Desktop

• Huawei Laptops coming with Linux Replacing Windows

  Huawei even though is a huge company and a worldwide known name is having a hard time this year. After the ban on its trade selectively it’s been a turning point for Huawei as they have to tackle many of the things now. Any new product that the Chinese company comes up with now is prohibited to use Windows on it now. It’s not a good phase for Huawei and finding alternative might be possible for the brand but having the customers face it might be troublesome. They are said to work on their own operating system to replace Windows on the new products and are calling it Hongxing. The project itself is a substitute for windows but can work as a bit mobile and computer giving high hopes to users.

• Chrome OS 79 to throttle CPU usage on background Linux apps, improving web, Android performance as needed

  The Chromium team is working on a new feature for Chrome OS 79 that should improve general Chromebook performance when using Linux apps. If the code changes are completed and succesfully tested in time for Chrome OS 79, any Linux apps running in the background would see “throttling” down by the CPU, allowing more processing power applied to foreground apps such as the web browser.

Server

• IBM

  • Stephen Smoogen: Attention: Removal of python36 from EPEL-7 on 2019-10-03

    With the release of RHEL-7.7, many of the packages for python36 in EPEL were replicated in the release as python3-3.6 packages. The normal pattern when this is seen is to remove the packages from EPEL so that they do not cause problems. However, this did cause problems for users of CentOS-7 who did not have access to the newer packages. Two weeks ago, CentOS-7.7.1908 was released and should have flowed out to users as needed.

  • Red Hat Announces CentOS Stream

    Red Hat has announced a new Linux distribution called CentOS Stream for better synergy among RHEL (Red Hat Enterprise Linux), Fedora and CentOS.

    Those who don’t know, CentOS is a clone of RHEL (minus Red Hat branding) which is compiled from the source code that Red Hat releases publicly. CentOS is funded by Red Hat but is a purely community driven project, thought most lead developers of CentOS are employed by Red Hat.

    CentOS Stream will sit somewhere between Fedora and RHEL to offer a bride to developers who want to get their packages in RHEL. So far Fedora was used as a fast moving upstream project for RHEL. Red Hat forks code from Fedora to build the next version of RHEL.

  • Behind the artwork and Easter eggs of Command Line Heroes third season

    Command Line Heroes is more than a podcast—we have developed a broad creative ecosystem to support and enhance the audio experience. One of these branches of production is the artwork that accompanies the show. We produce episodic artwork to help Command Line Heroes stand out on podcast platforms, and to promote the podcast online and at events. It’s taken a creative team with diverse skill sets to build the Command Line Heroes web and event experiences—and we think it gets better every season.

    In this series, we’re going to take you behind the curtain with Red Hat’s Open Studio to learn more about our process, how this program comes to life—and point out some easter eggs you might have missed.

  • The Business Benefits of Red Hat OpenShift Dedicated: A 3x return on investment

    Red Hat commissioned Forrester Consulting to conduct a Total Economic Impact (TEI) study1 to examine the value that customers could achieve by deploying Red Hat OpenShift Dedicated. Forrester interviewed OpenShift Dedicated customers about the benefits, costs, risks, and flexibility they experienced using the platform. The companies interviewed had annual revenues of over $1 billion and used Red Hat for over three years.

    A composite organization representative of these real-world customers experienced a 343% return on investment (ROI), realized benefits with a net present value (NPV) of $3.4 million, and recouped its initial investment in fewer than six months.

Audiocasts/Shows

• You Have To Set Data Free: Jason Shepherd Talks About EdgeX Foundry

  In this episode of Let’s Talk, Jason Shepherd – IoT and Edge Computing CTO at Dell Technologies talks about the evolution of the EdgeX Foundry and state of open source in IoT/Edge Computing space.

Kernel Space

• Linux 5.3.2

  I’m announcing the release of the 5.3.2 kernel.

  All users of the 5.3 kernel series must upgrade.

  The updated 5.3.y git tree can be found at:

  git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.3.y

  and can be browsed at the normal kernel.org git web browser:

  https://git.kernel.org/?p=linux/kernel/git/stable/linux-s…

• Linux 5.2.18

• Linux 4.19.76

• Linux Security Module officially adds a lockdown to Linux

  A new feature is being added to the kernel. Details are sketchy, but all soldiers are reminded to be vigilant. Here is the information received from Commander Torvalds who has personally overseen this change.

  Civilians will see the lockdown (WE ARE IN LOCKDOWN) as a new module called Linux Security Module or LSM.

  Although the LSM only serves to formalise a process that has been naturally built into most Linux distros all along. Documents from the kernel dossier explain: “The majority of mainstream distributions have been carrying variants of this patchset for many years now, so there’s value in providing a doesn’t meet every distribution requirement, but gets us much closer to not requiring external patches.”

  As your puny cannon-foddered brains will not be able to understand the words of our Commander, I shall explain. The LSM means that, when activated, user code cannot interact to make changes to the kernel.

• Linus Torvalds Agrees To Kernel Lockdown

  The feature will restrict users with root access to interact with the kernel and make changes to it.

  Linus Torvalds has finally agreed to implement lockdown feature to the Linux kernel. The features was proposed several years ago but was rejected by Torvalds.

  The upcoming release of Linux, version 5.4, will include this feature as a Linux Security Module (LSM). It will have two lockdown modes: “integrity” and “confidentiality.”

• zfs-0.8.2 releases with support for 2.6.32 – 5.3 Linux kernels and major bug fixes

  Last week, the team behind ZFS released zfs-0.8.2, an advanced file system. This release comes with support for 2.6.32 – 5.3 Linux kernels and comes with a list of changes.

• Linux Security Simplified: How To Make Linux More Secure (With Less Work)

  Linux is a versatile operating system. Its use cases vary greatly, from hosting hundreds of containers across a complex network, to running a single desktop, to the operating systems of TVs, Android phones and most Internet of Things (IoT) devices.

  However, its adaptability in a wide variety of settings means it can easily be used insecurely. Servers face the constant threat of online attack. To keep Linux secure, a security team would typically have to routinely perform many processes, including writing custom scripts to scrape logs off servers, manually creating SIEM integrations and parsing rules, and then further manipulating the data to visualize and report on everything they need to monitor. This is complex and time-consuming.

• Intel

  • Intel’s OSPray 2.0 Enters Alpha With Many Changes For This Ray-Tracing Engine

    OSPray 2.0 brings API-breaking changes that will require developers using this ray-tracing engine to adjust their programs. Besides various API changes, OSPray 2.0 Alpha also now integrates the Intel Open Volume Kernel Library (Open VKL) for better volume sampling, rendering features, and performance performance. The Open Volume Kernel Library is one of the newest Intel open-source projects we’ve been looking forward to seeing and will also be used for other high-end workstation visualization tasks.

  • Intel’s Clear Linux Upgrades Its Performance-Optimized Desktop To GNOME 3.34

    For those that had been interested in GNOME 3.34 for Intel’s Clear Linux when running their developer-focused, performance-optimized desktop those packages have now landed.

    With the newest builds of Clear Linux (Build 31130), the desktop components have been upgraded to the GNOME 3.34 series. I did the upgrade already on my main production system and with its swupd bundles the process was effortless and smooth without any issues to note so far.

  • Intel Releasing FSP For Xeon Scalable Skylake-SP For Coreboot Support

    Intel in cooperation with Facebook have announced they are releasing a Firmware Support Package (FSP) to allow Xeon Scalable “Skylake-SP” to boot with Coreboot.

    From the latest Open Compute Project event, Intel announced the FSP server package for Xeon Scalable to boot with Coreboot.

  • Significant Performance & Perf-Per-Watt Gains Coming For Intel CPUs On Linux Schedutil

    Sadly not making it for the just-closed Linux 5.4 merge window but hopefully something we could see in Linux 5.5 is recent patches on “frequency invariance” in optimizing the Schedutil frequency scaling governor that will really benefit Intel CPUs and improve their performance by double digits.

    In September there were revised patches from Giovanni Gherdovich based on work proposed earlier by Peter Zijlstra around frequency invariance with the x86 scheduler code to correct some behavior in the code that’s surprisingly lasted this long. “For example; suppose a CPU has two frequencies: 500 and 1000 Mhz. When running a task that would consume 1/3rd of a CPU at 1000 MHz, it would appear to consume 2/3rd (or 66.6%) when running at 500 MHz, giving the false impression this CPU is almost at capacity, even though it can go faster. In a nutshell, without frequency scale-invariance tasks look larger just because the CPU is running slower.”

• Graphics Stack

  • QEMU’s Assortment Of Virtual VGA/GPU Options & What To Pick For Desktop Virtualization

    The virtual GPU/display landscape particularly for having accelerated guest graphics was once non-existent and then suffering for the open-source Linux virtualization stack around QEMU, but that is no longer the case. There are options these days to rival the GPU/display offerings of VirtualBox and VMware albeit to newcomers may not be so clear.

    Longtime QEMU/virtualization developer Gerd Hoffmann has written a blog post outlining the VGA/display devices for QEMU and the recommended options. The options he covers at length include the standard VGA device, Bochs display device, VirtIO VGA, VirtIO GPU, Vhost-user VirtIO GPU, QXL VGA, QXL, Cirrua VGA, ATI VGA, and RAMFB.

  • Intel’s Inaugural Release Of OpenVKL Ties Into Their Promising oneAPI Rendering Toolkit

    While announced some months ago, today in-step with the OSPray 2.0 Alpha ray-tracing release is the inaugural development release of the Open Volume Kernel Library (OpenVKL).

    Intel’s Open Volume Kernel Library is a set of volume computation kernels optimized for AVX/AVX2/AVX-512 and leverages their SPMD Program Compiler. OpenVKL ties into Intel’s other open-source render components like OSPray for what will form their oneAPI rendering tool-kit. We’re now in Q4 and that is when the beta release of Intel’s oneAPI is expected.

  • LuxCoreRender 2.2 Released With Intel Open Image Denoise Yields Faster Render Times

    LuxCoreRender, the open-source physically based renderer for execution on CPUs as well as OpenCL accelerators / GPUs, is out with version 2.2 and now integrates Intel’s open-source Open Image Denoise.

    LuxCoreRender already made use of Intel’s Embree library (as happened to be covered this morning with benchmark results in The Xeon vs. EPYC Performance With Intel’s oneAPI Embree & OSPray Render Projects) while now they have also pulled in Intel’s Open Image Denoise.

  • Unofficial Radeon ROCm Packages Re-Enable APU Support

    Over a year ago the AMD APU support in the Radeon Open Compute (ROCm) stack was quietly removed and has yet to be re-enabled in the upstream ROCm packages. But should you be wanting to use ROCm for their compute APIs or OpenCL on APUs, unofficial Ubuntu packages are now available to provide this capability.

    Engineering firm Bruhnpace AB has resorted to providing their own ROCm packages for Ubuntu 18.04 with AMD APU support enabled to make up for AMD’s lack of official packages handling APUs in the different ROCm libraries. The repository doesn’t provide its own rocm-dkms package but rather recommends users run the latest upstream kernels for the AMDKFD kernel driver support.

Benchmarks

• Phoronix Test Suite 9.0.1 Available Along With Several New/Updated Test Profiles

  As a minor update following last month’s Phoronix Test Suite 9.0 release, version 9.0.1 is now available and also for all PTS users are a number of new/updated test profiles via OpenBenchmarking.org.

Instructionals/Technical

• How to download & use Caddy web server on CentOS 8 Linux

• Getting started with Nano

  In 1989, the University of Washington released a *nix email client named Pine. This client contained an integrated editor called Pico, which stood for Pine’s message composer, and was written in C. Pico was a simple editor which concentrated on working with a single document at a time.

• Convert tab separate file (TSV) to JSON with jq

• Replacing rc.local in systemd Linux systems

• How to Install Passbolt Password Manager on Ubuntu 18.04 Server

• Generate SELinux policies for containers with Udica

• How To Install MariaDB on CentOS 8

• How to Make Use of the ‘echo’ Command in Linux

• How to Install WonderCMS with Nginx and Let’s Encrypt on FreeBSD 12

• How to install Vanilla Gnome Desktop on Ubuntu

• Tutorial: Transforming Data with Python Scripts and the Command Line

• Install MariaDB on Debian 10 Operating System

• How To Install LAMP Stack on Debian 10

• How to Install Ansible Automation Tool on CentOS/RHEL 8

• How to Install Cockpit on CentOS 8

• How to create the data structure for a Corteza Low Code application

• Making Trisquel Works with GLIM Multiboot Maker

• pfetch Linux and Unix hardware information tool

Games

• No Ashes of the Singularity: Escalation for Linux but Ashes II and future Stardock titles should be

  Good and bad news to share this Tuesday morning. Stardock Entertainment have given an update on the status of porting Ashes of the Singularity: Escalation to Vulkan and Linux.

  It’s been a long road! After Stardock CEO, Brad Wardell, opened a forum post on Steam asking to see Linux requests to bring Ashes of the Singularity: Escalation to Linux back in May 2017 we’ve been waiting to finally see the port. That ends now though, as the latest update has basically said it’s not happening.

