

  There are so many great Linux distributions these days, such as Netrunner, Deepin, and Zorin OS to name just a few. With that said, Ubuntu remains a great option for many. Since Canonical switched from Unity to GNOME, Ubuntu has been better than ever.

  If you want a computer pre-loaded with Ubuntu, I highly recommend you check out System76′s new Adder WS — it looks to be a beast. If you want a laptop that it thinner and lighter, however, Dell’s XPS 13 Developer Edition notebooks are definitely worth your attention. They have historically been very well-received by consumers, and no, they aren’t just for developers. Today, Dell unveils the latest XPS 13 Developer Edition, and it is chock full of modern hardware.

• Dell’s Refreshed XPS 13 Laptop Gains Intel 10th Gen Hexa-Core Comet Lake Muscle

  Systems will come preloaded with either Windows 10, or in the case of the XPS 13 Developer Edition, Ubuntu 18.04 LTS.

• Dell XPS 13 Range Refreshed With New 10th Gen Intel Comet Lake CPUs: Price, Availability, More

  The Dell XPS 13 2-in-1 has also been refreshed to offer the latest CPUs, and it is already available at $999 (roughly Rs. 71,600) on the company website. It comes with a 13.4-inch touch display, up to 512GB SSD, up to 16GB RAM, and Intel Iris Plus Graphics.

• How the Linux desktop has grown

  first installed Linux in 1993. At that time, you really didn’t have many options for installing the operating system. In those early days, many people simply copied a running image from someone else. Then someone had the neat idea to create a “distribution” of Linux that let you customize what software you wanted to install. That was the Softlanding Linux System (SLS) and my first introduction to Linux.

  My ’386 PC didn’t have much memory, but it was enough. SLS 1.03 required 2MB of memory to run, or 4MB if you wanted to compile programs. If you wanted to run the X Window System, you needed a whopping 8MB of memory. And my PC had just enough memory to run X.

• Google’s Chrome OS 76 Improves Support for Multiple Accounts on Chromebooks

  Google promoted the Chrome OS 76 operating system for supported Chromebook devices to the stable channel, and it is now rolling out to users from around the world with new features and improvements.
  Based on the latest Google Chrome 76 web browser release, which brings many new features and improvements on its own, Chrome OS 76′s probably most exciting is a unified account management for those who use multiple Google accounts on their Chromebook, either by you or if the devices is shared with other people.

  Users can check out the new account management feature under Settings > Google Accounts, and they should keep in mind that they can now apply all the permissions and access granted to apps, add-ons, websites, Google Play, and in Chrome to all of their signed-in Google accounts.

  [...]

  Chrome OS 76 is now rolling out to all supported Chromebook devices. You can update your Chromebook to Chrome OS 76 by going to Chrome settings and accessing the About Chrome OS section. The new version will be automatically downloaded and installed on your Chromebook. A restart is required for Chrome OS 76 to be successfully installed.

Server

• Deep Learning Reference Stack v4.0 Now Available

  Artificial Intelligence (AI) continues to represent one of the biggest transformations underway, promising to impact everything from the devices we use to cloud technologies, and reshape infrastructure, even entire industries. Intel is committed to advancing the Deep Learning (DL) workloads that power AI by accelerating enterprise and ecosystem development.

  From our extensive work developing AI solutions, Intel understands how complex it is to create and deploy applications for deep learning workloads. That?s why we developed an integrated Deep Learning Reference Stack, optimized for Intel Xeon Scalable processor and released the companion Data Analytics Reference Stack.

  Today, we?re proud to announce the next Deep Learning Reference Stack release, incorporating customer feedback and delivering an enhanced user experience with support for expanded use cases.

• Clear Linux Releases Deep Learning Reference Stack 4.0 For Better AI Performance

  Intel’s Clear Linux team on Wednesday announced their Deep Learning Reference Stack 4.0 during the Linux Foundation’s Open-Source Summit North America event taking place in San Diego.

  Clear Linux’s Deep Learning Reference Stack continues to be engineered for showing off the most features and maximum performance for those interested in AI / deep learning and running on Intel Xeon Scalable CPUs. This optimized stack allows developers to more easily get going with a tuned deep learning stack that should already be offering near optimal performance.

• IBM

  • Troubleshooting Red Hat OpenShift applications with throwaway containers

    Imagine this scenario: Your cool microservice works fine from your local machine but fails when deployed into your Red Hat OpenShift cluster. You cannot see anything wrong with the code or anything wrong in your services, configuration maps, secrets, and other resources. But, you know something is not right. How do you look at things from the same perspective as your containerized application? How do you compare the runtime environment from your local application with the one from your container?

    If you performed your due diligence, you wrote unit tests. There are no hard-coded configurations or hidden assumptions about the runtime environment. The cause should be related to the configuration your application receives inside OpenShift. Is it time to run your app under a step-by-step debugger or add tons of logging statements to your code?

    We’ll show how two features of the OpenShift command-line client can help: the oc run and oc debug commands.

  • What piece of advice had the greatest impact on your career?

    I love learning the what, why, and how of new open source projects, especially when they gain popularity in the DevOps space. Classification as a “DevOps technology” tends to mean scalable, collaborative systems that go across a broad range of challenges—from message bus to monitoring and back again. There is always something new to explore, install, spin up, and explore.

  • How DevOps is like auto racing

    When I talk about desired outcomes or answer a question about where to get started with any part of a DevOps initiative, I like to mention NASCAR or Formula 1 racing. Crew chiefs for these race teams have a goal: finish in the best place possible with the resources available while overcoming the adversity thrown at you. If the team feels capable, the goal gets moved up a series of levels to holding a trophy at the end of the race.

    To achieve their goals, race teams don’t think from start to finish; they flip the table to look at the race from the end goal to the beginning. They set a goal, a stretch goal, and then work backward from that goal to determine how to get there. Work is delegated to team members to push toward the objectives that will get the team to the desired outcome.

    [...]

    Race teams practice pit stops all week before the race. They do weight training and cardio programs to stay physically ready for the grueling conditions of race day. They are continually collaborating to address any issue that comes up. Software teams should also practice software releases often. If safety systems are in place and practice runs have been going well, they can release to production more frequently. Speed makes things safer in this mindset. It’s not about doing the “right” thing; it’s about addressing as many blockers to the desired outcome (goal) as possible and then collaborating and adjusting based on the real-time feedback that’s observed. Expecting anomalies and working to improve quality and minimize the impact of those anomalies is the expectation of everyone in a DevOps world.

Audiocasts/Shows

• FLOSS Weekly 543: OpenSMTPD

  OpenSMTPD is a FREE implementation of the server-side SMTP protocol as defined by RFC 5321, with some additional standard extensions. It allows ordinary machines to exchange emails with other systems speaking the SMTP protocol.

• mintCast 315.5 – On OggCamp with Les and Dan

  In the second half, we interview Dan and Les about OggCamp and get more than we bargained for.

  Then, in our security update, we talk about how Chrome’s Incognito mode can be detected.

  Finally, we share feedback and point out a few things we found interesting this fortnight.

• The Linux Link Tech Show Episode 822

• Why Package Managers | BSD Now 312

  Valuable research is often hindered or outright prevented by the inability to install software. This need not be the case.

• PCLinuxOS + Hugo | Choose Linux 16

  We check out a great tool for learning web development basics, and Distrohoppers brings us mixed experiences.

  Plus which of the 10 commandments for Linux users we agree with.

• Celery In A Shiv App – Building SaaS #31

  In this episode, we baked the Celery worker and beat scheduler tool into the Shiv app. This is one more step on the path to simplifying the set of tools on the production server.

  I started the stream by reviewing the refactoring that I did to conductor/main.py. The main file is used to dispatch to different tools with the Shiv bundle.

Kernel Space

• Grand Schemozzle: Spectre continues to haunt

  The Spectre v1 hardware vulnerability is often characterized as allowing array bounds checks to be bypassed via speculative execution. While that is true, it is not the full extent of the shenanigans allowed by this particular class of vulnerabilities. For a demonstration of that fact, one need look no further than the “SWAPGS vulnerability” known as CVE-2019-1125 to the wider world or as “Grand Schemozzle” to the select group of developers who addressed it in the Linux kernel.
  Segments are mostly an architectural relic from the earliest days of x86; to a great extent, they did not survive into the 64-bit era. That said, a few segments still exist for specific tasks; these include FS and GS. The most common use for GS in current Linux systems is for thread-local or CPU-local storage; in the kernel, the GS segment points into the per-CPU data area. User space is allowed to make its own use of GS; the arch_prctl() system call can be used to change its value.

  As one might expect, the kernel needs to take care to use its own GS pointer rather than something that user space came up with. The x86 architecture obligingly provides an instruction, SWAPGS, to make that relatively easy. On entry into the kernel, a SWAPGS instruction will exchange the current GS segment pointer with a known value (which is kept in a model-specific register); executing SWAPGS again before returning to user space will restore the user-space value. Some carefully placed SWAPGS instructions will thus prevent the kernel from ever running with anything other than its own GS pointer. Or so one would think.

• Long-term get_user_pages() and truncate(): solved at last?

  Technologies like RDMA benefit from the ability to map file-backed pages into memory. This benefit extends to persistent-memory devices, where the backing store for the file can be mapped directly without the need to go through the kernel’s page cache. There is a fundamental conflict, though, between mapping a file’s backing store directly and letting the filesystem code modify that file’s on-disk layout, especially when the mapping is held in place for a long time (as RDMA is wont to do). The problem seems intractable, but there may yet be a solution in the form of this patch set (marked “V1,000,002″) from Ira Weiny.
  The problems raised by the intersection of mapping a file (via get_user_pages()), persistent memory, and layout changes by the filesystem were the topic of a contentious session at the 2019 Linux Storage, Filesystem, and Memory-Management Summit. The core question can be reduced to this: what should happen if one process calls truncate() while another has an active get_user_pages() mapping that pins some or all of that file’s pages? If the filesystem actually truncates the file while leaving the pages mapped, data corruption will certainly ensue. The options discussed in the session were to either fail the truncate() call or to revoke the mapping, causing the process that mapped the pages to receive a SIGBUS signal if it tries to access them afterward. There were passionate proponents for both options, and no conclusion was reached.

  Weiny’s new patch set resolves the question by causing an operation like truncate() to fail if long-term mappings exist on the file in question. But it also requires user space to jump through some hoops before such mappings can be created in the first place. This approach comes from the conclusion that, in the real world, there is no rational use case where somebody might want to truncate a file that has been pinned into place for use with RDMA, so there is no reason to make that operation work. There is ample reason, though, for preventing filesystem corruption and for informing an application that gets into such a situation that it has done something wrong.

• Linux Begins Preparing For Intel’s New “Lightning Mountain” SoC

  Linux kernel development activity has shown light on a new Intel SoC we haven’t anything about to date… Lightning Mountain.