• Beautiful sci-fi action platformer MegaSphere just got a massive update, needs a workaround on Linux

  You’ve played a lot of action platformers before but not many come close to the breathtaking design work going into MegaSphere and it just got a lot bigger in the Anomaly update out now.

  This is the first major update to MegaSphere in a long time, it’s an Early Access game so it’s still not finished but the level of attention being put into crafting it from AKGames is truly spectacular. The Anomaly update adds in new areas, mechanics, enemies and improvements to game throughout.

• Monthly Games I’ve Played In Linux | September 2019

• New Steam Client Beta up with an updated Steam Linux Runtime and memory leak fixes

  Have you been having issues with Steam recently since the new Library Beta? This latest Beta update should make it a much better experience.

  The newer Library (and Friends UI) are a bit heavier on your PC, as a lot of people noticed. However, you can enable GPU acceleration to make everything quite a bit smoother. That came at a cost though, as there was an unfurtunate memory leak and it sucked away performance from gaming. Valve have made attempts to address these issues in the new Beta update out.

• SCS Software are doing a Breast Cancer charity event in Euro Truck Simulator 2 and American Truck Simulator

  This is pretty sweet to see. SCS Software are running an event from now until Sunday, October 20 at 23:59 UTC to raise funds for Breast Cancer Awareness Month.

• Valve updates Counter-Strike: Global Offensive for French players to deal with loot boxes

  Rather than doing away with the loot boxes system, Valve are going with whatever loophole they can it seems. They’ve updated Counter-Strike: Global Offensive just for French players to include an X-ray Scanner.

  It’s no secret that many countries are looking into the issues surrounding loot box gambling, something I am happy about because it’s a terrible system. Valve also have issues with France, especially considering the recent legal ruling about reselling your digital games.

Desktop Environments/WMs

• K Desktop Environment/KDE SC/Qt

  • Akademy! 2019 Edition

    My trip was shortened again due to flight availability, but I still got in some great BoF sessions. We were able to achieve some tasks and goals with the Fundraising Working Group. I hung out with the Neon team for a few, and it was decided I will continue the Debian merge and continue to keep the delta between Debian and neon as minimal as possible. This helps all deb based distributions in the end. I was also happy to see snaps are coming along nicely! There was a great BoF on user support, where we discussed trying to get users connected with the people that can answer questions. I believe we landed on Discourse, we are on the technical stage of making that happen.

    The core of what makes Akademy so important is the networking of course. I was able to see many old friends and meet many new ones. I was so happy to see so many new faces this year! With each year our bunch has become more and more diverse, which is always a good thing. Face to face collaboration is very important in an environment where we mostly see text all day.

• GNOME Desktop/GTK

  • GNOME 3.34 is now managed using systemd

    If you are already using GNOME 3.34, then most likely your session is managed using systemd right now. For a long time now we were already running a systemd instance for every user, which is used to launch DBus and for DBus activated applications. So, with GNOME 3.34, we finally took the next step and moved the rest of the session over to run using systemd.

    From a user’s perspective nothing should have changed and at this point I believe that most regressions have been dealt with. Neither will this change affect application developers for the time being as XDG autostart files continue to be supported and are prefered at least for the time being.

Distributions

• How to use Slax Linux? A Portable Linux distribution that doesn’t require installation

  If you want to use or get a flexible computer, want to play with new programs or simply want to tinker around with them, Linux is the best platform for you. As Linux is an open platform, you can find a lot of recipes to make your computer exactly the way you want. One of the advantages of Linux systems or more importantly most Linux distributions is that you can run the live version of distribution so that you can understand whether it will work for you. Once you start using the live version of some Linux distribution, become satisfied with that, you can always proceed with the installation of it on your system.

  Though the live version of distributions is available for most Linux distributions out there, the changes that you make on the live version will not be retained next time you boot your computer. Besides that, you can’t even install new programs as it runs in kind of a read-only mode. However, I recently came across a Linux distribution which is a perfect portable distribution of Linux that you can use. I am talking about Slax. Slax is a distribution of Linux, which can run right from your USB or thumb drive and the changes that you make will be retained, next time you boot your computer with Slax. Not to mention, Slax doesn’t require any installation as well.

  I really liked the concept of Slax, and in this tutorial, we see how we can set it up on your USB flash drive to run it on any computer you get physical access to. The best thing the changes that done during the Live usage of Slax can be saved by this lightweight Linux distro for the next usage. In this way, the user will not lose its data and will be saved on the Slax installed USB drive for next usage.

• Screenshots/Screencasts

  • SolydK 10 overview | Stable and Secure

    In this video, I am going to show an overview of SolydK 10 and some of the applications pre-installed.

• Fedora Family

  • Fedora Join is trying a new people focused workflow for newcomers

    When a newcomer, let’s call her “Jen”, comes to Fedora and looks for where to begin, the general workflow she is introduced to is quite task-oriented. “Find something to do, get started, learn along the way, ask if you have a question” we say. We have easyfix and What Can I do for Fedora (wcidff) designed to quickly help Jen find something to do, for example. The idea, of course, is that Jen will familiarise herself with the tools, the processes, and the people while she works on this task. This works sometimes. Sometimes it doesn’t. It depends on what Jen has picked to do. Sometimes the learning curve is too steep—there are too many tools and processes to learn. Sometimes Jen works on her task in isolation and is too scared to ask questions they think are “silly”. Sometimes Jen just gets too busy to keep working on it.

  • Reto Gantenbein: My free software activities (2019-09)

    I’m starting a new series of blog posts summarizing my various activities regarding free software projects. There might not be every month something worth mentioning, but this month I was quite busy what might be interesting for some of you.

• Debian Family

  • Mike Gabriel: Install ActivInspire Smart Board Software on Debian 10

    From one of my customers, I received the request to figure out an installation pathway for ActivInspire, the Promethean smart board software suite. ActivInspire is offered as DEB builds for Ubuntu 18.04. On a Debian 10 (aka buster) system the installation requires some hack-around (utilizing packages from Debian jessie LTS).

  • Ben Hutchings: Debian LTS work, September 2019

    I prepared and, after review, released Linux 3.16.74, including various security and other fixes. I then rebased the Debian package onto that. I uploaded that with a small number of other fixes and issued DLA-1930-1.

    I backported the latest security update for Linux 4.9 from stretch to jessie and issued DLA-1940-1 for that.

  • Abhijith PA: Debian packaging session

    Last week I conducted a workshop on Debian packaging at MES College of Engineering, Kuttipuram in accordance with Frisbee 19, yearly conference by IEEE cell of this college. Thanks to Anupa from ICFOSS who contacted and arranged me to take this session. I was accompanied by Subin and Abhijith from FOSSers. The time span was from 9:30 AM to 04:30 PM. Since it was a big time slot we took from the Free software evangelism –> GNU/Linux –> Debian –> how contributing to community projects can help your career.

  • Norbert Preining: 10 years in Japan

    After loosing my job at JAIST, and six months of unemployment, a lucky coincidence gifted me with a great job at an IT company in Tokyo, that allows me to work remotely from my home. I am incredibly thankful to everyone there who helped made this happen. It is a complete new world for me. After 25 years in academics being thrown into a Japanese company (all Japanese, I am the only foreigner), with business meetings, client support, etc was something unexpected for me. Maybe I count it as one of the big achievements that I manage to function properly in this kind of environment.

    I still try to keep up my research work, publishing articles every year, and as far as possible attending conferences. My OSS activities haven’t changed a lot, and I try to keep up with the projects for which I am responsible.

    What the future brings is even less unclear: Now that we have to think about the education of our daughter, moving is getting more and more a point of discussion. I really detest Japanese education system, in particular junior high school which I consider a childhood and personality killer. OTOH, we have settled into a very nice place here in Ishikawa, and at my age moving is getting more and more burdensome, not to speak of another job change. So I feel torn between returning to Europe, or remaining here in Japan. Let us see what the future brings.

• Canonical/Ubuntu Family

  • Linux Mint Debian Edition 4 to Be Dubbed “Debbie,” New Linux Mint Logo Unveiled

    Clement Lefebvre has revealed today the codename of the upcoming LMDE (Linux Mint Debian Edition) 4 operating system series as “Debbie,” which he said it suits the Debian base quite well. As you know, the LMDE edition is based on Debian GNU/Linux instead of Ubuntu as the regular Linux Mint OS is, providing a rolling release model. No release data was announced for Linux Mint Debian Edition 4 though.

    Meanwhile, work on the recently announced Linux Mint 19.3 release, which should hit the streets later this year based on Ubuntu 18.04.3 LTS (Bionic Beaver) operating system, is ongoing as the development team managed to improve the localization of the default date format in the Language configuration tool for both the Cinnamon and MATE desktop environments.

  • Monthly News – September 2019

    Many thanks to all our donors, our sponsors, our partners and to everyone involved in supporting our project. Before we get started with the news, I’d also like to thank the people who helped us troubleshoot the Update Manager tray icon bug last month. It was an important bug, which we couldn’t easily reproduce, and thanks to you we were finally able to fix it.

    Date Format

    Last month we announced the Language configuration tool would let people choose the locale for the date format. In their feedback some users indicated this wouldn’t be enough, and they were right.

    We looked into this and identified a design flaw in the way the default date format is localized. Although the names of the days and months are localized according to the LC_TIME environment variable, we were fetching the format itself using gettext according to the desktop’s language.

    We will get this fixed in Cinnamon and in MATE for 19.3.

  • Full Circle Magazine: Full Circle Weekly News #147

  • 5G Core implementation: Challenges in the field

    In order to overcome the challenges associated with 5G Core implementation, BT, one of the biggest telcos in Europe, has recently turned to Canonical.. Having years of experience in private cloud deployments, Canonical will not only provide BT with the basis of a cloud but also help them to spread the power of Juju across their telco-specific use cases. By utilising Juju for NFVI deployment purposes, BT is aiming to use it as an NFVI / VIM (Virtual Infrastructure Manager) installer.

    To build NFVI for their 5G Core, BT will use Charmed OpenStack and Canonical’s open source tools to automate the deployment and operations. The whole stack includes MAAS for bare metal provisioning, Ubuntu Server LTS as the operating system, Juju for application modelling and orchestration, LXD for control services containerisation, and various charmed applications. Charms will be used to deploy not only OpenStack, but also a variety of supporting services, such as the whole logging and monitoring stack.

Devices/Embedded

• X96 Air Amlogic S905X3 Android 9.0 TV Box Sells for $30 and Up

  Amlogic S905X3 is the first Arm Cortex-A55 processor from the company, and we’ve seen it does not differ that much from the previous generation in our S905X3 vs S905X2 comparison.

• Linux-ready 3.5-inch SBC can load Ryzen Embedded V1000 or R1000

  Ibase has launched a 3.5-inch “IB918” SBC that runs Ubuntu or Windows on an AMD Ryzen Embedded V1000 or R1000 and offers 2x GbE, SATA III via M.2, and up to four simultaneous displays via 2x HDMI 2.0a, eDP, and LVDS.

• Atomic Pi x86 SBC Meets Intel Neural Compute Stick 2 in $99 Neural Computing DevKit (Crowdfunding)

  The price has even gone a bit lower as you’ll find it for $32.95 on Amazon. Note that it requires some technical skills to get started and with 16GB eMMC flash it only supports Linux distributions such as Ubuntu 18.04, and installing Windows 10 is possible, but you’ll be seriously limited.

• Teclast P10S 10.1″ Android LTE Tablet Features UNISOC SC9863A Octa-core Cortex-A55 SoC

  We reported about Spreadtrum SC9863 processor for 4G LTE smartphones last year, as it was the first SoC we had seen made only of Cortex-A55 cores.

• Mobile Systems/Mobile Applications

  • Nokia 2.1, Nokia 1 Plus, Nokia 1 to receive Android 10 Go edition update soon

  • OnePlus 7T review: High-end specs and Android 10 for $600

  • Verizon releases Android Pie update for the Galaxy Tab S3

  • Top 5 smart TV deals you can get on Flipkart in Big Billion Days Sale: From Android TV to 4K panels and more

  • Evolution Digital Reaches Agreement with Midco to Deploy its Android TV Set-Top

  • Top 8 Best Android MLB Apps & Games – 2019

Free, Libre, and Open Source Software

• Streamlit launches open-source machine learning application development framework

  Streamlit, a new machine learning startup from industry veterans who worked at GoogleX and Zoox, launched today with a $6 million seed investment and a flexible new open-source tool to make it easier for machine learning engineers to create custom applications to interact with the data in their models.

  The seed round was led by Gradient Ventures with participation from Bloomberg Beta. A who’s who of solo investors also participated, including Color Genomics co-founder Elad Gil, #Angels founder Jana Messerschmidt, Y Combinator partner Daniel Gross, Docker co-founder Solomon Hykes and Insight Data Science CEO Jake Klamka.

• Events

  • Announcing Speaker Line-Up for Openshift Commons Gathering on Artificial Intelligence and Machine Learning (Oct 29/San Francisco)

    Co-located with ODSC/West, this OpenShift Commons Gathering brings together the OpenShift, Kubernetes, Open Data Hub, OpenShift Machine Learning and AIOps SIG and Operator communities for a day-long OpenShift Commons Gathering on Artificial Intelligence and Machine Learning on October 28th, 2019 at the San Francisco Airport Marriott Waterfront.