  We haven’t seen Intel Lightning Mountain referenced elsewhere yet but in our original monitoring of the various Linux kernel patch flow, this is a new Atom SoC on the way.

• Linux Foundation

  • IBM OpenPOWER to Join Open Source Linux Foundation

    IBM has announced it was contributing the instruction set (ISA) for its Power microprocessor and the designs for the Open Coherent Accelerator Processor.

  • IBM joins Linux Foundation AI to promote open source trusted AI workflows

    “AI, as it matures, needs to mature in a way that is something that the general public can put their confidence and trust in,” Todd Moore, IBM’s VP of Open Technology, told ZDNet. “Too often, what we hear is the AI is a black box, they don’t understand how it got to its results, there’s bias in the models, there needs to be more fairness… We’ve heard that loud and clear, and we felt it was time to help the industry move forward.”

  • Intel, Google, Microsoft, and Others Launch Confidential Computing Consortium for Data Security

    Major tech companies including Alibaba, Arm, Baidu, IBM, Intel, Google Cloud, Microsoft, and Red Hat today announced intent to form the Confidential Computing Consortium to improve security for data in use.

  • Intel, Google, Microsoft, and others launch Confidential Computing Consortium for data security

    Major tech companies including Alibaba, Arm, Baidu, IBM, Intel, Google Cloud, Microsoft, and Red Hat today announced intent to form the Confidential Computing Consortium to improve security for data in use. Established by the Linux Foundation, the organization plans to bring together hardware vendors, developers, open source experts, and others to promote the use of confidential computing, advance common open source standards, and better protect data.

    “Confidential computing focuses on securing data in use. Current approaches to securing data often address data at rest (storage) and in transit (network), but encrypting data in use is possibly the most challenging step to providing a fully encrypted lifecycle for sensitive data,” the Linux Foundation said today in a joint statement. “Confidential computing will enable encrypted data to be processed in memory without exposing it to the rest of the system and reduce exposure for sensitive data and provide greater control and transparency for users.”

  • Intel, Microsoft, Red Hat Open Source Tools for ‘Confidential Computing’

    Members of the Linux Foundation, including Arm, Baidu, Google Cloud, Intel, Microsoft, Red Hat, Swisscom and Tencent, will start promoting the use of Trusted Execution Environments (TEEs), also called secure enclaves, for both cloud computing and PC applications.

    The participants in the newly formed group, called the Confidential Computing Consortium, plan to make open source multiple projects related to securing data in use. Intel will open source the SDK for its Software Guard Extension (SGX) chip feature.
    The SGX solution protects sensitive code and data of an application from being stolen or modified by malicious actors that may have taken over the operating system or virtual machine. Applications such as the end-to-end encrypted messenger Signal use SGX for private contact discovery without the need for the server to store users’ contacts in plaintext and unprotected.
    Microsoft also contributed the Open Enclave SDK, a framework for building app enclaves that work across various Trusted Execution Environment (TEE) architectures to the CCC. Each application that uses the Open Enclave SDK can be split into two components, an untrusted one that runs on the untrusted operating systems and a trusted one that’s protected from operating system malware.

  • Microsoft and others join the Linux Foundation’s Confidential Computing Consortium

    Microsoft, Google, Red Hat, IBM and Intel are among those to join the newly formed Confidential Computing Consortium (CCC). The new organization will be hosted at the Linux Foundation, having been established to help define and accelerate the adoption of confidential computing.

  • Google, Microsoft, Intel Join Hands With Linux Foundation To Protect Your Data

    Major tech companies including Google, Microsoft, Intel, Alibaba, Arm, IBM, Red Hat, Baidu, etc., have come together to form the Confidential Computing Consortium.

    Established by the Linux Foundation, the aim behind this consortium is to improve security for data in use. The organization aims to bring together developers, vendors, and other experts to promote the use of confidential computing to protect data better.

• Graphics Stack

  • Intel’s New OpenGL Driver Is Looking Really Great With The Upcoming Mesa 19.2

    Intel’s new open-source OpenGL Linux driver “Iris” Gallium3D that has been in development for the past two years or so is getting ready to enter the limelight. Months ago they talked of plans to have it ready to become their default OpenGL driver by the end of the calendar year and with the state of Mesa 19.2 it’s looking like that goal can be realized in time. With our new tests of this driver, in most games and other graphics applications the performance of this Gallium3D driver is now beyond that of their “classic” i965 Mesa driver.

    Over the past year we’ve been looking a lot at the Intel Gallium3D performance and it’s been a remarkable journey from the performance starting out well below their decade old OpenGL driver to now mostly exceeding that classic Mesa driver and often times by wide margins. The Intel Gallium3D driver is also largely now to feature parity in terms of OpenGL extensions and other capabilities. With all of their bases covered, this summer for the upcoming Mesa 19.2 release we’ve been seeing a lot of performance optimizations land. Back in April is when they indicated they hope to have it become the default by end of year 2019 and viable by Mesa 19.2.

Benchmarks

• Phoronix Test Suite 9.0 Milestone 2 Released, OpenBenchmarking.org Serves 42 Millionth Download

  The second development release of the forthcoming Phoronix Test Suite 9.0-Asker is now available for testing.

  Phoronix Test Suite 9.0 Milestone 2 continued evolving the brand new result viewer being introduced with PTS 9.0 and various new graphing visualizations. Various fixes and other improvements have landed into this new release. Screenshots and more details on the new result viewing experience soon.

Applications

• How To Share Files Anonymously And Securely: Linux Alternatives to Google Drive

  The ability to share files regardless of the physical distance and almost instantaneously is one of the greatest characteristics of the Internet. With 4.3 billion Internet users at the beginning of 2019, the amount of data transferred over the Web is almost unimaginable.

  But not all file-sharing services are created equal. In the era where personal data is the most valuable currency we can spend, it is important to ensure we send files over the Internet in a secure and anonymous way.

  Read to find out why mainstream file-sharing services are not your best bet and how to pick an alternative solution.

• Akaunting: a web-based accounting system

  One of these years, LWN will have a new accounting system based on free software. That transition has not yet happened, though, despite the expending of a fair amount of energy into researching alternatives. Your editor recently became aware of a system called Akaunting, so a look seemed worthwhile. This tool may have the features that some users want, but it seems clear that your editor’s quest is not done yet.

  As an aside, additional motivation for this effort came in the form of an essentially forced upgrade to QuickBooks 2019 — something that QuickBooks users have learned to expect and dread. There appear to be no new features of interest in this release, but it does offer a newly crippled data import mechanism and routine corruption of its database. If your editor didn’t know better, he might just conclude that proprietary software is buggy, unreliable, and unfixable.

  [...]

  The system is written in PHP and JavaScript; the code is licensed under GPLv3. Akaunting is able to use MySQL, PostgreSQL, or SQLite to store the actual data. It is, as one might expect given the implementation languages, designed to run as a web application; one can install it on a handy machine, but Akaunting (the company) also offers to host accounts free of charge on its own servers. The company promises “we cover it, for free, forever” — a pretty big promise for a free-software startup with a minimal track record.

• Flameshot is a brilliant screenshot tool for Linux

  The default screenshot tool in Ubuntu is alright for basic snips but if you want a really good one you need to install a third-party screenshot app.

  Shutter is probably my favorite, but I decided to give Flameshot a try. Packages are available for various distributions including Ubuntu, Arch, openSuse and Debian. You find installation instructions on the official project website.

• Raccoon – APK Downloader for Linux, MacOS, and Windows

  We’ve covered APK stories before in articles like the one about F-Droid and Google Play Downloader, but never have we covered an app as cool as this one with a name inspired by the North American mammal, Raccoon.

  Raccoon is a free and modern open-source APK downloader application that enables you to safely download any Android app available on Google Play Store to your Linux, Windows, or Mac desktop.

  The incentive of Raccoon is to enable users to install Android apps without sending any kind of information to Google. It also works to store APK files locally, use a “Split APK” format, bypass application region restrictions, and aims to improve your phone’s battery life.

Instructionals/Technical

• How To Check Your IP Address in Ubuntu [Beginner’s Tip]

• How To Install Apache CouchDB on Debian 10 Buster

• How to Install Pip on Debian 9/10 for Python2/Python3

• How to Install VirtualBox 6 on Debian 10

• How to move a file in Linux

• Install ILIAS E-Learning LMS on Ubuntu – Google Cloud

• How to colorize your NGINX log files with CCZE

• A guided tour of Linux file system types

  While it may not be obvious to the casual user, Linux file systems have evolved significantly over the last decade or so to make them more resistant to corruption and performance problems.

  Most Linux systems today use a file system type called ext4. The “ext” part stands for “extended” and the 4 indicates that this is the 4th generation of this file system type. Features added over time include the ability to provide increasingly larger file systems (currently as large as 1,000,000 TiB) and much larger files (up to 16 TiB), more resistance to system crashes and less fragmentation (scattering single files as chunks in multiple locations) which improves performance.

• Testing the Linux Malware Detect.

• Kushal Das: Remember to mark drive as removable for tails vm install

  If you are installing Tails into a VM for testing or anything else, always remember to mark the drive as a removable USB drive. Otherwise, the installation step will finish properly, but, you will get errors like the following screenshot while booting from the drive.

• How to Set DNS Nameservers on Ubuntu 18.04

Games

• Try the first demo of the dino MMO Path of Titans, we have some testing keys to give away

  After Alderon Games successful crowdfunding campaign on IndieGoGo for their dino themed survival MMO Path of Titans, the developer reached out to gather more Linux testers.

  They’ve released a first demo and it’s currently quite limited with the character creation ability the only thing possible. However, once a month they will be deploying a big new feature for it like the ability to run around, AI, quests and so on.

• Steam Play passes six thousand Windows games playable on Linux, according to ProtonDB

  On the day of Steam Play hitting the big one year anniversary (August 21st), it seems another milestone has been reached in terms of compatibility.

  According to ProtonDB, the handy (but unofficial) tracking website, over six thousand games are now working. At time of writing, exactly 6,023 “games work” against the 9,134 total of games that currently have user reports to see if they run or not. That’s quite an impressive number!

  It’s worth noting though, that with little over nine thousand games currently reported, Steam does host well over thirty thousand so there’s a huge amount that hasn’t yet been tested.

  How about a question for you to answer in the comments: What does Steam Play mean to you? I’ll start.

• From 0 To 6000: Celebrating One Year Of Proton, Valve’s Brilliant Linux Gaming Solution

  This week, Valve’s Proton turns one year old, and it has unarguably propelled the notion of gaming on Linux further than I would have thought possible. It has led to noticeably more mainstream press and YouTube coverage of desktop Linux, including this gem from Linus Tech Tips titled “Linux Gaming Finally Doesn’t Suck.”