• Web Browsers

  • Mozilla

    • Steps you can take to protect your identity online

      Data breaches are one of many online threats.

      [...]

      You can get Wi-Fi almost anywhere these days, but open networks are the most vulnerable and tend to be the least secure. This includes the free Wi-Fi at restaurants, libraries, airports and other public spaces. If you can avoid it, don’t use public Wi-Fi. Most importantly, don’t use these networks to log in to financial sites or shop online. It’s possible for someone to scan the Wi-Fi traffic to see what websites you visit. If you happen to log in to a phony public Wi-Fi without realizing it, the person who set it up could intercept your traffic and potentially gather important info like your usernames and passwords. Instead, we recommend using a secure network proxy for a browser connection or a Virtual Private Network (VPN) for full device network connection. These services let you use public Wi-Fi more securely and can help keep more of your online activities private.

    • Video Shorts from Mozilla Developer

      We’re excited to launch a new resource for people who build the web! It will include short videos, articles, demos, and tools that teach web technologies and standards, browser tools, compatibility, and more. No matter your experience level or job description, we’re all working together towards the future health of the web, and Mozilla is here to help.

      Today we’re launching a new video channel, with a selection of shorts to kick things off. There are two in our “about:web” series on web technologies, and one in our “Firefox” series on browser tools for web professionals.

      Get started with an intro to Dark Mode on the web, by Deja Hodge — and check out her dark mode demo.

• Productivity Software/LibreOffice/Calligra

  • LibreOffice 10/20 Logo Community Contest

    The year 2020 will be the 20th anniversary of the free office suite (OpenOffice.org was announced on July 19, 2000) and the 10th anniversary of LibreOffice (announced on September 28, 2010). We have the opportunity to celebrate both during the year, to reaffirm the fact that LibreOffice today is the leading free office suite available in the market.

    For the anniversary project, we need a specific logo which celebrates the 10/20 anniversary without making a difference between the two dates, as the concept is that LibreOffice was born 20 years ago as OpenOffice.org, and evolved into LibreOffice 10 years ago.

    The 10/20 logo should be easy to associate to the current LibreOffice logo (with tagline), and follow TDF design and style guides (Corporate Image) published on the wiki: https://wiki.documentfoundation.org/Marketing/Branding.

    The 10/20 logo will be used for presentations, event signage, swag and gadgets (like stickers). It should be easy to recognize and read at small sizes.

  • Interview with Ilmari Lauhakangas, Development Marketing

    Ilmari Laukahangas, based in Helsinki (Finland), is in charge of Development Marketing.

    We have asked him a few questions, about his relationship with free software and his role in the community.

    [...]

    This is more of a political question. If money and resources are lacking in education, teachers will not have time to offer structured introductions to free software projects. Likewise, if higher education is not free, students will have to work alongside their studies and will not have the energy contribute to FOSS.

    On our part, we need to provide students with software they can rely on. In Finland, thirty thousand students in advanced secondary education use LibreOffice every year. If they find the software enjoyable, surely they are more inclined to contribute.

• FSF/FSFE/GNU/SFLC

  • Daniel Martin Gomez: Hacking GNU for the first time

    Hi, my name is Daniel. I’m from Spain, where I’m currently studying baccalaureate in sciences before entering university next fall. I was first introduced to GNU/Linux and free software when I was in primary school, and since my last year there I’ve been using only GNU/Linux distributions on my computer. I started learning programming (a bit of Python) about five years ago, but I quickly moved to C. I had worked on some of my own projects before I joined the FSF this September.

    This fall, as part of my internship, I’ve been contributing to GNU Wget2, a reimplementation of GNU Wget, working on different tasks, most of them from the issues list of the wget2 repository at GitLab. I started with some issues marked as “Junior” in order to get used to the source code, and after some weeks, I went to more difficult tasks like adding some features from wget1.x, such as the speed reporting support to the progress bar or the –use-askpass option (I simply ported the original source code) which calls an extern application given by the user, for instance ssh-askpass, that requests for a username and password. In this way, sensible data is hidden from the command line and the ps output.

  • GNU Guix: Join GNU Guix through Outreachy

    We are happy to announce that for the third time GNU Guix offers a three-month internship through Outreachy, the inclusion program for groups traditionally underrepresented in free software and tech.

• Programming/Development

  • Introduction to microservices observability with Eclipse MicroProfile

    Eclipse MicroProfile provides several solutions to microservice challenges, including various specifications to promote observability in our microservices. With these specs, we can use MicroProfile with Jaeger, Zipkin, Prometheus, and other tools to promote better observability and monitoring. I will provide more details of these specs and how to use them in upcoming articles.

  • Building A Modern Discussion Forum In Python To Support Healthy Communities

    Building and sustaining a healthy community requires a substantial amount of effort, especially online. The design and user experience of the digital space can impact the overall interactions of the participants and guide them toward respectful conversation. In this episode Rafał Pitoń shares his experience building the Misago platform for creating community forums. He explains his motivation for creating the project, the lessons he has learned in the process, and how it is being used by himself and others. This was a great conversation about how technology is just a means, and not the end in itself.

  • Tryton News: Newsletter October 2019

    Now we prevent to set a value for an unknown field in proteus scripts and in Tryton modules model definitions. For that we add __slots__ automatically on each model. A positive side effect is that it reduces also the memory consumption of each instance.

    The PYSON Eval now supports the dotted notation. This feature is a common expectation from beginners. So we decided it is good to support it.

  • Install Python PIP: A python package manager

  • Analyzing API Data with MongoDB, Seaborn, and Matplotlib

  • KDTableToListProxyModel: a flattening proxy model

    With this blog post we are going to kickstart our brand new blog series about KDToolBox. The first class we’re exploring is KDTableToListProxyModel, a table-to-list proxy model.

    The main use case for KDTableToListProxyModel is exposing tabular models to Qt Quick. Qt Quick has a certain number of “view” elements that only support list models: for instance, ListView, PathView, Repeater, and so on. Multiple pieces of data for a given index (row) in the model are provided by using multiple roles for that index.

  • Writing a simple Pytest hook

    Pytest is my go to Python testing framework due to it’s flexibility. One of the great features it has is the ability to write hooks into various points of the test suite execution. These can all be references via the API docs. At work we can have hundreds of tests and sometimes changes can cause tens of tests to fail. Now let’s not too far into the “When you make changes only a few tests should break. You shouldn’t be seeing 30-40 test failures.” Well sure that is great with an ideal test suite but sometimes you’re just not going to have that. Or you’ll be making a change to a middleware which affects all calls and you have a mass of failures. When you have 30-40 tests failing, if not just 10, you’ll find yourself sifting through lots of pytest output to just find the tests that failed. Because of that let’s just hook into pytests execution and write all of our test failures to failures.txt so we can see very clearly which of our tests have failed.

  • EuroPython 2019 – Videos for Friday available

    In this batch, we have included all videos for Friday, July 12 2019, the third conference day.

    In total, we now have 133 videos available for you to watch.

  • Python Pune Meetup September 2k19

    “If there’s a book that you want to read, but it hasn’t been written yet, then you must write it.”
    ― Toni Morrison

    It’s a pleasant morning and I was looking at my calendar and bang its Saturday time to have some fun to meet new peoples ( #meetup_day ).

    It’s 9:00 AM I got a call from my friend Akshay Gaikwad and he informs me that how we are driving to our destination Shoptimize India Private Limited.

    then around 9:15 AM I meet Chandan Kumar and Bhusan and book our Ride.
    now it’s a road trip of 30-40 min and we discuss about talks that are going to be held in the meetup and I am very excited about them because it’s my first time for #Pythonpune.

  • Django bugfix releases: 2.2.6, 2.1.13 and 1.11.25

    Today we’ve issued the 2.2.6, 2.1.13, and 1.11.25 bugfix releases.

  • 14 Excellent Free Books to Learn Prolog

    Prolog is a general purpose, declarative, logic programming language, often associated with artificial intelligence, computational linguistics, intelligent database retrieval, and problem solving. It’s widely used in research and education for natural language processing.

    Automatic backtracking is one of the most characteristic features of Prolog. It’s a form of searching, fundamental to all artificial intelligence techniques. Prolog also supports multi-directional reasoning; arguments to a procedure can freely be designated inputs and outputs in different ways in different procedure calls. This is a powerful theorem-proving technique. Another key feature of Prolog is that its syntax and semantics are closer to formal logic than say Lisp.

    Prolog is generally regarded as a difficult language to get to grips with. But learning the fundamentals of Prolog is definitely worthwhile.

  • Rene Dudfield: post modern C tooling – draft 2

    This is a post about contemporary C tooling. Tooling for making higher quality C, faster.

    In 2001 or so people started using the phrase “Modern C++”. So now that it’s 2019, I guess we’re in the post modern era? Anyway, this isn’t a post about C++ code, but some of this information applies there too.

  • Strings and Character Data in Python

    In this course, you’ll learn about working with strings, which are objects that contain sequences of character data. Processing character data is integral to programming. It is a rare application that doesn’t need to manipulate strings to at least some extent.

  • Test Driven Development with PyTest – Part 1

    This will be a 3 part series for anyone who is looking to get up to speed and integrate TDD testing practices using Pytest.

    When I first started to learn about TDD, it was one of my software engineering classes at University.

    The professor was introducing TDD through the use of JUnit which back then I find it was a pain to set up and configure.

    Plus not seeing the value of having it as a developer practice. I just chuck it away as a good to have skill but not necessarily used during software development.

  • Python for NLP: Deep Learning Text Generation with Keras

    This is the 21st article in my series of articles on Python for NLP. In the previous article, I explained how to use Facebook’s FastText library for finding semantic similarity and to perform text classification. In this article, you will see how to generate text via deep learning technique in Python using the Keras library.

    Text generation is one of the state-of-the-art applications of NLP. Deep learning techniques are being used for a variety of text generation tasks such as writing poetry, generating scripts for movies, and even for composing music. However, in this article we will see a very simple example of text generation where given an input string of words, we will predict the next word. We will use the raw text from Shakespeare’s famous novel “Macbeth” and will use that to predict the next word given a sequence of input words.

    After completing this article, you will be able to perform text generation using the dataset of your choice. So, let’s begin without further ado.

Science

• Russian engineers are planning a reusable cargo spaceship with cheaper transport costs than SpaceX

  Roscosmos, Russia’s government-owned space development corporation, has signed an agreement with a private company to create a new reusable cargo spacecraft. RBC broke the news of the plan by acquiring minutes from a Roscosmos meeting.

Health/Nutrition

• These Sheriffs Release Sick Inmates to Avoid Paying Their Hospital Bills

  Michael Tidwell’s blood sugar reading was at least 15 times his normal level when sheriff’s deputies took him to the hospital. But before they loaded the inmate into the back of a car, deputies propped up his slumping body and handed him a pen so he could sign a release from the Washington County Jail.

  “I could barely stand up or keep my eyes open,” he recalled.

Security (Confidentiality/Integrity/Availability)

• Hey Doordash: Why Are You Hiding Your ‘Security Notice’ From Google Just Days After You Revealed A Massive Security Breach?

  As you might have heard, late last week, delivery company DoorDash admitted via a Medium post that there had been a large data breach exposing info on 4.9 million users of the service. The breach had actually happened months earlier, but was only just discovered earlier this month.

• Mitigate “tabnabbing” without breaking window.open() features

  The security issues and performance hit of websites opening a new window are fairly well understood. However, applying the rel=noopener mitigation has its own drawbacks and isn’t backward-compatible.

  In this article, I’ll focus exclusively on the problems introduced along with support for rel=noopener in Google Chrome version 49. The above links were your queue to read-up on it if you’re unfamiliar with the issue.

• Guess what? You should patch Exim again!

  CVE-2019-16928 is heap-based buffer overflow in string_vformat found in string.c, and affects Exim versions 4.92 – 4.92.2 (but not v4.91 or earlier). It was discovered and reported by the QAX A-Team.

  “The flaw can be exploited by an unauthenticated remote attacker who could use a large crafted Extended HELO (EHLO) string to crash the Exim process that receives the message. This could potentially be further exploited to execute arbitrary code on the host,” Tenable researcher Scott Caveza pointed out.

  Exim maintainers say that the currently known exploit uses a extraordinary long EHLO string to crash the Exim process that is receiving the message, but that other paths to reach the vulnerable code may exist.

• SUSE and the New IBM z15 – Securing the World

  From my very early days in this industry as an IBM VM/CP programmer, I never would have thought I’d still be talking about this and be a part of the evolution of modern-day innovative value of the mainframe. Its architecture is resilient, its performance and efficiency are world-class, and its data protection and privacy capabilities are revolutionary.

  The latest IBM z15 system was designed to support your mission-critical initiatives and allow you to be innovative as you design and scale your environment. Combined with SUSE Linux Enterprise Server for IBM Z and LinuxONE, these state-of-the-art systems provide an ultra-secure data serving platform to support the global economic growth we are seeing today.