  [...]

  Has Linux gaming finally reached parity with Windows? In terms of total number of games playable, not remotely. ProtonDB — which crowdsources hardware information from Linux gamers and compatibility ratings — has collected reports for roughly 9000 of the more than 30,000 games available on Steam for Windows, and 6000 are deemed playable. A little north of 1000 titles are rated Platinum, meaning they exhibit the same smooth gameplay and performance via Steam Play and Proton as they do on Windows.

• Rocket Pass 4 is coming to Rocket League on August 28th, with a new rally-inspired Battle-Car

  The fourth Rocket Pass is due to arrive in Rocket League soon, along with the start of Competitive Season 12.

  For those of you wanting to rank up and ensure you get the best rewards possible, Season 11 is ending really soon on August 27th. A day later, Rocket Pass 4 is going to be released.

• Roguelike Stay Safe: Labyrinth of the Mad now has a Linux beta, sounds quite unique

  Stay Safe: Labyrinth of the Mad from Yellowcake Games is a roguelike with plenty of random generation, including an interesting way of generating the world.

  When starting a new game, the developer said you can use files on your PC or a combination of keyboard/gamepad button presses to generate the dungeon, items and gems. That’s not all that makes it somewhat unique, there’s also another feature where you will come across a copy of other players. It’s a single-player game, so you’re not directly facing other people only a shadow of what they had. Although that feature is entirely optional.

• OBS Studio has a fresh release candidate available for a major new version

  OBS Studio, the free and open source video livestreaming and recording software is my one and only stop for video capturing and it continues to mature.

  The upcoming 24.0 release has a first release candidate now available and it has some fun new features. For starters, you can now actually pause recordings to easily cut away parts you know you don’t need. I’ve tested that and it works perfectly. It does need you to have separated encoders for streaming and recording though, so you can’t have the recording encoder set to “same as stream”.

• Little Red Dog Games announce Rogue State Revolution, a political thriller roguelike

  Little Red Dog Games (Precipice, Deep Sixed, Rogue State) have announced Rogue State Revolution, what they say is the “first” political roguelike game.

  It’s being published by Modern Wolf, a new indie publisher who doesn’t believe in crunch who say they treat their developers “like partners, not like cogs in a machine”.

  [...]

  Doesn’t seem to have a trailer yet, will let you know what it does. They’re also continuing to use the FOSS game engine Godot Engine again, nice to see!

• Hello Games appear to be keeping an eye on Steam Play with No Man’s Sky, temp fix needed for NVIDIA

  No Man’s Sky recently had an absolutely ridiculous update to add in tons of new features and greatly expanded multiplayer. This update also added in Vulkan support too!

  It seems Hello Games are keeping an eye on Steam Play as well, with a recent update changelog noting “Fixed Steam VR in Linux.”. Quite interesting! However, there is a bit of a problem for NVIDIA users with Steam Play on Linux, with the game performing quite poorly. Although, there’s a slightly amusing workaround.

• Things are about to get weird in the Two Point Hospital: Close Encounters expansion

  Two Point Studios and SEGA just announced the next expansion for their amusing hospital building sim with Two Point Hospital: Close Encounters.

  It’s coming soon too! Their plan is to release it on August 29th next week. This will be the third expansion following on from Bigfoot and Pebberley Island. Two Point Hospital is already quite weird but this is really…out there. It will be adding in 3 new hospitals full of patients to cure, 34 new illnesses although they say only 11 of these are new visually along with a promise of “new” gameplay, new music and so on.

• Classic inspired RTS Loria is now available DRM-free on GOG

  If you’re like me and you enjoy a good real-time strategy game, Loria is actually pretty good. It added Linux support on Steam earlier this year and now it’s also available on GOG.

  While it’s inspired by titles like Warcraft II, it’s not just a retro RTS. There’s a few RPG-like elements including hero units, item collection, quests and more.

• The Underlords are actually coming to Dota Underlords, plus a new Duos mode

  Valve continue to push out changes rapidly to their auto-battler Dota Underlords, with some of their upcoming plans now being detailed in a fresh update.

  One big new feature planned to be available in a few weeks is a new Duos game mode. Valve say it’s a new way to play cooperatively with a friend. You party up and battle against other teams and it will support both Casual and Ranked play.

  The actual Underlords are going to be making an appearance soon too. This feature Valve said they’re “excited” about, as they’re a “core part of the game”. They haven’t said how they will work but they will “add a layer of fun and strategy to every match” so I’m very curious to see what happens.

• Steam for China Is Called ‘Zhengpi Pingtai’

  The digital games service will be run almost entirely independent of Steam and by Valve’s Chinese partner company Perfect World.

Desktop Environments/WMs

• K Desktop Environment/KDE SC/Qt

  • Day 88 [Ed: Karina Passos on her time in KDE GSoC]

    Today, I’ll talk about my GSoC experience and won’t focus so much on Khipu, even because i still have some things to do, so in the next days I’ll publish a post about Khipu and what I’ve done.

    As I said in the old posts, the begin was the most complicated part for me. I made a project thinking that I’d be able to complete, I started studying the code and the things I’d make many weeks before the start. But I couldn’t understand the code and I think it’s my fault. I even lost three weeks after the start stuck in this situation. It was hard for me, because I was really scared about failing and at the same time dealing with my college stuff, because in Brazil, our summer (and our summer vacation), is in December-February, in July we have a three week vacation, but GSoC lasts three months. I wasn’t having a good time at college as well, but with the help of my therapist and my mentors I found a way to deal with the both things and as everything went well.

    After this complicated start, to not fail, my mentor suggested that I could change my project. My initial project was to create new features to Khipu and Analitza (Khipu’s main library) to make it a better application and move it out from beta. Then, my new project was to refactor Khipu (using C++ and QML). I was scared because I didn’t know if I’d be able to complete it, but the simplicity of QML helped me a lot, and before the first evaluation (approx. two weeks after I decided my new project) I finished the interface, or at least most of it.

    [...]

    And, of course, I’d like to say to KDE, Google and my mentors: thanks for this opportunity.

• GNOME Desktop/GTK

  • GNOME 3.34 Desktop Gets a Second Beta, Final Release Lands September 11th

    The GNOME 3.34 beta 2 release is now available for public testing, coming only two weeks after the first beta release, which made a lot of noise due to the fact that numerous packages have been updated since the beginning of the development cycle, as it usually happens during beta testing.

    The GNOME 3.34 beta 2 is released as technical version number 3.33.91, and it comes with fixes for last minute bugs and regressions, as well as the usual updated translations. To see what’s new in the GNOME 3.33.91 release, check out all the details in the changelogs in the NEWS file.

  • GNOME 3.33.91 released

    Hi developers,
    
    GNOME 3.33.91 is now available. This is the second beta version towards 3.34.
    
    If you want to compile GNOME 3.33.3, you can use the official
    BuildStream project snapshot:
    
    https://download.gnome.org/teams/releng/3.33.91/gnome-3.33.91.tar.xz
    
    The list of updated modules and changes is available here:
    
    https://download.gnome.org/core/3.33/3.33.91/NEWS
    
    The source packages are available here:
    
    https://download.gnome.org/core/3.33/3.33.91/sources/
    
    WARNING!
    --------
    This release is a snapshot of development code. Although it is
    buildable and usable, it is primarily intended for testing and hacking
    purposes. GNOME uses odd minor version numbers to indicate development
    status.
    
    For more information about 3.33, and the full schedule, please see our
    3.33 wiki page:
    
    https://www.gnome.org/start/unstable
    
    Cheers,
    
    Abderrahim Kitouni
    GNOME Release Team
    

  • GNOME 3.34 Beta 2 Brings Last Minute Improvements To GNOME Shell, Mutter & Friends

    GNOME Shell and Mutter are also out today with their new beta releases albeit missed the cut-off for making it formally as part of this new GNOME beta release. On that front for these key components there is:

  • ARB_gl_spirv and ARB_spirv_extension support for i965 landed Mesa master

    And something more visible thanks to that: now the Intel Mesa driver exposes OpenGL 4.6 support, the most recent version of OpenGL.

    As perhaps you could recall, the i965 Intel driver became 4.6 conformant last year. You have more details about that, and what being conformant means in this Iago blog post. On that blog post Iago mentioned that it was passing with an early version of the ARB_gl_spirv support, that we were improving and interating during this time so it could be included on Mesa master. At the same time, the CTS tests were only testing the specifics of the extensions, and we wanted a more detailed testing, so we also were adding more tests on the piglit test suite, written manually for ARB_gl_spirv or translated from existing GLSL tests.

Distributions

• Gerald Pfeifer Appointed Chair Of The openSUSE Board

  Seasoned open source leader Gerald Pfeifer has been appointed chair of the openSUSE board. Pfeifer’s new responsibilities will begin immediately and run concurrently with his role as SUSE CTO in EMEA. Current chair Richard Brown, who was appointed in July 2014, is resigning after five years of service for a combination of personal reasons and his desire to focus on his career at SUSE, from where he will continue his contribution to openSUSE. Brown and Pfeifer will work closely together to transition responsibilities.

• Gerald Pfeifer Appointed Chair of the openSUSE Board

  Current chair Richard Brown, who was appointed in July 2014, is resigning after five years of excellent service for a combination of personal reasons and his desire to focus on his career at SUSE®, from where he will continue his contribution to openSUSE. Brown and Pfeifer will work closely together to transition responsibilities.

  The openSUSE board, with Pfeifer’s support, will continue to provide input, governance and assistance to the openSUSE Project, the developer of leading infrastructure software and application delivery tools, including several Linux operating systems.

  Based in the Europe, Middle East and Africa region, Pfeifer, in his role as SUSE CTO, is charged with leading strategic dialogue with customers, partners and open source communities globally. He was previously responsible for the creation and progression of SUSE’s broad portfolio of open source enterprise software.

  “I could not be more excited and humbled to participate in the openSUSE Project as board chair,” Pfeifer said. “Collaboration in the openSUSE community has contributed to remarkable Linux distributions, and I’m looking forward to ongoing growth in both the community and the openSUSE distributions – Linux and beyond – and tools. openSUSE is at the leading edge of a historic shift, as open source software is now a critical part of any thriving enterprise’s core business strategy. This is an exciting time for the openSUSE community as well as open source at large.”

  SUSE is deeply committed to openSUSE’s development model and to being a sponsor and supporter of the project. This partnership has created a unique and deeply collaborative working relationship that can be seen in projects like Open Build Service and openQA. While the relationship has its roots in Linux, in recent years it has expanded as a growing number of new infrastructure software standards are built on and from open source innovation. As the world’s largest independent open source company, SUSE will continue its support for openSUSE.

• 11 Best Linux Distro for hacking and programming

  When it comes to choosing a Linux distribution for hacking or programming, there are a number of points that you should keep in mind. The operating system should run smoothly on your system, and if you are installing one on your primary computer, you should always go for the one that you know how to use properly.

  But using an operating system for more specific purposes like cybersecurity, which I have discussed here, isn’t that straightforward.

  Kali Linux is one of the best cybersecurity operating systems, but there are many which offer more streamlined functionalities. I recommend you to try out at least a few of the most intriguing Kali Linux alternatives I have discussed here before you finally make your decision.
  So that was my list of top 10 Kali Linux alternatives, that is worth your time. Do you have anything to add? Feel free to comment on the same down below.

• Screenshots/Screencasts

  • Netrunner 19.08 Run Through

    In this video, we are looking at Netrunner 19.08.

• Fedora/Red Hat

  • Flock’19 Budapest

    This was the first occurrence of the conference for me to attend. Its an annual Fedora Community gathering, which happens in a new city of Europe every year. This time it was in Budapest, the capital of Hungary, last year it was hosted in Dresden. Dates for the same were: 8th Aug through 11th Aug 2019. Also I got an opportunity to present there on my proposal: “Getting Started with Fedora QA”.

    Day 1 Started with a Keynote by Mathew Miller (mattdm). In here he spoke about where we as a community are and where we need to go further. It was a knowledgeable discussion for a first timer like me who was always looking out for the Vision and Mission of Fedora community. There are people who are with Fedora since its first release and you get to meet them here at the annual gathering.

    [...]

    Groups were formed and people decided for themselves where they wanted to go for the evening hangout on the Day 1. We were 7 people who decided to hangout at the Atmosphere Klub near the V.Kerulet and left at around 9:00 pm by walk.

    Day 2 started with a keynote by Denise Dumas, Vice President, Operating System Platform, Red Hat. She spoke on “Fedora, Red Hat and IBM”. I woke up late, 20 minutes before the first session as I went to bed late last night and had walked for around 11 kms the day before.

  • Fedora 30 : Set up the Linux Malware Detect.

  • Cockpit 201

    It’s now again possible to stop a service, without disabling it. Reloading is now available only when the service allows it.

    Furthermore, disabling or masking a service removes any lingering “failed” state, reducing noise.

  • Systemd 243 RC2 Released

    Released nearly one month ago was the systemd 243 release candidate while the official update has yet to materialize. It looks though like it may be on the horizon with a second release candidate being posted today.

    Red Hat’s Zbigniew Jędrzejewski-Szmek has just tagged systemd 243-RC2 as the newest test release for this new version of this de facto Linux init system. Over the past month have been new hardware database (HWDB) additions, various fixes, new network settings, resolvectl zsh shell completion support, bumping timedated to always run at the highest priority, and other changes.

• Debian Family

  • Netrunner Linux 19.08 “Indigo” Released, Based on Debian GNU/Linux 10 “Buster”

    The Netrunner community announced the release and general availability of the Netrunner 19.08 operating system series, a major update that adds updated components and a new Debian base.
    Dubbed “Indigo,” the Netrunner 19.08 release is based on the recently announced Debian GNU/Linux 10 “Buster” operating system series and features the KDE Plasma 5.14.5 desktop environment, accompanied by the KDE Applications 18.08 and KDE Frameworks 5.54 open-source software suites built on top of Qt 5.11.3.

    Under the hood, the Netrunner 19.08 operating system is powered by the Linux 4.19.0~5 kernel and ships with updated components, including the Mozilla Firefox 60.8.1 ESR web browser and Mozilla Thunderbird 60.7.2 email and news client, as well as all the latest security patches from the Debian Stable repositories.

    “Switching Firefox to Firefox-ESR allows our users to enjoy a stable long term supported version which gets regular security updates provided by Debians security team,” explain the devs. “KDE Plasma 5.14.5 provides a stable and advanced desktop environment that you can tweak to your needs.”

  • Hardening the “file” utility for Debian

    In addition, he had already encountered problems with file running in environments with non-standard libraries that were loaded using the LD_PRELOAD environment variable. Those libraries can (and do) make system calls that the regular file binary does not make; the system calls were disallowed by the seccomp() filter.

    Building a Debian package often uses FakeRoot (or fakeroot) to run commands in a way that appears that they have root privileges for filesystem operations—without actually granting any extra privileges. That is done so that tarballs and the like can be created containing files with owners other than the user ID running the Debian packaging tools, for example. Fakeroot maintains a mapping of the “changes” made to owners, groups, and permissions for files so that it can report those to other tools that access them. It does so by interposing a library ahead of the GNU C library (glibc) to intercept file operations.

    In order to do its job, fakeroot spawns a daemon (faked) that is used to maintain the state of the changes that programs make inside of the fakeroot. The libfakeroot library that is loaded with LD_PRELOAD will then communicate to the daemon via either System V (sysv) interprocess communication (IPC) calls or by using TCP/IP. Biedl referred to a bug report in his message, where Helmut Grohne had reported a problem with running file inside a fakeroot.

• Canonical/Ubuntu Family

  • Ubuntu Touch OTA-10 Released With Device Fixes, Support For Draft Messages

    The UBports community that maintains the (currently 16.04 LTS derived) Ubuntu Touch have now shipped OTA-10 as their newest over-the-air feature update.

    Ubuntu Touch OTA-10 has been in testing since earlier this month and mostly offers fixes ranging from addressing Google sign-in issues to wireless display issues to a number of hardware problems. Some of the hardware work includes several fixes for the Fairphone 2, audio and video sync issues are resolved with the Google Nexus 5 and OnePlus One, and other annoying items resolved.

  • Ubuntu Touch OTA-10 Officially Released for Ubuntu Phones, Here’s What’s New

    Coming three and a half months after the OTA-9 release, the Ubuntu Touch OTA-10 update is now available with better hardware compatibility for Fairphone 2, Nexus 5, and OnePlus One smartphones by implementing proper camera orientation and audio routing on the Fairphone 2, and fixing audio and video sync problems on the Fairphone 2 and OnePlus One.

    Additionally, Ubuntu Touch OTA-10 improves the reliability and speed of Wi-Fi based geolocation functionality by removing the “wolfpack” tool, which used the Geoclue service for gathering approximate location data. However, it may take more than 20 minutes for some users to have their location retrieved after updating to Ubuntu Touch OTA-10.

  • Samsung Galaxy Note 10 now links up with Windows and Mac PCs via supercharged DeX app

    And there’s a big bonus here in the form of being able to drag-and-drop files directly from your phone to your PC, and vice versa. So you could take a photo from your Note 10 and whip it onto the PC to tweak it up in a proper heavyweight image editor, for example.

    Furthermore, as XDA Developers observes, Linux on DeX is available via the DeX app, allowing you to create a container and run an Ubuntu Linux image, giving you even more flexibility and options here.

    It’s not clear what Samsung intends to do in terms of giving users with older Galaxy handsets backwards compatibility, but at the moment, this is strictly a Galaxy Note 10-only affair, as mentioned.

    Finally, it’s worth noting that the app does warn that your phone might get hot running the DeX application, although exactly how hot likely depends on what you’ve got the hardware doing, of course.

  • Useful security software from the Snap Store

    Once upon a time, password management was a simple thing. There were few services around, the Internet was a fairly benign place, and we often used the same combo of username and password for many of them. But as the Internet grew and the threat landscape evolved, the habits changed.

    In the modern Web landscape, there are thousands of online services, and many sites also require logins to allow you to use their full functionality. With data breaches a common phenomenon nowadays, tech-savvy users have adopted a healthier practice of avoiding credentials re-use. However, this also creates a massive administrative burden, as people now need to memorize hundreds of usernames and their associated passwords.

    The solution to this fairly insurmountable challenge is the use of secure, encrypted digital password wallets, which allow you to keep track of your endless list of sites, services and their relevant credentials.

    KeePassXC does exactly that. The program comes with a simple, fairly intuitive interface. On first run, you will be able to select your encryption settings, including the ability to use KeePassXC in conjunction with a YubiKey. Once the application is configured, you can then start adding entries, including usernames, passwords, any notes, links to websites, and even attachments. The contents are stored in a database file, which you can easily port or copy, so you also gain an element of extra flexibility – as well as the option to back up your important data.

Devices/Embedded

• Getting Started with Sipeed M1 based Maixduino Board & Grove AI HAT for Raspberry Pi

  Last year we discovered Kendryte K210 processor with a RISC-V core and featuring AI accelerators for machine vision and machine hearing.

• What’s next for IoT?

  If you’ve read any articles about the Internet of Things (IoT), you’ve likely seen estimates of how many billions of devices will be connected to the web (or local networks) in the near future.

• Pitaya Go is an IoT development board with multi-protocol wireless connectivity

  One of the challenges in starting a new IoT project is the question of what connectivity to use.

• Khadas VIM3L Amlogic S905D3 SBC Targets HTPC Enthusiasts

• Linux-driven modules to showcase new MediaTek AIoT SoCs

  Innocomm is prepping an “SB30 SoM” with the new quad -A35 MediaTek i300 followed by an “SB50 SoM” with an AI-equipped, octa-core -A73 and -A53 MediaTek i500. Both modules ship with Linux/Android evaluation kits.

  Innocomm, which has produced NXP-based compute modules such as the i.MX8M Mini driven WB15 and i.MX8M powered WB10, will soon try on some MediaTek SoCs for size. First up is an SB30 SoM due to launch in October that will run Linux or Android on MediaTek’s 1.5GHz, quad-core, Cortex-A35 based MediaTek i300 (MT8362) SoC. In November, the company plans to introduce an SB50 SoM based on the MediaTek i500 (MT8385).

• The Release of Raspberry Pi 4: What Does It Mean to You

  The release of Raspberry Pi 4 has been met with much enthusiasm from developers and tech enthusiasts. Since it is a major upgrade from Raspberry Pi 3B+, some are already pronouncing the long-anticipated model as the greatest single-board computer (SBC) ever.

  However, a lot of it has to do with hype, as the dazzling features of Raspberry Pi 4 have been available with other SBC boards for quite some time. Whether it is video HDMI, a powerful processor or USB 3.0 ports, it is clear that Raspberry Pi arrived pretty late on the scene.

• Compulab CL-SOM-iMX8X SoM & SBC Feature NXP i.MX 8QuadXPlus Quad Core Cortex-A35 Processor

  NXP i.MX 8X Cortex-A35 processor designed for automotive infotainment and a variety of industrial applications was officially announced in early 2017…

• Mobile Systems/Mobile Applications

  • Nvidia’s GeForce Now service launches on Android by the end of 2019

  • 10 Best GPS Phone Trackers For Android

  • [Update: Rolling out in US] HTC U11, U11+ and U12+ will get Android Pie by Q2 2019

  • Google Android Warning As Devious Spyware Hits The Play Store, Twice

  • Airtel to offer Android set-top-box, free TV to counter Reliance JioFiber: report

  • Android Gaming: Google Adds Support To Xbox Elite Controller On USB

  • Mate 30 Pro will run Google’s Android at launch, unless the ban forces Huawei to resort to plan B

  • Six things the 2019 iPhone 11 needs to keep up with Android – but will Apple deliver?