• Real Python: Preventing SQL Injection Attacks With Python

  Every few years, the Open Web Application Security Project (OWASP) ranks the most critical web application security risks. Since the first report, injection risks have always been on top. Among all injection types, SQL injection is one of the most common attack vectors, and arguably the most dangerous. As Python is one of the most popular programming languages in the world, knowing how to protect against Python SQL injection is critical.

• Canonical Outs Major Linux Kernel Security Patch for Ubuntu 18.04 and 16.04 LTS

  The new Linux kernel security update fixes two vulnerabilities (CVE-2018-20976 and CVE-2019-15538) in the Linux 4.15 kernel used in both Ubuntu 18.04 LTS and Ubuntu 16.04 LTS, discovered in the XFS file system, which could allow a local attacker to either execute arbitrary code or cause a denial of service (system crash). The CVE-2018-20976 issue was also fixed in the Linux 4.4 kernel.

  As for the security issues addressed in the Linux 4.4 kernel used on some Ubuntu 16.04 LTS systems, we can mention a race condition (CVE-2016-10905) in the GFS2 file system, an integer overflow (CVE-2019-11487) in the Linux kernel discovered when reference counting pages, as well as a race condition (CVE-2019-15215) in the CPiA2 video4linux device driver.

• Security updates for Tuesday

  Security updates have been issued by Debian (apache2, linux-4.9, netty, phpbb3, and poppler), openSUSE (chromium, djvulibre, ghostscript, python-numpy, SDL2, and varnish), Oracle (nodejs:10), Red Hat (httpd24-httpd and httpd24-nghttp2, kpatch-patch, and rh-nodejs10-nodejs), and Ubuntu (linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon, and SDL 2.0).

• USPTO removable media policy [Ed: Because they still use Microsoft Windows with its back doors.]

  If you are visiting the USPTO, do not bring a “personal removable media storage device.” U.S. Gov’t computer security has been compromised on numerous occasions based via USB drive viruses. The solution is to email the file to the examiner (and yourself); bring in a “finalized CD/DVD“; or connect via a secure file sharing service (PTO suggests Kiteworks).

• Visitor Rules for USPTO

Defence/Aggression

• The Wounds of War in Afghanistan

  Its economy gutted by war, Afghanistan’s largest cash crop remains opium. Yet farmers there do grow other crops for export. Villagers in the Wazir Tangi area of Nangarhar province, for example, cultivate pine nuts. As a precaution, this year at harvest time, village elders notified the governor of the province that they would be bringing in migrant workers to help them collect the nuts. Hired laborers, including children, would camp out in the pine nut forests, they informed the officials. They hoped their letter could persuade U.S. and ISIS forces, which had been fighting in or near their villages, not to attack.

• Just as Iraq Begins to Find Peace, It Once Again Becomes the Battleground for an American Proxy War

  People in Baghdad are fearful that the next war between the US and Iran will take place in Iraq, which is only just returning to peace after the defeat of Isis. Alarm that Iraq will be sucked into such a conflict has increased here because of recent Israeli drone attacks on the bases of the Iraqi paramilitary group known as the Hashd al-Shaabi, which is accused by the US and Israel of acting as a proxy of Iran.

Environment

• Nuclear cannot help against climate crisis

  With new plants costing from five to ten times more than renewable options, and taking far longer to build, nuclear cannot help against global warming.

• Veritable Uprising or The (Faux) Real Thing™: Greta and Climate Activism in a Wilderness of Projections

  PR: Kenn, recently, this observation of mine provoked a measure of ire:  Street demonstrations, even large ones, are apropos of nothing as long as they are manifested as de facto state sanctioned protests. A march proceeds, chants are cast into indifferent air, speechifying comes to pass by the usual gasbags then the assembled head home and carry on as usual. Conversely, a strike means job walk-offs — until the strikers demands are met — not walking out and walking back in the next day.

• Energy

  • Oil Industry Set Agenda During Climate Summit Meeting with Big Greens

    Depending on which room you were in, you would have heard two very different messages.

• Wildlife/Nature

  • How a Mega-Development Threatens the Last Free-Flowing River in the Southwest

    The San Pedro River is the last free-flowing river in the desert Southwest and one of the nation’s environmental crown jewels. It provides crucial habitat for about 45% of the bird species in North America and is home to a rich variety of native wildlife.

  • Drought and Border Wall Endanger Arizona’s Wildlife

  • Ontario is Sacrificing Wolves, Coyotes, and Moose to Appease Hunters

    It’s wolf and coyote hunting season in Ontario. In the coming months, hundreds of these smart, highly social animals will be gunned down by hunters, and pierced with arrows throughout the province.

Finance

• Donald Trump’s Repugnant New Attack on the Homeless

  JACQUELINE LUQMAN:  This is Jacqueline Luqman with The Real News Network. The president is driving the discussion about rising homelessness in this country and he’s targeting California in particular.

• The Solution to the Country’s Debt and Deficit Problem

  For most people, the country’s national debt and annual deficit are not major concerns. However, for a substantial portion of the policy types who make, write, and talk about economic and budget policy, debt and deficits are really big deals. And, the fact that our budget deficit and debt are both large by historic standards, and growing rapidly, is an especially big deal.

• ‘Maybe It’s Time We Broaden What We Mean by “Poor”’

AstroTurf/Lobbying/Politics

• California to Let College Athletes Sign Endorsement Deals

  SDefying the NCAA, California’s governor signed a first-in-the-nation law Monday that will let college athletes hire agents and make money from endorsements — a move that could upend amateur sports in the U.S. and trigger a legal challenge.

• For Trump, Regime Change Begins at Home

  A month after he won the 2016 presidential election, Donald Trump gave a speech in North Carolina where he declared that “we will stop racing to topple foreign regimes that we know nothing about, that we shouldn’t be involved with.”

• Trump—Will He Implode with Lies Before He is Impeached?

  Donald Trump said he believes the Constitution lets him do “whatever I want as President.” In over two and a half years, Trump has been a serial violator of the Constitution, unmatched by any president in American history. Just about every day he is a constitutional outlaw.

• Impeachment is on the Rails, But That’s Not the Hard Part

  On September 24, House Speaker Nancy Pelosi (D-CA) elbowed her way to the front of a parade she’d been trying to disperse since early 2017. “Today,” she said, “I’m announcing the House of Representatives is moving forward with an official impeachment inquiry and directing our six committees to proceed with their investigation under that umbrella of impeachment inquiry.”

• My Russia Hot-Air Balloon

  Wouldn’t you like to ride in my Russia hot-air balloon? Wouldn’t you like to malign in my Russia hot-air balloon? We’ll rig the vote with media folk together, you and I, For we can LIE!!!

• Ralph Nader: Trump Can’t Be Impeached for Ukraine Alone

  Donald Trump said he believes the Constitution lets him do “whatever I want as President.” In over two and a half years, Trump has been a serial violator of the Constitution, unmatched by any president in American history. Just about every day he is a constitutional outlaw.

• Scott Morrison’s China Thesis

  China has rattled Western observers for centuries, and the idea that it might be approaching a level of formidable heft is troubling to those who, condescendingly, see it as a naughty child who aspired to economic growth but could only do so as long as it behaved. In other words, they achieved success because we let them, and profited from our generosity. (The “we” here constitutes a good number of rapacious powers that stripped the country bare in the nineteenth century and turned the country into a giant opium addict.)

• The New Evil Empire

  The US seems to have decided that it can’t take on China and Russia at the same time, so its principal geopolitical rival in the coming decades will be China. Trump’s Republican administration and the Democrats agree on this, though they are campaigning vigorously against each other ahead of next year’s presidential election. China has replaced the ‘evil empire’ of the Soviet Union and ‘Islamic terrorism’ as the US’s main adversary. But China, unlike the Soviet Union, has a dynamic economy, with which the US has an enormous trade deficit. And China’s strength is far more impressive than that of a few tens of thousands of Islamic fundamentalist fighters wandering the deserts of ancient Mesopotamia or the mountains of Afghanistan.

• U.K.’s Johnson Denies Wrongdoing as Personal Allegations Mount

  U.K. Prime Minister Boris Johnson battled to fend off allegations of improper patronage and groping a woman as he prepared a final push Monday to fulfill his pledge to lead Britain out of the European Union in just over a month.

• The Real Lesson of Ukraine-gate: Trump Will Do Anything To Win in 2020

  Regardless of how the impeachment turns out, Trump’s predation can be constrained as long as his presidency can be ended with the 2020 election. If that election is distorted, and if this man is reelected, all bets are off.  

• The Democratic Party Couldn’t Care Less About Whistleblowers

  All of a sudden, MoveOn wants to help “national security” whistleblowers.

• A 75-year-old Russian scientist spent a year in jail awaiting trial for treason. Now diagnosed with lung cancer, he’s been released to his family.

  On September 27, 75-year-old Viktor Kudryavtsev was released from Moscow’s Lefortovo Pretrial Detention Center after more than a year behind bars. The government-employed engineer stands accused of sending confidential data from a state research center to a group of his Belgian colleagues via email. His attorneys have argued that he hadn’t had access to the data in question for more than 20 years.

Censorship/Free Speech

• How Russia’s law against insulting the government online has been enforced in its first half year

• Prominent ANC member faces hate speech charge for ‘horrifying’ Tweet

  Lebogang Maile has been accused of “inciting hatred” following an offensive Twitter post he made in September. Now the DA want him punished for hate speech.

Privacy/Surveillance

• Ring Considered Using 911 Calls To Trigger Automated Streaming Of Camera Footage To Local PDs

  Amazon’s Ring doorbell/camera venture hasn’t met a news cycle it can’t fill with unintentionally-bad PR. Every time someone thinks they’ve heard the last odious effort by this company to become an unofficial extension of police department surveillance networks, another set of documents obtained through public records requests resets the counter to “zero days since last PR black eye.”

• No, The New Agreement To Share Data Between US And UK Law Enforcement Does Not Require Encryption Backdoors

  It’s no secret many in the UK government want backdoored encryption. The UK wing of the Five Eyes surveillance conglomerate says the only thing that should be “absolute” is the government’s access to communications. The long-gestating “Snooper’s Charter” frequently contained language mandating “lawful access,” the government’s preferred nomenclature for encryption backdoors. And officials have, at various times, made unsupported statements about how no one really needs encryption, so maybe companies should just stop offering it.

• New treaty will allow UK to request data, not backdoor, from US social media companies like WhatsApp

  Social media apps like WhatsApp will be obligated to share what they share with the US with the UK under a proposed United States, United Kingdom treaty called the CLOUD Act. From what security experts are gleaming from the law, the CLOUD ACT opens up data requests that WhatsApp usually fills for the US for the UK. More specifically, it allows a path for legitimate requests for data, the kind that are already filled for US law enforcement, from UK law enforcement. Currently, other countries can only officially request basic information, such as IP address, during an investigation. This most recent Act can be seen as a continuation of recent talks by Five Eye nations to plan how they will deal with the “scourge” of end to end encrypted messaging.

• Welcome To A World Of 500-Megapixel Cameras, And Surveillance Systems Able To Zoom In On Small Objects A Kilometer Away

  Here on Techdirt, we love digital technology. We love how Moore’s Law and its equivalents help drive continual innovation and open up interesting new uses and possibilities. But powerful technology is just a tool, and like any other tool it can be used in good and bad ways. Which brings us to this latest piece of high-tech wizardry: a 500-megapixel cloud-based camera system with built-in AI, developed in China. The English-language Global Times, which is closely aligned with the views of the Chinese government, explains one possible use of such a system:

• California: Tell Governor Newsom to Stop Face Surveillance on Police Body Cams

  Communities called for police officers to carry or wear cameras, with the hope that doing so would improve police accountability, not further mass surveillance. But today, we stand at a crossroads: face recognition technology is now capable of being interfaced with body-worn cameras in real-time—a development that has grave implications for privacy and free speech.

  If California Governor Gavin Newsom signs A.B. 1215 before October 13, he affirms California should take the opportunity to hit the brakes on police use of this troubling technology in the state. This gives legislators and citizens time to evaluate the dangers of face surveillance, and it prevents the threat of mass biometric surveillance from becoming the new normal.

Civil Rights/Policing

• Facetime Stunt Reminds Iranians Abroad of Forced Separation from Loved Ones

  On Friday, media reported the US State Department had rejected the request of Iran’s Foreign Minister, Javad Zarif, to visit his country’s UN Ambassador, Majid Takht-Ravanchi, who is currently in hospital in the US for cancer treatment.

• Bangladesh: Halt Plans to Fence-In Rohingya Refugees

  The Bangladesh government’s plans for barbed wire and guard towers around Rohingya refugee camps in Cox’s Bazar violate refugees’ rights to freedom of movement.

• Russian actor whose arresting officer dislocated his shoulder gets suspended sentence on appeal

  The Moscow City Court has replaced actor Pavel Ustinov’s 3.5-year prison sentence with a one-year suspended sentence on appeal. However, the ruling found the lower court justified in convicting Ustinov of violence against a Russian National Guard officer. When Ustinov was arrested during Moscow’s August 3 election protest, one of the officers who forcibly subdued him allegedly suffered a dislocated shoulder.