  • GeForce Now will finally be coming to Android devices

  • NVIDIA’s game streaming service comes to Android this fall

  • NVIDIA GeForce Now Game Streaming Service to Soon Hit Android Phones

  • Best free music apps: free music on Android and iPhone

  • [Updated] Twitter Outage Occurred Due to Network Issue with Android, Confirms Company

  • LG temporarily pulls LG V30 Android 9.0 Pie update

  • HTC U12+ is now receiving Android 9 Pie in the US

  • Project Marble now stable in Android Studio 3.5

  • Call It Android Quince, You Cowards

  • YouTube Messages Feature Being Retired in September for Android, iOS, and the Web

  • OPPO F7 Youth ColorOS 6 (Android Pie 9.0) update trial version (soak test) goes live

  • Samsung rolls out Android Pie for Galaxy Tab S3 and Tab A (2017)

  • Google Play Store Redesign Now Rolling Out to All on Android, Chrome OS

  • Huawei not planning HarmonyOS phone, clinging to Android

  • Exclusive: Fearing data privacy issues, Google cuts some Android phone data for wireless carriers

  • Google will no longer send signal data from Android phones to avoid privacy violations

  • Previous Story Android Studio 3.5 hits stable, bringing along better performance

  • Shiny new toys take backseat in Android Studio 3.5 for now as ’600 bugs’ squished

  • GeForce News: Android Phones May Soon Have Nvidia’s Cloud Gaming Service

  • Infotainment System Wars, Looking at Apple CarPlay VS. Android Auto Play

  • How to back up your SMS text messages on Android

  • Best astronomy apps for iOS and Android

  • Android TV picks up free streaming service XUMO w/ over 160 live channels

  • HTC U12+’s Android Pie Update Available in the US

  • Xiaomi’s Android One-based Mi A3 lands in India with 3 cameras, $182 price tag

  • Singular Intros Tool To Deterministically Detect Phony Android Installs

  • Mozilla Releases Firefox Preview 1.3 – The Reinvented Browser for Android

  • How to Watch BTN on Roku, Fire TV, Apple TV, Android, iOS, & More

  • Google cuts some Android phone data for wireless carriers

Free, Libre, and Open Source Software

• Open Source platforms to now help students

  The technical institutes in the State are now asked to use free and open-source software developed by a team, headed by the Ministry of Human Resource Development (MHRD). The MHRD has also promoted their FOSSEE (Free and Open Source Software for Education) projects which uses tools so that students can easily use them.

  Recently, the MHRD made a decision that FOSSEE should be promoted amongst the student community so they can aim at reducing dependency on proprietary software in educational institutions. The MHRD Minister Ramesh Pokhriyal Nishank too took to twitter urging students to use FLOSS tools in various languages to meet academic and research requirements.

• Octo Acquires Connexta to Enhance Open Source Software Development Capabilities

  Octo, a premier provider of next-generation services for the Federal market, today announced its acquisition of Connexta, a Phoenix, Arizona-based global leader in open source software development and secure discovery solutions for government and commercial customers

• Square Crypto’s Open Source Endeavor, Fostering Bitcoin Development will Witness Matt Corallo On Board

  Square, Inc. is a mobile payment company based in San Francisco, California. The company markets software and hardware payments products and has expanded into business services. Square Crypto the division of parent company Square, Inc. is a payments solutions provider and focuses on open source Bitcoin development.

  Jack Dorsey, CEO of the Square, Inc. foresees a bullish vehement regarding the acceptance of Bitcoins and the urge to conceptualize Bitcoin as a utopia invigorates the formation of this new team which will be headed by Steve Lee, a former director at Google and Matt Corallo as the first development engineer.

• Google open-sources gesture tracking AI for mobile devices

  Real-time hand shape and motion trackers are an invaluable part of sign language recognition and gesture control systems, not to mention a number of augmented reality experiences. But they’re often hobbled by occlusion and a lack of contrast patterns, preventing them from performing reliably or robustly.

  Those challenges and others motivated scientists at Google to investigate a new computer vision approach to hand perception — one bolstered by machine learning. They say that in experiments, it managed to infer up to 21 3D points of a hand (or multiple hands) on a mobile phone from just a single frame.

• Asterisk Celebrates 25 Million Downloads

  Sangoma Technologies Corporation (TSX VENTURE: STC), a trusted leader in delivering Unified Communications solutions for SMBs, Enterprises, OEMs, and Service Providers, both on-premises and in the cloud, today announced that September will mark the 25 millionth download of Asterisk, the world’s most widely used open source communications software.

• Web Browsers

  • Mozilla

    • WebAssembly Interface Types: Interoperate with All the Things!

      People are excited about running WebAssembly outside the browser.

      That excitement isn’t just about WebAssembly running in its own standalone runtime. People are also excited about running WebAssembly from languages like Python, Ruby, and Rust.

    • Support.Mozilla.Org: Introducing Bryce and Brady

      I’m thrilled to share this update with you today. Bryce and Brady have joined us last week and will be able to help out on Support for some of the new efforts Mozilla are working on towards creating a connected and integrated Firefox experience.

      They are going to be involved with new products, but also they won’t forget to put extra effort in providing support on forums and as well as serving as an escalation point for hard to solve issues.

    • FPR16 delays

      FPR16 was supposed to reach you in beta sometime tomorrow but I found a reproducible crash in the optimized build, probably due to one of my vain attempts to fix JavaScript bugs. I’m still investigating exactly which change(s) were responsible. We should still make the deadline (September 3) to be concurrent with the 60.9/68.1 ESRs, but there will not be much of a beta testing period and I don’t anticipate it being available until probably at least Friday or Saturday. More later.

    • Mozilla Mornings on the future of EU content regulation

      On 10 September, Mozilla will host the next installment of our EU Mozilla Mornings series – regular breakfast meetings where we bring together policy experts, policymakers and practitioners for insight and discussion on the latest EU digital policy developments.

      The next installment will focus on the future of EU content regulation. We’re bringing together a high-level panel to discuss how the European Commission should approach the mooted Digital Services Act, and to lay out a vision for a sustainable and rights-protective content regulation framework in Europe.

• Productivity Software/LibreOffice/Calligra

  • GSoC final report

    The idea of this GSoC project was to implement new Domain-Specific language for LibreOffice to be used in UI testing by logging the user interactions with LO applications then generate the python code needed for the python UI framework which asaswill make testing easier. Also, the project aims to improve the logger that logs all the user interaction to be logged in the new DSL syntax to be more readable. Then we can use this replaying all the user interactions as a UI test.

• FSF/FSFE/GNU/SFLC

  • FreeIPMI 1.6.4 Released

    o In libfreeipmi, add additional workarounds for packets that are
    re-ordered during sensor bridging.
    o In libfreeipmi, add additional sensor / event interpretations.
    o In libfreeipmi, fix error return value on bridging requests.
    o Add workaround in ipmi-sel for QuantaPlex T42D-2U motherboard,
    whichlists a SDR record that makes no sense.
    o Add workaround for Dell Poweredge FC830, which have an error
    when reading the last SDR record on a motherboard.
    o Support Supermicro X10 OEM dimm events.

• Licensing/Legal

  • The world’s first mobile phone type crypto digital currency hardware cold wallet officially opened source code

    Recently, the world’s first mobile phone type crypto digital asset hardware cold wallet SAFEGEM officially opened source code [...] The cryptography-based blockchain technology is characterized by openness, transparency, and traceability. As an crypto digital asset management system based on blockchain applications, it should have the same characteristics and should have higher security. Therefore, the SAFEGEM development team decided to open up all source code, open source follows the GPL agreement, defines the business boundary, uses open source code for commercial use, and chooses not to open source.

• Openness/Sharing/Collaboration

  • Open Hardware/Modding

    • Western Digital’s Long Trip from Open Standards to Open Source Chips

      It started as a microprocessor pioneer in the 1970s. Now, the company is charting a new course in open source silicon.

• Programming/Development

  • This Week in Rust 300

  • Python String Interpolation with the Percent (%) Operator

    There are a number of different ways to format strings in Python, one of which is done using the % operator, which is known as the string formatting (or interpolation) operator. In this article we’ll show you how to use this operator to construct strings with a template string and variables containing your data.

  • Your Guide to the CPython Source Code

    Are there certain parts of Python that just seem magic? Like how are dictionaries so much faster than looping over a list to find an item. How does a generator remember the state of the variables each time it yields a value and why do you never have to allocate memory like other languages? It turns out, CPython, the most popular Python runtime is written in human-readable C and Python code. This tutorial will walk you through the CPython source code.

    You’ll cover all the concepts behind the internals of CPython, how they work and visual explanations as you go.

  • Python 3.8 support in PyCharm

    The release of Python 3.8 brought new features to the Python coding realm. The language is evolving according to its community’s needs by addressing cases where new syntax or logic become necessary. From new ways of assigning expressions to restriction of usage of function declarations, calls, and variable assignations, this latest release presents new options to code. Of course, PyCharm couldn’t get behind, so we now support some of the major features coming with this new version.

    This article will walk you through the features currently supported by our latest PyCharm release. To try them out, get the latest version of PyCharm and download the current beta release of Python 3.8 from here. From there you will just need to switch to Python 3.8 as your interpreter in PyCharm (if you’re not sure how to switch the interpreter, jump into our documentation for help).

  • Python Arrays in a Nutshell

    Python arrays are homogenous data structure. They are used to store multiple items but allow only the same type of data. They are available in Python by importing the array module.

    Lists, a built-in type in Python, are also capable of storing multiple values. But they are different from arrays because they are not bound to any specific type.

    So, to summarize, arrays are not fundamental type, but lists are internal to Python. An array accepts values of one kind while lists are independent of the data type.

  • Announcing Qt for MCUs

    Today we announce the launch of Qt for MCUs – a comprehensive toolkit to deliver smartphone-like user experience on displays powered by microcontrollers. What started as a research project is now in the final leg of its journey to being released as a product.

    Connected devices found in vehicles, wearables, smart home, industrial and healthcare often have requirements that include real-time processing capabilities, low power consumption, instant boot time and low bill of materials. These requirements can be fulfilled by a microcontroller architecture. However, as devices get smarter and offer more features and capabilities, users expect an enhanced and intuitive experience on par with today’s smartphones. Qt for MCUs delivers an immersive and enriching user interface by utilizing a new runtime specifically developed for ARM Cortex-M microcontrollers and leveraging on-chip 2D graphics accelerators such as PxP on NXP’s i.MX RT series, Chrom-Art Accelerator on STM32 series and RGL on Renesas RH850.

  • Qt for MCUs – Qt Announces support for Microcontrollers

    About Qt for MCUs Qt- The well known opensource toolkit for creating graphical interface announced their new release: Qt for MCUs, targeting MCU’s.

  • The Qt Company Is Now Working On Qt For Microcontrollers

    There have been a lot of announcements pertaining to Qt as of late, most of which have been about forthcoming efforts around Qt 6 development. A new announcement out of The Qt Company catching us off-guard is their plans for the tool-kit on micro-controllers.

    Qt for MCUs is the company’s newest commercial endeavour. In particular, they are working on the Qt tool-kit for displays powered by micro-controllers for smartphone-like user experiences. Qt for MCUs has been a research project at the company but is now being worked out as a new commercial offering. Considering how well though Qt works on mobile devices, it’s only another step down catering it to low-power micro-controllers.

  • Excellent Free Books to Learn Go

    Go is a compiled, statically typed programming language that makes it easy to build simple, reliable, and efficient software. It’s a general purpose programming language with modern features, clean syntax and a robust well-documented common library, making it a good candidate to learn as your first programming language. While it borrows ideas from other languages such as Algol and C, it has a very different character. It’s sometimes described as a simple language.

    Go is an open source project developed by a team at Google and many contributors from the open source community. Go’s first release was in 2009, and it’s distributed under a BSD-style license.

    This article selects the best open source books that will give readers a firm foundation in developing Go applications.

  • Corner cases and exception types

    Some unanticipated corner cases with Python’s new “walrus” operator—described in our Python 3.8 overview—have cropped up recently. The problematic uses of the operator will be turned into errors before the final release, but just what exception should be raised came into question. It seems that the exception specified in the PEP for the operator may not really be the best choice, as a recent discussion hashed out.

  • Dirk Eddelbuettel: Rcpp now used by 1750 CRAN packages

    Since this morning, Rcpp stands at just over 1750 reverse-dependencies on CRAN. The graph on the left depicts the growth of Rcpp usage (as measured by Depends, Imports and LinkingTo, but excluding Suggests) over time.

    Rcpp was first released in November 2008. It probably cleared 50 packages around three years later in December 2011, 100 packages in January 2013, 200 packages in April 2014, and 300 packages in November 2014. It passed 400 packages in June 2015 (when I tweeted about it), 500 packages in late October 2015, 600 packages in March 2016, 700 packages last July 2016, 800 packages last October 2016, 900 packages early January 2017,
    1000 packages in April 2017, 1250 packages in November 2017, and 1500 packages in November 2018. The chart extends to the very beginning via manually compiled data from CRANberries and checked with crandb. The next part uses manually saved entries. The core (and by far largest) part of the data set was generated semi-automatically via a short script appending updates to a small file-based backend. A list of packages using Rcpp is availble too.

    Also displayed in the graph is the relative proportion of CRAN packages using Rcpp. The four per-cent hurdle was cleared just before useR! 2014 where I showed a similar graph (as two distinct graphs) in my invited talk. We passed five percent in December of 2014, six percent July of 2015, seven percent just before Christmas 2015, eight percent last summer, nine percent mid-December 2016, cracked ten percent in the summer of 2017 and eleven percent in 2018. We are currently at 11.83 percent: a little over one in nine packages. There is more detail in the chart: how CRAN seems to be pushing back more and removing more aggressively (which my CRANberries tracks but not in as much detail as it could), how the growth of Rcpp seems to be slowing somewhat outright and even more so as a proportion of CRAN – just like one would expect a growth curve to.

• Standards/Consortia

  • US Hangs Tough on Restricting Huawei’s Participation in Standards Development

    Ninety-odd days ago, the US Bureau of Industry and Security (BIS) added Huawei and 68 of its affiliates to its “Entity List.” BIS added another 46 Huawei affiliates last week (collectively, “Huawei”), thereby making it illegal for US individuals and entities to disclose certain technology and software to Huawei and such blacklisted affiliates without a license. At the same time, it tempered the blow by issuing a Temporary General License that, among other things, allowed US entities to continue to participate with Huawei to develop 5G standards.

    For all other standards, Huawei’s continued participating would be legal only to the extent a given standard setting organization (SSO) either applied for, and received, a license from the BIS, or could credibly analogize its processes to an exception recognized under existing Export Administration Regulations (EAR). The closest exceptions are disclosures at public conferences and in connection with coauthoring journal articles. Ever since, standards setting organizations (SSOs) counting Huawei as a member have been scrambling, trying to figure what they can and cannot allow Huawei to do.

    On Monday of this week, three things happened that provided some answers. But almost all the answers were bad.

    The first thing BIS did was to roll over the Temporary General License for another 90 days, thereby allowing Huawei customers and partners more time to adapt. That was helpful, but the second was to remove the 5G standards development exception. And the third was to issue a General Advisory Opinion Concerning Prohibited Activities in the Standard Setting or Development Context When a Listed Entity is Involved. Unfortunately, the Advisory Opinion leaves most questions unanswered.

Security (Confidentiality/Integrity/Availability)

• NSA Researchers Talk Development, Release of Ghidra SRE Tool

  The National Security Agency released its classified Ghidra software reverse-engineering (SRE) tool as open source to the cybersecurity community on April 4. NSA researchers Brian Knighton and Chris Delikat shared how Ghidra was built and the process of releasing it at Black Hat 2019. Ghidra is a framework developed by the NSA’s Research Directorate for the agency’s cybersecurity mission. It’s designed to analyze malicious code to give security pros a better understanding of potential vulnerabilities in their networks and systems.

• Linux Is Being Hit with Zero-Day Exploits/ Zero-Day Attacks [Ed: This is not news. If you have a system that is unpatched for months, despite many warnings, it is a risk, no matter the OS/kernel.]

  It was once the popular opinion that Linux was immune to zero-day exploits. However, even before the Equifax exploit, vulnerabilities were found in Linux distributions like Fedora and Ubuntu. In particular, back in 2016, a security researcher discovered that you could exploit a Linux system by playing a specific music file. Then, in 2017, a group of attackers used Struckshock vulnerability to carry on the attack on Equifax. These zero-day attacks are Advanced Persistent Attacks that exploit recently discovered vulnerabilities. Read on to learn more about what are zero-day exploits and how they can affect a Linux system.

Environment

• Climate denial is reported more than science

  Rich and poor countries see the challenge of the growing crisis quite differently: for the wealthy it revolves around climate denial, while for those in poverty it’s a matter of life and death.

  In the developing world, climate news is presented by the media as an international problem. In the rich world newspapers, broadcasters and websites tend to see it as a political issue, according to researchers at the University of Kansas.

  And in the richest country of all, climate news is presented as a contentious issue. That is, according to a massive study by Californian scientists, the people who say climate change is not happening, or not a problem, get 49% more coverage than the scientists who have the evidence that it represents a serious and accelerating crisis.

  Even in the mainstream outlets, distinguished climate scientists tend to get no more visibility than those – often not scientists – who challenge their conclusions.

Finance

• CEO of ‘investment scam’ found dead

  A TOP executive of an investment firm who was wanted in Davao since June 2019 was found dead on a grassy lot in the hills of Barangay Cansomoroy, Balamban, Cebu on Tuesday, Aug. 20, 2019.

  Armando Bernaldez Oppus, 34, a resident of Doña Vicenta in Davao City, was the chief executive officer of Crowd Royals Real Estate Services based in Digos City, Davao del Sur.

  [...]

  He was identified from his passport that Balamban police had retrieved from a white sports utility vehicle that had been set on fire and thrown into a cliff in Barangay Sunog.

  Oppus and two other Crowd Royals officers, Edmon Corona Quiñones of finance and Judy Ann Delatina-Estrella of marketing, are wanted in the Davao region for large-scale estafa.

  Crowd Royals Real Estate Services, set up on May 22, 2019 in Digos City, Davao del Sur, promises to double its investors’ money in a short time.

• Potentially Big News: Top CEOs Realizing That ‘Maximizing Shareholder Value’ Isn’t A Great Idea

  For the better part of two years, I’ve been noodling on a post (I’ve half written it a bunch of times) talking about how perhaps the biggest problem with so much of what we see today can be tied up in two related concepts: “fiduciary duty to shareholders” and the idea of “maximizing shareholder value.” I talked a little about this a few weeks back in highlighting how almost all of the problems that people talk about when they complain about big tech can really be traced back to Wall Street and this idea of maximizing shareholder value.

  Conceptually, maximizing shareholder value makes some sense, but only if you don’t think about it for more than a few minutes. Because the whole thing falls apart as soon as you ask “over what time frame?” I first wrote about this back in 2006, in what I called the “time function of profits,” in trying to understand why so many people were claiming that Craigslist’s approach to grow slowly (but massively) by leaving most of their site free and not doing all sorts of icky stuff, was seen by some as “leaving money on the table” or even being anti-capitalist. As I pointed out then, that only made sense if you thought in the very short-term. Taking a longer term view suggests that “maximizing” profits in the short run is likely to create significant problems in the long run, whether it be competition or customers annoyed at you and the like. In a follow up post I did in 2008, I pointed out that maximizing profits shouldn’t mean screwing your customers. The real issue is the time frame. If you want to maximize profits for just this quarter, then, yes, screwing over your customers is a viable strategy.

  However, if it’s more long term, then the incentives should change quite a bit. It’s just like the Prisoner’s Dilemma. If you are playing that game once, the incentives are heavily weighted towards cheating. However, if you’re playing it many, many times, the incentive structure changes, and it should move to a more cooperative model. For some reason, however, this hasn’t happened that much in real life. Many businesses (and many folks on Wall Street) assume that having a “fiduciary duty” to “maximize shareholder value” or “shareholder profits” means squeezing out every penny of profits right away, with no concern for the future.

AstroTurf/Lobbying/Politics

• ‘Pragmatic’: How Corporate Media Praise Dems Who Abandon Progressive Values

  The battle for the Democratic presidential nomination is dominating the news cycle, and two of the three clear frontrunners in polls, Elizabeth Warren and Bernie Sanders, draw their support from the resurgent left of the party. Sanders in particular describes himself as a democratic socialist and a threat to the establishment. The third favorite, Joe Biden, presents himself not as the representative of the conservative wing, but as a pragmatic, centrist reformer (FAIR.org, 7/17/19).

  Across corporate media, the choice is being portrayed as between progressive idealism and a more credible pragmatism—not left vs. right, but left vs. realistic: “Should Democrats Be Going Big or Getting Real?” asked the Associated Press (7/31/19), while the LA Times (7/31/19) defined the choice as between those who “call for big, ambitious policies” and those with a “more centrist, pragmatic approach.”