• When Welfare Checks Turn Deadly

  Think twice before you call the cops to carry out a welfare check on a loved one.

• Trafficking of Females Goes Beyond Sex

  Nadja was brought to Germany from Bulgaria almost two years ago, at the age of 19. She told me that before arriving in Germany, she was told she would be working in either a beauty salon or a jewelry shop specializing in watches, that her housing would be paid for, and that her salary would allow her to send money home to support her family. Coming from the EU’s poorest country, where four out of 10 people are at risk of poverty or social exclusion, she was tempted by the promise of free professional training—something she would never have received in Bulgaria.

• Trans Behind Bars: Homophobia Persists At Shakopee Prison After End To No-Touch Policy

  Incarcerated LGBTQ+ people at Shakopee, a state prison in Minnesota, ended a no-touch policy and have pushed for trans men to receive hormones. Still, a homophobic, transphobic culture persists, especially among the staff and administration. A person can still be punished for a simple high-five at Shakopee.

  Located in Scott County, the only “women’s” facility in the state implemented a no-touch policy eight years ago that punished any incarcerated person who touched another incarcerated person. The facility invoked the policy to police platonic gestures, like helping someone out of a wheelchair, but more troubling, it is also used to target anyone who is an LGBTQ+ prisoner.

• Donald Trump Is Finished

  I’m not going to bury the lede: Donald John Trump, the 45th president of the United States, is going to be impeached. Not only that, but whether or not the GOP-controlled Senate convicts Trump of “high crimes and misdemeanors,” his presidency is drawing to a close. Unless a political deus ex machina comes to his rescue, he will not serve a second term.

• Facebook Touts Bans While Taking Hate Groups’ Cash

  Facebook has made a point of announcing anti-hate speech policies that include the blocking of white nationalist posts and outright bans of people like Alex Jones and Louis Farrakhan for their hateful content, However, the social media giant has taken millions in advertising fees from hate groups and their leaders, according to Sludge’s Alex Kotch, who reviewed Facebook advertising data.

Internet Policy/Net Neutrality

• Massive Study Proves Once And For All That No, Net Neutrality Did Not Hurt Broadband Investment

  The biggest study (pdf) ever of its kind has found that net neutrality rules had absolutely no impact on broadband investment whatsoever. The study took an incredibly detailed look at CAPEX data for more than 8,577 different companies (270+ of which were telecom providers) and concluded…

Monopolies

• Senate Antitrust Hearing Explores Big Tech’s Merger Mania

  The Senate Judiciary Committee’s Subcommittee on Antitrust, Competition and Consumer Rights held a hearing last week to explore the competitive impacts of big tech companies’ massive string of mergers with smaller companies in the last handful of years. Before the Senate committee were experts in venture capital spending, the Federal Trade Commission (the agency tasked with merger reviews), and legal experts in antitrust law. 

  EFF believes a hard look and update of mergers and acquisitions policy is one of many actions needed to preserve the life cycle of competition that has been a hallmark of the Internet. In the past, the Internet was a place where a bright idea by someone with modest resources was able to be leveraged from their home into the next big innovation. We have lost track of that as a small number of corporations now control a vast array of Internet products and services we all depend on and now appear to have formed a kill zone around their markets where the incumbents target the new entrants through an acquisition or substitution by the incumbent.

• Patents and Software Patents

  • U$PTO

    Likely PTO budget for FY2020 (starting Oct 1, 2019) is $3.45 Billion. 2.4% increase over FY2019. As in years past, the spending is limited by PTO collections — it cannot spend more than it collects.

  • Patent Grants Per Year

    FY2019 is over and the numbers are out. The USPTO has issued 336,886 utility patents during the fiscal year. This is a big increase over both FY2018 (306,912) and FY2017 (315,367).

  • University of California/Berkeley et al. Authorized to File Motion Opposed to Broad Substantive Motion No. 1

    The Order sets a deadline date of October 18, 2019, for filing an opposition, and extends the page limit from 25 to 32 pages (equivalent to the extended page limit the PTAB permitted the Broad to file in its Substantive Motion No. 1. This Order is neither unexpected nor particularly informative; any decision other than outright denial of the Broad’s Substantive Motion No. 1 requires granting CVC the right to have their say (and the Broad’s motion is too substantive for that to occur). But these circumstances make possible a reprise of the outcome in the earlier interference between these parties (No. 106,048), wherein CVC will be prevented from having the opportunity to have the PTAB determine on the merits whether CVC’s inventors (including recognized inventors of CRISPR, Jennifer Doudna and Emmanuelle Charpentier) or Feng Zhang et al. were the first to invent applications of CRISPR for use in eukaryotic cells.

• Copyrights

  • Nintendo play ISP blocking to win

    Nintendo is a well-known Japanese company that designs, manufactures and sells video games consoles, accessories and software. One of its most successful products is the Nintendo Switch, having sold millions of consoles in the UK. Nintendo brought a claim, in the UK High Court (Chancery Division), for an injunction seeking that five UK ISP’s block access to four target website that advertised, distributed and offered for sale devices that allowed technical protection measures on the Nintendo Switch games console to be circumvented.

    [...]

    Nintendo relied on sections 296ZD and 296 CDPA88, which implement Article 6 of the Information Society Directive 2001/29/EC and Article 7(1)(c) of the Software Directive 2009/24/EC. In Case Nintendo v PC Box C-355/12 [Kat Posts here], the CJEU explained that Art 6 is to be interpreted broadly and “includes application of an access control or protection process, such as encryption, scrambling or other transformation of the work”. Arnold accepted Nintendo’s submission that this included the TPMs in this case, which encrypt the video games including their artwork, text, and soundtracks to prevent unauthorised copies being created or played on the Nintendo Switch console.

    [...]

    There are four threshold conditions which need to be satisfied in order for a website-blocking injunction to be granted: 1) the defendants are intermediaries within the meaning of Art 11 of the Enforcement Directive, 2) the users and/or operators of the website are infringing the claimants’ IP rights, 3) those users and/or operators are using the defendants’ services to infringe; and 4) the defendants have actual knowledge of this (which may be as a result of notification by the rights holder)

    It was accepted that 1) the Defendants were intermediaries; 2) the operators of the target websites were infringing Nintendo’s rights in the UK; 3) the operators were using the Defendants’ services to do this; and 4) the Defendants had actual knowledge of this, because they had been notified by Nintendo.

    In deciding whether to grant a website-blocking injunction the court must consider eight criteria over and above the threshold conditions. The injunction must be (1) necessary, (2) effective, (3) dissuasive, (4) not unduly costly or complicated, (5) avoid barriers to legitimate trade, (6) a fair balance between the fundamental rights engaged, (7) proportionate and (8) safeguarded against abuse. Of these factors, proportionality is the key one, since consideration of the other factors feeds into the proportionality analysis.

  • New Study On Effects Of Manga Piracy Show Piracy’s Effects Are More Nuanced Than Good Or Bad

    In all of our years and years of discussions on piracy and copyright infringement, one sweeping issue with the public discourse on the topic is how bereft of nuance it is. It’s as though the world has been confronted with a massively complicated topic, the internet and digital piracy and their effects on content makers, and decided to make the conversation binary. Piracy is fine. Piracy is horrible.

  • Nintendo Takes Down Facebook-Tooled Donkey Kong Remake

    Nintendo is continuing to home in on those who copy its classic gaming creations. In a new DMCA complaint filed at Github, the gaming giant targets a remake of Donkey Kong that was created by the technical director of an Australia-based technology consultancy company. The creation, which utilizes tools developed by Facebook, was publicly documented more than a year ago.

  • Facebook Blocks Users from Sharing Pirate Bay Links

    Facebook no longer allows its users to share links to The Pirate Bay on their timelines or in chat messages. The blockade follows similar measures taken against other pirate sites in previous weeks. This is not the first time Facebook has taken against against The Pirate Bay but the current measures go substantially further.

  • Top Oracle Lawyer Attempting To Gaslight Entire Software Community: Insists APIs Are Executable

    Last week, the Solicitor General of the White House weighed in on Google’s request for the Supreme Court to overturn the Federal Circuit’s ridiculously confused ruling in the Oracle/Google case concerning the copyrightability of APIs (and whether or not repurposing them is fair use). Not surprisingly, as the Solicitor General has been siding with Oracle all along, it suggests that the Supreme Court not hear the case. Of course, it does so by completely misrepresenting what’s at stake in the case — pretending that this is about whether or not software source code is copyright-eligible:

Connecting A Physical DEC vt420 to Linux

Inspired by a weekend visit to Vintage Computer Festival Midwest at which my son got to play Zork on an amber console hooked up to a MicroPDP-11 running 2BSD, I decided it was time to act on my long-held plan to get a real old serial console hooked up to Linux.

Not being satisfied with just doing it for the kicks, I wanted to make it actually usable. 30-year-old DEC hardware meets Raspberry Pi. I thought this would be pretty easy, but it turns out is was a lot more complicated than I realized, involving everything from nonstandard serial connectors to long-standing kernel bugs!

Google warning about Linux logins but not Windows logins – Open Source discrimination

Windows 10 users fume: Microsoft, where’s our ‘local account’ option gone?

The offline local account is specific to one device, while the Microsoft Account can be used to log in to multiple devices and comes with the benefit of Microsoft’s recent work on passwordless authentication with Windows Hello.

Desktop

• How I ditched my old OS and jumped into Linux

  About a year ago, I came across an article on Twitter, Ditching Windows: 2 Weeks With Ubuntu Linux On The Dell XPS 13, by Jason Evangelho, a long-time Forbes tech writer. Here was a person who was clearly fired up from his recent experience using Linux. He had recently been sent a laptop running Windows 10 for evaluation and, in the middle of a large file transfer, the machine restarted without warning. Not only did he lose time on the file transfer, but the machine displayed the “blue screen of death” most Windows users are familiar with.

  That was the tipping point for Jason and the beginning of his journey to adopt Linux, which I have been following with interest this past year through his Twitter feed and columns on Forbes. In July, he started Linux for Everyone, a weekly podcast that is chock-full of great content and interviews about Linux. I contacted him recently to learn more about his work.

Server

• 16 experts on Kubernetes, choosing the right container platform, and more industry trends

  As part of my role as a senior product marketing manager at an enterprise software company with an open source development model, I publish a regular update about open source community, market, and industry trends for product marketers, managers, and other influencers. Here are five of my and their favorite articles from that update.

• Upgrading OpenStack

  Whether your name’s Kenneth or not (and mine’s not, just to be clear but I do quite like the REM song), you’ll know how important it is to keep your systems up to date – with security vulnerabilities being found with alarming regularity, this should be a key task within every IT department. If you’re familiar with the OpenStack release cycle, you’ll know that a new version is released every six months. How many enterprises are in the habit of upgrading their business-critical infrastructure twice a year though? Also, what about keeping updated with patches outside of the upgrade cycle – for vulnerabilities, bug fixes and general updates?

  When you look at all the different components of OpenStack, each of them will need to be upgraded during the process. This represents a number of issues waiting to happen – what if one fails the upgrade process after you’ve already upgraded a number of other components? How will you actually carry out the upgrade – will you deploy a parallel cloud and then migrate all of your resources from the production cloud to the upgraded one when it’s ready? Will you do an in-place upgrade and migrate each component individually? If so, be careful as upgrading the services in the wrong order could cause problems. How much downtime are you willing to risk? Have you built out an HA environment and are hoping for a non-disruptive upgrade? What about your databases? Lots of questions, not all of them with ready answers…

• What is YAML?

  The increasing popularity of Kubernetes means you’ve probably heard of YAML because it’s the format for Kubernetes configuration files, so almost every developer may need to get some familiarity with it.

  But while it’s not as ubiquitous as JSON, YAML goes far beyond Kubernetes; first released in 2001, it’s used in tools from OpenStack to Ansible playbooks.

• Docker is in deep trouble

  Docker, the technology, is the poster child for containers. But it appears Docker, the business, is in trouble. In a leaked memo, Docker CEO Rob Bearden praised workers — despite the “uncertainty [which] brings with it significant challenges” and “persevering in spite of the lack of clarity we’ve had these past few weeks.”

  Lack of clarity about what? Sources close to the company say it’s simple: Docker needs more money.

  Indeed, Bearden opened by saying: “We have been engaging with investors to secure more financing to continue to execute on our strategy. I wanted to share a quick update on where we stand. We are currently in active negotiations with two investors and are working through final terms. We should be able to provide you a more complete update within the next couple of weeks.”

• IBM

  • Sending a telegram with Apache Camel K and Visual Studio Code [Ed: Red Hat is promoting Microsoft yet again today]

  • Keeping DevOps cool in a heated environment

    Cloud platforms are somewhat a staple component to enterprises’ IT environments today, helping to achieve objectives and drive better business operations, but more often than not we don’t see the outcomes or rewards reaped from the use of such platforms.

    Red Hat OpenShift has demonstrated this in the last year.

    In November 2018, millions of residents in Southern California turned to their computers and devices to learn as much as possible about the encroaching Woolsey Fire. As the footprint of the fire increased, officials scrambled to make sure certain information was flowing to the community. They also used traditional media outlets to direct people to the county website for the latest updates and resources.

  • How Dynatrace and OpenShift Served Vital Information During the Woolsey Fire [Ed: Red Hat uses wildfires for marketing of its products]

    Our partners, Dynatrace, have written a blog and a case study covering our joint customer, the largest county in the United States. Normally, case studies and joint customer stories are strictly about business affairs, discussing ROI, OpEx and developer agility; tantalizing topics for IT folks, but not exactly the stuff of drama and danger. This particular case study, however, is about the county’s usage of Red Hat OpenShift and Dynatrace’s Davis AI during the Woolsey Fire in November of 2018.

    Normally, you wouldn’t think of access to a website as being a life or death situation but when the evacuation of more than 295,000 people depends upon the information being distributed on that website, SLAs and service guarantees can be tied almost directly to the saving of human lives.

Audiocasts/Shows

• LHS Episode #304: Cloudlog Deep Dive

  Hello and welcome to the 304th installment of Linux in the Ham Shack. In this episode, the hosts take an in-depth look at the Cloudlog amateur radio logger. Leveraging Web server technology with PHP, hamlib for rig access and connectivity to the major online logging services like LoTW and eQSL, Cloudlog creates a distributed logging infrastructure for keeping all your QSLs properly organized. Join us as we explore the past, present and future of Cloudlog.

• 09/30/2019 | Linux Headlines

  Oracle is one step closer to winning its settlement against Google, Exim has another critical flaw, and more details about the checkm8 iOS exploit reveal that it is not as dire as previously reported.

• Setting up your very own Cloud With Nextcloud on Linode

• Ubuntu Podcast from the UK LoCo: S12E25 – Wings

  This week we have been syncing Google Photos to a local server. We discuss the Ubuntu 19.10 beta release including the flavours, updates on 32-bit package commitments in Ubuntu, porting MATE to Wayland, and round up some community events.

  It’s Season 12 Episode 25 of the Ubuntu Podcast! Alan Pope, Mark Johnson and Martin Wimpress are connected and speaking to your brain.

Kernel Space

• Writing Less Simple, Yet Stupid Filesystem Using FUSE in C

  In the previous tutorial we learned how to write Simple, Stupid Filesystem (SSFS) by using FUSE, we have covered the basics of FUSE to write a really simple filesystem which is able to list root directory’s files, return the attributes of available files and read the content of a file. In the current tutorial we are going to extend what we have discussed and create a Less Simple, Yet Stupid Filesystem (LSYSFS) which is able to create new directories, create new files and write some content in the files.

  Please note that some parts of this tutorial is already covered in SSFS tutorial, therefore, I recommend you to read it first. Also, please make sure that FUSE is installed on your Linux machine and you are ready to go. I used version 2.9.7 of FUSE in this tutorial, which also runs SSFS with no issues.

• Linux 5.4 Will Try When Needed To Actively Generate RNG Entropy To Avoid Boot Problems

  Linux 5.4-rc1 didn’t end up being released on Sunday night as is tradition but instead there were some last-minute critical patches that landed around the kernel’s handling of the random number generator / entropy at boot-time.

  The changes involve the kernel now trying to actively generate entropy to feed the random number generator when needed where as previously it would wait for entropy. In the event of idle systems, the system could wait indefinitely.

• Linus Torvalds Approves New Kernel ‘Lockdown’ Feature

• Linux Kernel 5.4 to Have Kernel Lockdown and ExFAT Support

  Linux Kernel 5.4 will be the last major stable kernel release of the year 2019. The upcoming release has some big changes that will (positively) impact both manufacturers and end users.

  The lockdown feature aims to further strengthen Linux security by “restricting access to kernel features that may allow arbitrary code execution via code supplied by userland processes”.

  In simple words, even the root account cannot modify the kernel code. This will hep in cases where a root account is compromised, the rest of system won’t be easy to compromise specially on kernel level. In even simpler words, it enhances the Linux security.

• Latest Feature Kernal ‘lockdown’ included in Linux

• Linus Torvalds To Add “Lockdown” Security Feature In Linux 5.4

  The feature was proposed by Google engineer Matthew Garrett in 2010. He said, “The lockdown module is intended to allow for kernels to be locked down early in [the] boot [process].”

  The Lockdown feature in Linux is mainly intended to prevent root account from tampering with kernel code, thus drawing a line between userland processes and the code.

  The security feature will be disabled by default when it will be shipped. Upon enabling it, even root accounts won’t be able to access certain kernel functionalities, thus protecting the operating system from being affected from a compromised root account.

• Linus Torvalds Kicks Off Development of Linux Kernel 5.4, First RC Is Out Now

  It’s been two weeks since the release of the Linux 5.3 kernel series, and the merge window for Linux kernel 5.4 is now officially closed, which means that the development cycle can start and weekly RC (Release Candidate) builds will be released to allow the community to test it and send feedback.

  The first Linux kernel 5.4 Release Candidate build is now available to download from kernel.org or through our free Linux software portal if you want to take it for test drive, but please be aware that this is an early development release that should not be installed on production machines.

• Linux kernel 5.4 to get lockdown functionality

  fter years of review and deliberation, Linux creator and principal developer Linus Torvalds approved a new security feature for the Linux kernel, referred to as ‘lockdown.’This functionality should be included in the soon-to-be-released Linux kernel 5.4 branches and should ship as an LSM (Linux Security Module). Usage is optional as their exists risks that the new feature could break existing systems.

• Linux 5.4-rc1

  didn't really extend the merge window by a day here, but I gave
  myself an extra day to merge my pending queue. Thus the Monday date
  for the rc1 rather than the usual Sunday afternoon.
  
  And it wasn't all _that_ big or painful a merge window, for some
  reason I just didn't get to the end of the queue until fairly late in
  the second week, and continued to get a few more pull requests even
  then. Part of it was just other discussions too happening, so I didn't
  do _just_ merges all the time. But part of it was just that I also
  spent some of Sunday away from the computer, doing some welding
  instead.
  
  Anyway, what I'm saying is that the Monday rc1 isn't really a sign of
  any real trouble or more issues than usual. More just random timing.
  
  Size-wise, 5.4 looks to shape up very regular. It's almost exactly the
  same size as 5.3 was at the same stage, both in commits and in lines
  added (honestly in advertising: 5.3 had more lines removed mainly due
  to some isdn removal). Nothing major stands out, the most notable may
  be the long-pending lockdown patches that weren't all that big, but
  that now finally aren't tied to just EFI secure boot, so you can test
  them out other ways too.
  

• The 5.4-rc1 kernel is out

• Linux 5.4-rc1 Kernel Steps Forward With Next-Gen GPU Bits, Arm Laptop Support & exFAT

• Graphics Stack

  • AMD Navi 12 Gets 256-bit memory bus according to Linux drivers, Radeon RX 5600 128-bit

    A lot has been said and spoken already about AMD’s upcoming NAVI 12 (RX 5600) and 14 (RX 5500). More information from Linux drivers indicates that AMD Navi 12 gets a 256-bit memory bus and the RX 5600 128-bit, likely GDDR6.

    The news arrives today though a user at Germany based 3DCenter forums called Berniyh, he found Navi 12 and Navi 14 in Linux drivers, the two GPUs could end up in the RX 5800 and RX 5600 cards respectively. Navi 12 is mentioned to get a 256-bit memory bus. Navi 14 would, according to previously surfaced drivers, get versions with 3, 4 and 8 GB volume graphics memory but on a 128-bit memory bus.

Benchmarks

• The Xeon vs. EPYC Performance With Intel’s oneAPI Embree & OSPray Render Projects

  With Intel seemingly ramping up work on their open-source OSPray portable ray-tracing engine now that they have pulled it under their oneAPI umbrella as part of a forthcoming rendering tool-kit, I figured it would be the latest interesting candidate for benchmarking of AMD EPYC 7742 vs. Intel Xeon Platinum 8280 performance. In addition, the Embree ray-tracing kernels are also being benchmarked as part of this performance comparison.

  Intel’s oneAPI is expected to see a beta release next quarter and among the libraries making up the oneAPI Rendering Toolkit will be OSPray and Embree. The OSPRay ray-tracing engine is geared for scientific visualizations and supports a wide range of features all while being open-source under the Apache 2.0 license. OSPray also builds off Embree itself as well as the Intel SPMD Program Compiler (ISPC). The SPMD Program Compiler is for Intel’s C-derived language optimized for SIMD on their modern architectures.

Applications

• How to keep your messages private with an open source app

  Messaging apps have changed how we communicate. Where would we be today without SMS? Can you imagine returning to a world where near-instant communication is not pervasive?

  We have lots of messaging options in addition to SMS and MMS. There are Skype, iMessage, Facebook Messenger, Twitter (with and without direct messages), WeChat, WhatsApp, SnapChat, and more. Many of them are encrypted, and many people presume that their communications on these apps are private and secure. But are they really? Cloud-hosted applications that are harvesting metadata from your conversations, then using it to sell you products that support their services, may not be your friends after all.

• Good List of 5 Open Source Log Management Software

  Log management is a practice which includes collecting, aggregating, storing, rotating and analyzing a large set of log files that are generated by various computer programs and systems. Log management is important, because it’s essential in monitoring both internal and external events happening on the deployed systems. What happened, who did what, when and how? All of those questions need to be immediately answered in a lot of deployed systems and infrastructures in the world.

  In some cases, even the law requires some sort of log management capabilities in the software before it can be used on official government equipment, such as HIPAA and others.

• Linux Candy: ponysay – cowsay reimplemention for ponies

  Who loves eye candy? Don’t be shy — you can raise both hands!!

  Linux Candy is a new series of articles covering interesting eye candy software. We’re only going to feature open-source software in this series.

  You might have heard of cowsay, software that generates ASCII pictures of a cow with a message. cowsay isn’t limited to cow depictions, it also shows other animals, including Tux the Penguin.

  Less well known is ponysay, a wonderful alternative to cowsay. It’s a rewrite of cowsay with lots of full-color characters from My Little Pony. There’s over 400 characters and character combinations. While cowsay is written in Perl, ponysay is developed in Python.

• Exaile Music Player Got Its First Release in 4 Years, And I Didn’t Even Notice!

  It turns out that this long-forgotten music library-come-player quietly squeaked back into life in the summer with the release of Exaile 4.0.0.

  Exaile, for those who don’t know about it, is a GTK-based music player that was (arguably) most popular during the “halcyon” days of omg! in 2009-2012, aka the era of apps like CoverGloobus, Docky, eMeSeNe, Songbird, et al.

  But the player (like other great apps of its time) soon faded from earshot as the music player scene solidified around apps like Banshee and Clementine and music streaming services like Spotify, Pandora and Deezer.

• 5 Best Security Tools to Have on Your Linux PC

  Everyone hails Linux for its built-in security. Compared to Windows or other operating systems, the way Linux assigns file permissions is different. The infrastructure is much more robust. Plus, malware creators tend to target Linux less often due to it having a smaller percentage of users in general. Thus, there are fewer potential targets to exploit.

  But when it comes to cybersecurity, there is no such thing as being too careful. So if you want to go the extra mile, you should install some additional tools on your Linux PC. You can start with these five.

• Proprietary

  • Pornographic video plays on billboard along I-75 in Auburn Hills

    Police arrived on the scene within minutes of the first call. The Auburn Hills Police Department was able to get in contact with the company that owns the billboard and the images were removed within 30 minutes.

Instructionals/Technical

• “Network is unreachable” error – Gentoo, silly netifrc configuration mistake

• Deploy VueJS applications on OpenShift

• Solution: Enable LTSS for On-demand Amazon Web Services Images

• Deploying Kubernetes Locally – MicroK8s

• How to install Manjaro Linux 18.1.0 on a computer a USB drive or DVD

• How the Linux screen tool can save your tasks — and your sanity — if SSH is interrupted

• How to limit bandwidth on Linux to better test your applications

• Intro to Ansible Tower

• How to Install Wine on Linux Mint for Windows Compatibility

• Bash cut command

• Get a list of stale AWS security groups

• Getting started with Corteza Low Code for your CRM: How to build an application

• How To Add Jobs To cron Under Linux or UNIX

• How To Add Swap Space on CentOS 8

• How to Clear the DropBox Cache on Ubuntu

• How to Install CentOS 8 Server

• How to Install FreeBSD 12.0 with ZFS Filesystem

• How to Install phpMyAdmin on Debian 10

• How to Setup a Git Server

• Linux Networking Job Interview Questions and Answers

• How to Disable Overlay Scrollbars in Ubuntu 19.10

• How to Write to Windows Partition In Linux

• How to add multiple paths in environment variable

• How to play Commodore 64 games on Linux

• How to play No Man’s Sky on Linux

• How to verify NTP is working Or not (Check Status of NTP)

• Install Java on Debian 10 Operating System

• Install Oracle Java 13 On Ubuntu, Linux Mint Or Debian From APT PPA Repository

• Understanding Processes on Linux

Games

• Start your week with a cheap game, a look over some sales going on right now

  It’s Monday, there’s not enough caffeine in the office, it’s raining outside but on the bright side there’s plenty of games for Linux on sale right now.