• MICHAEL WHITE: Brexit strategy is no clearer as time ticks on

  Don’t laugh, but I was greatly cheered by a recent visit to the cinema where we saw Richard Curtis & Danny Boyle’s romantic comedy, Yesterday. Suffused with Beatles nostalgia and an heroic role for the Leave-voting Norfolk port of Gorleston-on-Sea, the film’s only comic villain was a rapacious Hollywood producer. Yesterday’s inclusive warmth made me think of an Ealing Comedy. “Perhaps this country really can come together again after Brexit,” I mused.

  The upbeat mood didn’t last and not just because two days later I saw John Malkovich’s monstrous portrayal of a Harvey Weinstein predator in David Mamet’s strangely flawed play, Bitter Wheat. Hard to stay cheerful after such a pummelling in a week when Q2 GDP dropped 0.2% and the bond market signalled looming recession. There was also John Bolton’s menacing visit to promise an early US/UK trade deal he can’t deliver – Arghh! – and Nigel Farage’s attack on the Windsors, made on the lucrative speaking circuit in Sydney. Was that a portent of alt-right republicanism to come if Brexit goes badly wrong? Shades of Napoleon III’s “democratic” French coup in 1848.

Censorship/Free Speech

• WSJ Rightly Attacks Senator Josh Hawley’s ‘Nannyish’ Laws Regarding The Internet

  Hawley, of course, has been grandstanding a lot lately about how the “cosmopolitan elite” are the problem. He conveniently leaves out the fact that he attended Stanford and Yale Law School, clerked for the Supreme Court, worked at a massive “cosmopolitan” law firm (based in DC and London), Hogan Lovells, and then became Attorney General for Missouri before becoming Senator. Hawley is about as “cosmopolitan” a Senator as you can find. But apparently, in grandstanding to what he seems to believe is a very, very gullible base, he wants to convince them that he’s standing up to the “elites” and that the only innovation that matters is innovation that comes from “the Heartland” or some such nonsense.

  [...]

  Given the willingness of the WSJ to publish anti-internet nonsense of late, it’s nice to see Kessler able to get at least something sensible through.

• Apartheid-era flag outlawed by court in Johannesburg

  Restrictions on public displays of South Africa’s apartheid-era flag have been imposed by a court in Johannesburg.
  The equality court ruled on Wednesday that gratuitous display of the national flag from the era of white minority rule would constitute hate speech and harassment.
  Judge Phineas Mojapelo said the old orange, white and blue banner would not be completely banned from public display, as its use was protected by law for artistic, academic, journalistic and other public-interest purposes.

Privacy/Surveillance

• Communities Across the Country Reject Automated License Plate Readers

  Recent months have seen a wave of cities and counties around the country rejecting the use of automated license plate readers in their communities, citing privacy concerns posed by the technology. Added to recent local level victories barring the use of face recognition technologies, it is encouraging to see local governments across the nation lead the way in proactively stemming the tide of invasive surveillance technologies.

  Automated license plate readers (ALPRs) are camera systems that scan vehicle license plates and build a searchable database of drivers’ historical travel patterns. ALPRs, often installed on patrol vehicles, streetlights, freeway overpasses and the like, indiscriminately scan every vehicle in a given area and collect data on all drivers regardless of whether their vehicle is under suspicion. Location-based information collected over time can reveal intimate details of a person’s life, such as where they work and live, where they pray, where they seek medical treatment, and who their friends or romantic partners are.

  In June, the California State Auditor launched a probe into the use of ALPRs by local law enforcement agencies, which is a valuable step towards improved information about how government agencies are collecting, using, and storing ALPR data. Even better, there’s been a recent surge of cities and counties rejecting ALPRs. This shows the power that local governments and residents have when they speak up and voice concerns over threats to their privacy. That’s how a community can curb the spread of this dangerous technology.

• California Police Officers Are Handing Out Free Doorbell Cameras In Exchange For Testimony In Court

  Snitches no longer get stitches. In the year of our lord two-thousand-nineteen, snitches get street surveillance gear from Amazon.

  Amazon’s Ring doorbell — which sports a handy camera to catch all those package thieves — has swallowed up more than 200 police departments with its charm offensive. Cops get doorbell cams at a discount and hand them out for free to locals with the assumption residents will repay the favor by granting officers warrant-free access to footage any time they ask.

  To decrease friction, Ring — which has final edit approval on police publicity efforts — nudges people towards its snitch app, Neighbors, which encourages users to post any suspicious footage they capture. Ring also nudges law enforcement towards more social media interaction with Ring users to blur the line between sharing with neighbors and sharing with government employees.

  The push continues. Amazon sees a market worth cornering and cops see a handy way to turn multiple doorsteps into extensions of their existing surveillance network. Win-win for all involved, I guess, except those who want to secure their homes without feeling obligated to hand over footage whenever the government thinks it might be helpful.

  The advantages for law enforcement are obvious. And that has led to more… um… proactive efforts by law enforcement to spread the good word about these doorbell cameras. Louise Matsakis reports for Wired that a California law enforcement agency recently offered Ring doorbells to citizens in exchange for some help with their cop work.

Civil Rights/Policing

• As Corruption Runs Rampant In Alabama Prisons, Officers Thwart Organizing Outside Holman Facility

  Unheard Voices OTCJ is a group of organizers working to confront injustices in the United States’ systems of mass incarceration. Two volunteers were conducting outreach to family members of prisoners at Holman Prison in Alabama on the side of a highway when law enforcement insisted they were trespassing on state property.

  On August 18, an officer, who identified himself as Sergeant Davis, urged volunteers to go to a “designated protest area,” away from where visiting family members turn.

  Mona Song and Queen Dara stood on the side of Route 21. They were able to give leaflets to at least eight people who stopped to speak with them.

  Video shows Song saying, “Everyone that we’ve talked to that’s going to visit family so far has been really encouraging and receptive to what we’re doing.” They discussed how visitation may be eliminated by the Alabama Department of Corrections (ADOC) and connected it to a trip planned for Washington, D.C., where organizers intend to travel with family of prisoners to speak their truth at an event in September.

  Unheard Voices OTCJ would like to ramp up pressure on the Justice Department to go beyond their report on abuses and corruption in the Alabama prison system and take action to hold officials accountable in some manner.

• Federal Prosecutor Blames Philadelphia DA For Shootout That Wounded Six Philly PD Officers

  While McSwain was bitching about a prosecutor he doesn’t like, DA Larry Krasner was praising the Philadelphia PD — which saw six of its officers wounded — for their handling of the volatile situation.

  McSwain also suggested the federal branch would step in to directly control the actions of the Philly DA. His exact words were “We’re going to provide some adult supervision.” As Adam Steinbaugh points out, that’s not how federalism works. Someone must have pointed that out McSwain, who walked back this comment (but none of his press conference remarks) less than two hours later.

  Perhaps the federal prosecutor was just being reflexively defensive. The person who allegedly shot all of these cops was a federal snitch who got a break on his most recent prison sentence because of how helpful he was.

• EU has ‘zero incentive’ to break open ‘trilogue’ deals

  It does not happen often that EU directives attract so much public attention that it leads to protests on the streets.
  Yet this is what happened in Berlin and other European cities last March, when protesters called on the European Parliament to reject the EU’s copyright reform.

Internet Policy/Net Neutrality

• Google Cloud charging for IPv4, but proper IPv6 support is still missing in action

  Google is increasing the prices for Google Compute Engine (GCE) VMs using external IPv4 addresses, starting in 2020, according to messages sent to Google Cloud Platform customers. Starting on January 1, 2020, a standard GCE instance will cost an additional $0.004 per hour, with preemptable GCE instances costing an additional $0.002 per hour, if they use an external IPv4 address—essentially, an extra $2.92 or $1.46 per month, respectively. Unused static IP will remain unchanged at $0.01 per hour ($7.30 per month).

  While that price increase is by no means wallet-busting, the increase can add up quickly for users of multiple VMs. The natural solution to that would be NAT, but prices are also changing for Cloud NAT Gateway, with Google indicating that they “will charge $0.0014/hr for each VM instance up to a maximum of $0.044/hr (32 or more instances). Gateways that are serving instances beyond the maximum number are charged at the maximum rate.” Users with fewer than 32 nodes will be charged less, while users with more will see no difference.

• NY Investigates Frontier Communications As US Telcos Slowly Implode

  We’ve long explored how the nation’s phone companies don’t really even want to be in the broadband business. They routinely refuse to upgrade their networks despite millions in subsidies, yet often lobby to ensure nobody else can deliver broadband in these neglected footprints either. US telcos have a bizarre disdain for their paying customers, delivering the bare minimum (slow DSL) at the highest rates they can possibly charge without a full-scale consumer revolt. It’s not surprising then that many telco DSL customers are fleeing to cable, assuming they even have a second broadband option.

  This dynamic often results in some absurd dysfunction. Like in West Virginia, where incumbent telco Frontier has repeatedly been busted in a series of scandals involving substandard service and the misuse of taxpayer money. The graft and corruption in the state is so severe, state leaders have buried reports, and, until recently, a Frontier executive did double duty as a state representative without anybody in the state thinking that was a conflict of interest.

Monopolies

• Cracks Showing In Epic Store’s PR War As Developers Have To Plead With Public To Not Harass Them

  We’ve been discussing the new PC gaming platform wars that kicked off with Epic releasing their own Epic Store to rival Valve’s Steam and attempting to power it with game exclusives built on a more generous split with publishers. There has obviously been a lot to talk about in this new rivalry, from Steam’s response, to Epic’s flubbing of its store’s main purpose, to the effect Epic’s exclusivity deals are hampering the use of crowdfunding to get more games made. But one of the most interesting aspects of this whole ordeal is how clearly Epic’s leadership has attempted to frame this all as a PR war above all else. Essentially, Epic is combating the public’s natural distaste for exclusivity deals by pointing the finger back at Steam, stating that none of this would be an issue and the exclusive deals could go away tomorrow if Steam mirrored Epic’s revenue splits. The argument is that what Epic is really after is a better gaming industry that makes more and better games, something that should benefit the very fans now complaining about the company’s tactics.

  So, how’s that PR battle plan working? Not terribly well, judging by some of the peripherals. For instance, when part of the announcement for a game publisher releasing exclusively on Epic includes the company begging gamers not to hurl vitriol at it in response, that’s an indication the gaming public hasn’t been swayed.

• Patents and Software Patents

  • Anticipat has fully transitioned to new data source for PTAB appeals data

    Over the past few years, the USPTO has modernized its data offerings with new websites and APIs. Just recently, the USPTO confirmed completion of a new PTAB site with successfully migrated appeal decisions. Anticipat has now fully transitioned to using this new data source.