• Taking elements from XCOM and FTL, Galaxy Squad arrives on GOG with Linux support

  Inspired by two games I absolutely adore, Galaxy Squad takes the node-based exploration and random events from FTL and adds in some turn-based XCOM-like combat.

  It just today arrived on the DRM-free store GOG, with a Linux version. Curiously, Steam only has it for Windows so GOG got it first this time around which doesn’t happen often at all. The developer of Galaxy Squad was open to a Linux version when asked about it last year, so it’s great to see it happen.

• Zombie Soup, a peculiar action-packed shooting adventure coming to Linux next year

  Zombie Soup from Aeonsparx Interactive recently popped up on Steam and I have to admit, after watching the trailer I do want to see a lot more from this.

  Set in the 80′s, the story seems pretty cliché with a young boy coming across a damsel in distress during some sort of Zombie apocalypse. You will need to shoot, loot and dodge your way through the hordes with a promise of reliving the “best time of pop culture”.

• The promising action-adventure rogue-lite UnderMine just got a big update

  UnderMine has you dig deep for riches, now with a little bit more of a purpose with the Collector update out now.

  This update comes with two big new features! You can now unlock access to Griswold the Collector, if you manage to find a dusty tome in the UnderMine and bring it back. This allows you to unlock a bookcase behind the Archmage and discover Griswold hiding away. Griswold can give you hatchlings and when hatched they can become a new familiar.

• The Atari VCS team is finally talking about games as they’re partnering with Antstream Arcade

  The team doing the Linux-powered Atari VCS gaming console are finally talking about games. After a lot of silence, they’ve announced a partnership with Antstream Arcade to bring tons of classics to it.

  What is Antstream Arcade? It’s a game streaming service that hosts quite a lot of licensed retro games from various platforms like the Amiga, Spectrum, Commodore 64, Atari 2600, Atari ST, Sega Mega Drive and so on. It has a dedicated application you stream the games through but it comes at a cost with a subscription. They said Antstream Arcade will be available for the VCS at launch (whenever that is…).

• Songs of Syx, the pixel-art city-builder with an epic scale now has a Steam page and newer demo

  One that you need to firmly keep on your watch list is Songs of Syx, a city-builder that starts off tiny and allows you to grow into something huge.

  Written about here on GamingOnLinux back in July, with a tech demo available to mess around with available on itch.io. Shortly after writing that article, the developer actually put up a brand new demo with a ton of work going into it so it’s worth taking another good look at. Not only that, they also now have a Steam store page for you to wishlist and follow along ready for the eventual Early Access release.

• Minecraft is set to get a huge update to the Nether with new mobs and biomes plus Bees

  With the Nether, they’ve announced three entirely new biomes so it’s about to get bigger and more interesting. You might even be able to actually live there now, not that you want to right? I mean, it’s basically Minecraft Hell isn’t it? Anyway, the three new biomes are: Soulsand Valley – An area full of blue fog and blue flames (a new block) and massive fossils everywhere, Netherwart Forest Red – a very dense forest designed to make you lose your sense of direction and the Netherwart Forest Blue – it’s like the Red version but with a unique atmosphere and blocks including the new Nether Fungi covering the ground.

• Graveyard Keeper is getting a ‘Stranger Sins’ DLC that will let you build your own tavern

  Graveyard Keeper, the dark and humorous medieval cemetery management sim is about to expand with a new story DLC releasing October 29.

  It’s called Stranger Sins and it promises to be weird and crazier than the main game. Okay then. From what little they’ve said about it there will be around 4-8 hours extra to play through, the ability to build and run your own bar, new events, tons of new quests and apparently you will witness events that happened 200 years ago to find out what’s really been going on.

• D9VK 0.22 released fixing The Sims 2 and games complaining drivers are too old

  Joshua Ashton released a small tidying up version of D9VK yesterday, fixing a few issues to give you a better experience with this D3D9 to Vulkan layer.

  It adds in support for SetSoftwareVertexProcessing and GetSoftwareVertexProcessing with the rest of D9VK 0.22 amounting to fixes for reported issues.

• A new teaser is up for the FPS ‘TO4: Tactical Operations’ with testing opening up soon

  TO4: Tactical Operations, the upcoming free first-person shooter that’s planning Linux support is gearing up for a release with a new teaser video.

  As a reminder, TO4: Tactical Operations is a game we wrote about back in August last year as they announced work towards a Linux version.

• Mutazione is a game about the importance of tending to gardens and people

  Kai is able to help by replanting and tending to various gardens around the village, each requiring different types of plants to bring it back to its normal state. These gardens unlock as you progress through the story; typically, you’ll get access to a new one in each chapter of the game. These chapters take place over the course of a day split into various periods, like morning, afternoon, and evening. During each segment, you are free to explore the island, find seeds to use in the gardens, and talk to any villagers. The day and the story progress after you complete whatever specific task or conversation the game requires you to have.

Desktop Environments/WMs

• Xfce’s xfce4-panel Says Farewell To GTK2 Support

  Following last month’s release of Xfce 4.14 that transitioned from GTK2 to GTK3 as its tool-kit, old remnants of GTK2 support are now being nuked.

  With the latest xfce4-panel development code, GTK2 support was dropped today and its GTK2 API. This also includes no longer loading GTK2 plug-ins. Moving forward, Xfce’s focus is just on GTK3 — well, until when they decide in the future to switch to GTK 4.0 that should be released in autumn 2020.

• K Desktop Environment/KDE SC/Qt

  • Latte bug fix release v0.9.3

    Latte Dock v0.9.3 has been released containing important fixes and improvements!

  • [Krita] September Development Update

    We also managed make 538 changes to the code in September with 23 developers — and that excludes translations, since those aren’t in our code repository.

    We also went back to the Coverity Static Code analyzer and started analyzing Krita again. That was good for at least a hundred potential bug fixes, and it’s something that’s ongoing. We hadn’t done that for quite some time! There is still plenty to do, but the average defect density for projects the size of Krita is 0.7, so we’re not that bad.

  • [Krita] Interview with Samantha Skoros

    Oh I’m terrible at talking about myself. I guess the easiest thing would be that I’m 26 years old and a mother. I identify as genderfluid and pansexual, I freaking love Dungeons and Dragons, and I also am a super avid knitter/fiber artist. I mainly just love doing things with my hands and gravitate to any hobby or craft that lets me do that.

• GNOME Desktop/GTK

  • Georges Basile Stavracas Neto: Sprint 5: stability, stability, stability

    The Sprint series comes out every 3 weeks or so. Focus will be on the apps I maintain (Calendar, To Do, and Settings), but it may also include other applications that I contribute to.

Distributions

• Manjaro Linux makes two bold moves

  Manjaro has had one heck of a ride lately. Recently, the Arch-based Linux distribution went from being just that (an Arch-based Linux distribution) to a full-blown company: Manjaro GmbH & Co. KG. The move was to shift the distribution from being a hobby project to something that should (and will) be taken seriously.

  In fact, Philip Müller said he’d been researching “ways to secure the project in its current form and how to allow for activities which can’t be undertaken as a ‘hobby project.’” What this boils down to is that the Manjaro developers could now focus on the desktop Linux distribution full time, all the while getting paid for their efforts.

• openSUSE News: Election Committee Set to Open Vote on Project Name

  Following discussions about the “openSUSE Project logo & name change” that started in June on the openSUSE Project mailing list [1], the Election Committee received a request from the Board to conduct a vote whereby openSUSE members can indicate whether they are for or against the project name change.

  The voting will start on Oct. 10 and end on Oct. 31, which will provide three weeks for members to vote. The result will be announced on Nov. 1.

  The voting exercise is limited to openSUSE members only.

• New Releases

  • 4MLinux 31.0 BETA released.

    4MLinux 31.0 BETA is ready for testing. Basically, at this stage of development, 4MLinux BETA has the same features as 4MLinux STABLE, but it provides a huge number of updated packages.

  • LFS Stable Version 9.0 Release

    The Linux From Scratch community announces the release of LFS Version 9.0. Major changes include toolchain updates to glibc-2.30, and gcc-9.2.0. In total, 33 packages were updated since the last release. Changes to the text have also been made throughout the book. The Linux kernel has also been updated to version 5.2.8.

    Note that the major version of LFS has changed to 9. This has been done to keep LFS and BLFS version numbers synchronized. The BLFS System V version has added the elogind package which now allowed Gnome to be added.

    You can read the book online, or download to read locally.

    In coordination with this release, a new version of LFS using the systemd package is also being released. This package implements the newer systemd style of system initialization and control and is consistent with LFS in most packages.

    You can read the systemd version of the book online at LFS-systemd, or download-systemd to read locally.

    Please direct any comments about this release to the LFS development team at lfs-dev@lists.linuxfromscratch.org. Please note that registration for the lfs-dev mailing list is required to avoid junk email.

  • Linux From Scratch stable version 9.0 released

• Screenshots/Screencasts

  • Ubuntu MATE 19.10 Beta Run Through

    In this video, we are looking at Ubuntu MATE 19.10 Beta. Enjoy!

  • Kubuntu 19.10 Beta Run Through

    In this video, we are looking at Kubuntu 19.10 Beta. Enjoy!

  • Installation of “CentOS 8.0″ with Screenshots

    CentOS 8 has finally been released! The new version, which is a community version of RHEL 8, ships with new and exciting features which promise an enhanced user experience.

• PCLinuxOS/Mageia/Mandriva Family

  • OpenMandriva Can Now Clang Its Linux Kernel Build For This LLVM Focused Distribution

    OpenMandriva is one of the few Linux distributions (and arguably the only prominent one) that uses LLVM Clang as its default compiler toolchain over GCC for building its packages and the preferred C/C++ compiler exposed to its users. One of the last hold outs for this Clang’ed Linux distribution has been the kernel build but that is now no longer a blocker.

    With the new LLVM Clang 9.0 release, it’s now possible to use LLVM Clang to compile the mainline Linux kernel for x86_64 and Arm without needing any out-of-tree patches. In my testing of Clang 9 + Linux 5.3 it’s worked out well with a few exceptions like the AMDGPU driver having issues, but those few remaining headaches are being worked out so Clang’ing the Linux kernel works well for users and helps ensure code/compiler portability of the kernel.

• Fedora Family

  • Contribute at the Fedora IoT Edition Test Day

    Fedora test days are events where anyone can help make sure changes in Fedora work well in an upcoming release. Fedora community members often participate, and the public is welcome at these events. If you’ve never contributed to Fedora before, this is a perfect way to get started. On Wednesday, October 2, we’ll test Fedora IoT.

  • Contribute at the kernel and IoT edition Fedora test days

    Fedora test days are events where anyone can help make sure changes in Fedora work well in an upcoming release. Fedora community members often participate, and the public is welcome at these events. If you’ve never contributed to Fedora before, this is a perfect way to get started.

    There are two upcoming test days in the upcoming week. The first, starts on Monday 30 September through Monday 07 October, is to test the Kernel 5.3. Wednesday October 02, the test day is focusing on Fedora 31 IoT Edition. Come and test with us to make the upcoming Fedora 31 even better.

• Debian Family

  • Raspberry Pi OS Raspbian Improves Raspberry Pi 4 Support, Adds Many Improvements

    Raspbian 2019-09-26 images are now available to download and they include the rpi-eeprom tool, which will automatically update the SPI EEPROM on the new Raspberry Pi 4 computer to the latest stable version. Furthermore, it adds overscan support added for FKMS driver, and improves Bluetooth connection with audio devices by adding the latest changes to the Bluez ALSA interface.

    Furthermore, the Audio Settings tool has been modified to integrate more closely with the Volume plugin, which now lets users switch audio input devices, as well as the audio output between two HDMI devices. Support for more audio devices has been added as well in Raspbian 2019-09-26 by implementing “plug” values in the ALSA configuration file (.asoundrc).

  • Raspbian 2019-09-26 Has Raspberry Pi SPI EEPROM Updater, NTFS-3G Added

    Beyond updating a variety of packages like Chromium and VLC, Raspbian now includes RPI-EEPROM for being able to update the SPI EEPROM on Raspberry Pi 4 boards. This Raspbian release also has expanded appearance settings, switching of audio input/output devices from its desktop, overscan support for the FKMS driver, BlueZ Bluetooth updates, Mousepad as a simple text editor replacing Leafpad, drops GNOME Epiphany, and updates to a Linux 4.19.75 based kernel.

  • Jonathan McDowell: Life with a Yubikey

    At the past two DebConfs Thomas Goirand of infomaniak has run a workshop on using a Yubikey, and been generous enough to provide a number of devices for Debian folk. Last year I was fortunate enough to get hold of one of the devices on offer.

    My primary use for the device is to hold my PGP key. Generally my OpenPGP hardware token of choice is the Gnuk, which features a completely Free software stack and an open hardware design, but the commonly available devices suffer from being a bit more fragile than I’d like to regularly carry around with me. The Yubikey has a much more robust design, being a slim plastic encapsulated device. I finally set it up properly with my PGP key last November, and while I haven’t attached it to my keyring I’ve been carrying it with me regularly.