    [...]

    We will continue to provide the same type of curated content for ex parte appeal decisions at the PTAB. Only now with a more modern and robust data source, the potential insights are even greater.

  • Nalproprion Pharmaceuticals, Inc. v. Actavis Laboratories FL, Inc. (Fed. Cir. 2019)

    Last week, the Federal Circuit reversed findings of non-obviousness and affirmed (over Chief Judge Prost’s dissent) a finding that claims asserted in ANDA litigation were not invalid for failure to satisfy the written description requirement in Nalproprion Pharmaceuticals, Inc. v. Actavis Laboratories FL, Inc.

    ANDA litigation arose over Nalproprion Pharma’s Contrave® extended-release tablets of the combination of naltrexone hydrochloride and buproprion hydrochloride, for treatment of obesity, and Orange Book-listed U.S. Patent Nos. 7,375,111; 7,462,626; and 8,916,195.

    [...]

    Important to the Chief Judge’s reasoning, inter alia, were arguments from the prosecution history where the patentee appeared to rely on the dissolution profile (and the manner of determining it) to distinguish the claims from the prior art. The Chief also disagreed with the District Court’s (and the majority’s) disregard for defendant’s expert testimony and found his assertion that the USP1 an USP2 methods would not have produced the same dissolution profile results to have been relevant to the written description issue before each court.

  • Chamberlain’s Garage Door Opener invalid as an Abstract Idea

    Chamberlain’s asserted patents cover various garage door opening inventions.

    U.S. Patent No. 7,224,275 in particular claims a garage door opener that includes a status-condition-data-transmitter to know if the door is open or closed without looking. The jury found that Techtronic willifully infringed and the patent not invalid. The district court then awarded enhanced damages, attorney fees, and injunctive relief.

    On appeal , the Federal Circuit has overturned the verdict — holding that the claims are invalid as directed toward the abstract idea of “wirelessly communicating status information about a system.” Alice Step 1. Further, the claims do not include any inventive concept under Alice Step 2. All of the physical elements in the claim were admittedly “well understood in the art” and claimed in a generic fashion. The only arguably new element is that the actual information being transmitted is “a status condition signal that: corresponds to a present operational status condition (open or closed).

  • District Court Finds Amazon Lockers Qualify as a Regular and Established Place of Business

    Recently, in Rensselaer Polytechnic Institute et al v. Amazon.com, Inc., a district court weighed in on whether Amazon’s lockers constituted “a regular and established place of business” for the purposes of determining whether venue was proper. Amazon was sued for patent infringement in the Northern District of New York. In response, Amazon argued that venue was improper under 28 U.S.C. § 1400(b) because Amazon contended it had no regular/established place of business within the district.

    In patent infringement cases, venue is proper in the district (1) “where the
    defendant resides” or (2) “where the defendant has committed acts of infringement and has a regular and established place of business.” 28 U.S.C. § 1400(b).

    [...]

    Amazon also argued that a place of business required “the presence of employees or agents of the company to carry out the business,” and, since no Amazon employees or agents conducted no business at the lockers, the lockers were not a place of business. In looking at cases cited by the plaintiff and Amazon, the court determined that the relevant question was whether Amazon has agents conducting its business at the lockers – not whether Amazon’s agents are present at all times at the lockers.

    The court cited to facts showing Amazon uses third-party technicians to assemble and maintain the lockers at the locations. Furthermore, the court found that the third-party technicians serve as Amazon’s agents.

  • Audio Compression Improvements are Patent-Eligible

    The Northern District of California recently held that claims directed to data compression to improve audio signal processing are eligible under 35 U.S.C. § 101 as improvements to computer operation. Hybrid Audio, LLC v. Asus Comput. Int’l, Case No. 3:17-cv-05947-JD (N.D. Cal. Jul. 11, 2019).

    Hybrid Audio sued Asus for infringement of U.S. Reissue Patent No. RE40,281. The patent is directed to audio signal processing for compression systems for formats such as MP3. Defendant moved to dismiss under Rule 12(b)(6), alleging that the claims of the ‘281 patent were ineligible abstract ideas with no inventive concept. Under the first part of the two-part test of Alice v. CLS Bank, 573 U.S. 208 (2014), if a claim is not directed to an abstract idea, then the claim is eligible under Section 101 and the second step need not be considered.

  • Organizing Security System Display Data Survives Patent-Eligibility Challenge

    The defendants argued that the claims were directed to “information processing steps, including the collecting, analyzing, and dispatching of information concerning alarm or warning system.” But the court bought the plaintiff’s argument that the claims survived Alice because they were “directed to a specific way of providing users with graphical information concerning a monitored event in a premises—embodied by using dynamically-rendered, event-specific, graphical floor plan.”

    To find the claims not directed to an abstract idea, the court emphasized that the patent specification “and the prosecution history focus on improving real-time notification capabilities of security systems by using a dynamically-rendered, event specific, graphical floor plan that pinpoints exact location and condition of events.” And the court emphasized the USPTO’s statement of reasons for allowance stating that the claims were inventive over prior art.

  • Determining Patent-Eligibility Requires Claim Construction!(?)

    In a decision that Judge Lourie in dissent described as “based on a claim construction issue that is little more than a mirage,” a Federal Circuit panel vacated and remanded a district court’s Rule 12(c) judgment on the pleadings of patent-ineligibility, under the Alice test and 35 U.S.C. § 101, of claims directed to updating Internet toolbars. MyMail, Ltd. v. ooVoo, LLC, Nos. 2018-1758, 2018-1759 (Fed. Cir. Aug. 16, 2019) (precedential). Judge Reyna’s majority opinion, joined by Judge O’Malley, found error in the district court’s decision not “to resolve the parties’ claim construction dispute before adjudging patent eligibility.”

    The patents-in-suit were US 8,275,863 and 9,021,070, the ’070 patent being a continuation of the ’863 patent. I will not reproduce the lengthy claims here – they can be found at the above links – suffice it to day that the claims of both patents were all about updating Internet toolbars.

    [...]

    The effect of this precedential decision can only be to create more uncertainty in – and, by effectively requiring more claim construction when Rule 12 patent-eligibility motions are brought, complexify and prolong – patent suits. An area of the law that needs to be simplified keeps getting murkier.

• Copyrights

  • The DOJ Should Keep Its Historic Role Guarding Competition and Innovation in the Music Business

    If you want to play music as part of your business, either live or recorded, chances are you are going to have to pay the two big performing rights organizations. The American Society of Composers and Publishers (ASCAP) and Broadcast Music, Inc. (BMI) license the rights to a lot of music, and without safeguards in place, could easily abuse their position. They’ve done so before. That’s why the Department of Justice should keep up its historic role overseeing those licensing societies.

    In June, the DOJ announced that it was reviewing its “consent decrees” with ASCAP and BMI, the two major performance rights organizations. The consent decrees are agreements with the U.S. government. They were originally done in 1941 to settle antitrust lawsuits, and they have been modified several times over the years. The federal district court in Manhattan (the Southern District of New York) has jurisdiction over the consent decrees and has the authority to accept or reject any changes.

    These consent decrees impose important limits on ASCAP and BMI’s ability to restrict competition and access to licenses that allow public performances of music compositions. Most importantly, the decrees require ASCAP and BMI to set license fees fairly and to charge uniform fees to similarly situated users. That helps copyright law serve its ultimate goal of spurring creativity and public access to creative works.

    Given the importance of the limits the consent decrees impose, EFF joined allies including Public Knowledge, the Consumer Technology Association, and the R Street Institute in voicing its opposition to any changes would chip away at the consent decrees’ protections against anti-competitive conduct by ASCAP or BMI. The consent decrees have become an integral part of the music publishing industry and continue to promote competition. There’s simply no good reason to get rid of these structural mechanisms that allow markets to thrive while limiting opportunities for anti-competitive conduct by dominant firms.

  • YouTube’s New Lawsuit Shows Just How Far Copyright Trolls Have to Go Before They’re Stopped

    YouTube has taken a stand against a particularly pernicious copyright troll who was not only abusing the takedown system to remove content but was also using it in an extortion scam. While this gives the weight—and resources—of a large corporation in a fight that will benefit users, it also serves as a reminder of how flawed part of the DMCA is.

    The “safe harbor” provision of the DMCA protects platforms like YouTube from liability for copyright infringement done by users. As long as these services do certain things, they cannot be liable for damages. These requirements include having a registered agent to receive copyright complaints, promptly removing content after receiving a complaint, a counter-notice system where the person who’s content has been removed can get it back up, and—most at issue in YouTube’s case—a way to deal with “repeat” infringers.

    YouTube’s way of fulfilling that last requirement is its copyright strikes system. Getting DMCA complaints filed against you means accumulating strikes. If an account accumulates three strikes at once, YouTube will terminate the account and remove all of the videos. People who make their living through their videos, and have worked hard to build an audience there, will suddenly find their lives ruined. Unsurprisingly, videomakers will go to a lot of effort to avoid getting strikes.

    In this case, YouTube v. Brady, Christopher Brady is alleged to have filed false DMCA claims—claiming he either owned things he did not or claiming videos were infringing that were not. That alone is prohibited by the DMCA, which requires the person sending the takedown to affirm that they either own the work or are an agent of the owner and that the notice is being sent in good faith—that is, that they actually believe it is infringement. Someone who thinks a video is fair use but doesn’t like what it’s saying is not allowed to send a DMCA claim. And people who send DMCA claims can’t pretend that fair use rights don’t exist—they have to consider whether the uploader may have been protected by fair use.

  • Screenplay litigation in Nigeria: Missed opportunities in Raconteur Productions Limited v Dioni Visions Entertainment Limited and Others

    This case garnered a lot of interest at its inception because the plaintiff had first obtained an interim injunction from the court restraining the defendants from holding their planned premiere for the feature film entitled Okafor’s Law. The crux of the plaintiff’s application for the injunction was that the screenplay for this feature film was substantially similar to and infringing of its screenplay with a similar title registered with the Writers Guild of Canada. The court subsequently lifted the interim injunction holding that it was granted based on insufficient evidence, as the copyright claim was yet to be determined.In order to resolve the question of whether the defendants’ screenplay in the feature film was infringing of the plaintiff’s screenplay, the court accepted that the plaintiff needed to establish these 3 elements: ownership of a valid copyright; proximity and access by the defendants to the work in which the plaintiff claims copyright and copying of constituent elements of the work that are original and/or substantial similarities between the constituent elements of the plaintiff’s work and that put out by the defendant. See pages 16 and 17 of the judgment.

    [...]

    Since the court could not address these issues on the merits, guidance for screenplay litigation will be a matter for another day. In the light of the absence of a crucial evidentiary item (i.e. the alleged infringed screenplay), an appeal court cannot even save the day since it rarely considers or deals with facts.