  • Chris Lamb: Free software activities in September 2019

    Attended the launch event of OpenUK, a new organisation with the purpose of supporting the growth of free software, hardware and data. It was hosted at the House of Commons of the United Kingdom and turned out to be quite the night to be attending Parliament.

    As part of my duties of being on the board of directors of the Open Source Initiative and Software in the Public Interest I attended their respective monthly meetings and participated in various licensing and other discussions occurring on the internet, as well as the usual internal discussions regaring logistics, policy etc.

  • Jonathan Carter: Free Software Activities (2019-09)

    It’s been a busy month on a personal level so there’s a bunch of my Debian projects that have been stagnant this month, I hope to fix that over October/November.

  • TeX Live/Debian updates 20190930

    TeX Live 2019 has seen already many updates since the initial upload to Debian, most of which I have never reported about. Today I have uploaded a new set of packages, based on the tlnet archives of 20190930.

  • Ben Hutchings: Kernel Recipes 2019, part 1

    This conference only has a single track, so I attended almost all the talks. All of them were recorded and videos should be available soon. This time I didn’t take notes but I’ve summarised all the talks I attended.

  • Sylvain Beucler: Debian LTS and ELTS – September 2019

    Here is my transparent report for my work on the Debian Long Term Support (LTS) and Debian Extended Long Term Support (ELTS), which extend the security support for past Debian releases, as a paid contributor.

    In September, the monthly sponsored hours were split evenly among contributors depending on their max availability – I was assigned 23.75h for LTS (out of 30 max) and 20h for ELTS (max).

    I was again able to factor out some time between LTS and ELTS.

    The qemu update required more testing than I expected, as it’s used with lots of different CPU and disk backends.

  • Russ Allbery: Haul post

    It’s been quite a while since I made one of these, and I… may have been supporting a lot of authors financially despite my huge to-read pile.

  • Sparky news 2019/09

    The 9th monthly report of 2019 of the Sparky project:

    • Sparky 2019.09 (semi-)rolling based on Debian testing “Bullseye” released
    • Linux kernel updated up to version 5.3.1 & 5.2.17
    • added to repos: Riot, Anydesk
    • build Bauh, a nice GUI tool which lets you install Flatpack and Snap packages, but it needs newer deps than can not be installed from Debian testing/Sid repos in this moment; have to wait
    • Sparky project page and Sparky forums got new skins; no big changes about the colors but they are much more mobile devices friendly now
    • Nemomen finished translating Sparky tools to Hungarian; thank’s a lot!
    • Sparky forums have been moved to a subdomain: https://forum.sparkylinux.org

• Canonical/Ubuntu Family

  • Ubuntu Blog: Design and Web team summary –27 September 2019

    This was a fairly busy two weeks for the Web & design team at Canonical. The first week was spent at an Engineering Sprint in Paris France. The second week was back home. Here are some of the highlights of our completed work.

  • Ubuntu Weekly Newsletter Issue 598

    Welcome to the Ubuntu Weekly Newsletter, Issue 598 for the week of September 22 – 28, 2019.

Devices/Embedded

• HAT-compatible SBC runs Linux on i.MX6 ULL

  Seeed’s “NPi i.MX6ULL Dev Board” runs Linux on NXP’s low-power ULL SoC with 512MB RAM, dual 10/100 LAN, USB host and Type-C, dual 40-pin GPIO, and either 8GB eMMC ($44) or 256MB NAND ($39).

  Seeed, which has produced Linux hacker boards such as the RK3229-based, voice-control oriented ReSpeaker Core v2.0, has returned with a Raspberry Pi HAT compatible model for IoT that taps NXP’s power-sipping, Cortex-A7-based i.MX6 ULL. The 100 x 60mm NPi i.MX6ULL Dev Board has opened pre-orders for $39 or $44 depending on whether you choose 256MB NAND or 8GB eMMC flash.

• Neural computing kit combines Atomic Pi SBC with Intel’s NCS2

  Team IoT has Kickstartered a $99 and up “Neural Computing Development Kit” that combines its Intel Cherry Trail based Atomic Pi SBC pre-loaded with Ubuntu and OpenVINO with Intel’s Neural Compute Stick 2 AI accelerator.

  Last December, Team IoT, a project from Digital Loggers, Inc., announced the Atomic Pi SBC at an amazingly low price of $34 — low, that is, for an Intel x86-based board. The open-spec, Intel Atom x5-Z8350 based SBC shipped in the spring, quickly sold out, and then returned in time for our catalog of 125 Linux hacker boards.

• Service robot runs on 9th Gen Coffee Lake system with nine GbE ports

  Vecow announced a service robot that runs Linux or Windows with ROS on its rugged, Coffee Lake based, 9x GbE equipped “ECX-1000” computer, which recently added support for 9th Gen CPUs.

  Taiwan-based Vecow announced that its rugged, Intel Coffee Lake based ECX-1000 computer is driving a new professional service robot aimed at Asian markets. The robots can be used for “cleaning, route mapping, object recognition, motion detection, collaborating with other robots and communicating with people,” says Vecow. Designed for use in public spaces, the robots are said to be “human-like, friendly, agile and good at communicating with people.”

• NanoPi M4V2 Metal Case Kit Review – Part 1: Unboxing and Assembly

  Earlier this month FriendlyELEC released two new products namely NanoPi M4 metal case with heatsink and optional NVMe SSD adapter, and NanoPi M4V2 SBC, a minor upgrade to the original Rockchip RK3399…

• MUSTOOL MT99 is a $14 Smartphone-shaped Digital Multimeter

  About a year ago we covered MUSTOOL MT8206, an inexpensive 2-in-1 multimeter & oscilloscope, and today we noticed another product from the company on Banggood.

• OneMix 3Pro Mini Laptop is Powered by Intel Core i5-10210Y Comet Lake-Y Processor [Ed: Sadly Windows preinstalled]

  One Netbook has launched several mini laptops in the last couple of years including One Mix 2S Yoga, and more recently One Mix 3 Yoga powered by an Amber Lake-Y Core m3-8100Y processor.

• USB Armory MkII: A USB-C Thumb Drive Based Linux Computer For Pentesters

  While it might look like a disrobed flash drive or RTL-SDR dongle, the USB Armory Mk II is actually a full-fledged open hardware computer built into the ubiquitous USB “stick” format. But more than just that, it’s optimized for security research and boasts a list of features that are sure to get the attention of any pentesters in the audience. Fine tuned thanks to the feedback developer [Inverse Path] received about the original version of the hardware, the Mk II promises to be the last word in secure mobile computing.

  Compared to the original hardware, the most obvious change is the switch to USB-C. The previous USB Armory used traces on the PCB to plug directly into a USB Type-A port, but this time around [Inverse Path] has put a proper male connector on the front of the board. Nominally, the USB Armory is plugged into a host computer to provide it with power and a network connection, though it also has the ability to disguise itself as a storage or input device for more stealthy applications. There’s also a female USB-C port on the Mk II, which can be used to connect additional devices, a feature the previous version lacked.

• Mobile Systems/Mobile Applications

  • Best Fossil Smartwatch in 2019

  • After Hours: Arrive package tracker for Android, Stranger Things 4, more

  • Verizon’s Samsung Galaxy Tab S3 receives Android 9 Pie update

  • How to download your contacts from Google on a computer or Android device

  • Latest Google Messages beta follows Android 10 dark theme

  • Google Messages v5.0 syncs dark mode with the Android 10 system theme, restores emoji shortcut

  • WESTPAY: Volume orders for next generation payment solution, based on Android, value 4 MSEK

  • Motorola One Macro leaks: Budget Android One phone to come with macro camera and more

  • Android 10 gets ported to the Xiaomi Redmi Note 5 Pro, Redmi 4X, Mi Max, 2016 Samsung Galaxy Tab A 10.1, and Nokia 6.1

  • Presenting the Best Dating & Hookup Apps for Android Phones

  • Nokia 7.2 review: The mixed bag mid-ranger

  • 5 Amazing Android Apps & Games to check out this week (SEP 30, 2019) – Phandroid

  • New Nvidia Shield TV hardware passes through Bluetooth SIG hinting at coming release

  • How to Backup Contacts on Any Android Phone

  • How to Install Pixel 4′s Live Wallpapers on Other Android Phones

  • How to download your contacts from Google on a computer or Android device

  • Nintendo 3DS emulation is now viable on Android with an unofficial Citra port

  • Top Trending games of the week on Android smartphones

  • Why tens of millions more Android gamers are playing PUBG Mobile than Fortnite

  • Data Breach Warning For 200 Million Android And iOS Gamers

  • OnePlus 6 & 6T Android 10 Open Beta update delayed after build fails internal testing

  • Mi A2 Lite Android 10 update rollout begins next week, says Xiaomi support

  • Huawei EMUI 10 Android 10 update: who’s in and who’s out

  • [Update: Go devices too] Nokia reveals its Android 10 update plans

  • Top 10 Best Android Smartphones – September 2019

  • Android 10 Privacy page adds ‘Device Personalization Services’ menu to ‘Clear data’

  • Android 10’s impressive Live Caption feature will likely launch on Pixel 4

  • How to view and manage your files in Android 10

  • GravityBox, the all-in-one Android customization tool using Xposed, has been ported to Android 10

  • This app can now change your wallpaper based on Android 10’s dark theme

  • How to Install Pixel 4 Voice Recorder App on Any Android Device

  • Bring home Hisense’s 58-inch 4K HDR Android OS UHDTV for $300 (Reg. $430)

  • Hulu for Android TV adds better remote support, darker icon and splash screen

  • DVB issues RfP on DVB-I app for Android and HbbTV

  • Emails show Google’s control over Android thwarted Amazon’s phone efforts

  • Honor Band 5 Now Lets You Control Music on Your Android Smartphone, Monitor SpO2 Levels

  • OnePlus 7T vs. OnePlus 7: Which should you buy?

  • Clash Royale UPDATE: Android users wait for September download following maintenance

  • Top 9 Best Android Cloud Storage Apps – 2019

  • Nokia 2.1, Nokia 1 Plus, Nokia 1 to receive Android 10 Go edition update soon

  • All that’s new with Android 10

  • Huawei releases Android 10 update schedule

  • The UMIDIGI F1′s successor has a punch-hole camera, Android 10 and a 48MP camera

  • This week in Android: Galaxy Fold, Mate 30 Pro, and OnePlus 7T reviews

  • The most superb Android smartphones with custom ROM support and how to choose one (Buyer’s guide)

  • Nokia releases latest low-price Android Go phone

  • Google helped kill of Amazon’s smartphone, emails allege

Free, Libre, and Open Source Software

• Earning, spending, saving: The currency of influence in open source

  The acquisition and application of influence is a vital aspect of any organization. But the manner in which people acquire influence can vary widely. In traditional, hierarchical organizations, for example, someone might acquire influence by virtue of their title or position in a hierarchy. In government organizations, someone might acquire influence by virtue of being elected. On social media, someone might acquire influence through endless self-promotion. Or someone might acquire influence through inheritance or wealth.

  In open source communities, influence operates differently. It can’t be bought, inherited, elected through a ballot, bestowed through a job title, or gained through celebrity. In this world, influence must be earned through the merit of the contributions one makes to a team, organization, or community.

• Sun Microsystems founders celebrate legacy

  More than 1,000 former employees of Sun Microsystems gathered near San Francisco International Airport recently to reminisce about the glory days. In attendance were all four founders of the company—Andreas Bechtolsheim, Vinod Khosla, Scott McNealy, and Bill Joy—who offered their perspectives on the technology business, past and present.

  Sun Microsystems was one of the highest flying technology companies at the turn of the 21st century, challenging rivals like IBM and HP in enterprise data centers and producing a range of open source software technologies still popular today, including the Java programming language and the Jenkins CI/CD platform (originally called Hudson). Sun fell on hard times a decade ago and ended up being bought by Oracle, with the sale completed in early 2010.

• TensorFlow 2.0.0

  Version 2.0.0 of the TensorFlow machine-learning system is out. Headline features include the “Keras” high-level API, support for distributed training, and more, including a number of API-breaking changes.

• Why Is Open-Source So Important? Part Two: The Problem With Profit And Property

  Part two of this article will explore Ittycheria’s comments in context, looking at how open-source companies profit while maintaining the good graces of the community and why this is so important today.

• Events

  • Registration Open for CODES@OEHI Hackathon Event

  • Helm as a Package Manager for Kubernetes: Q&A with Helm Founder Matt Butcher

    At the recently concluded Helm Summit in Amsterdam, the Helm project was front, left and center. Helm is already a defacto package manager for the Kubernetes community and is on the verge of entering Cloud Native Compute Foundation (CNCF) as a top level project.

    Helm is an application package manager running on top of Kubernetes, and describes an application’s structure through Helm Charts, making it convenient to install and manage packages and their dependencies. Helm is akin to the OS package managers yum, apt, and Homebrew, etc.

    With the advent of microservices and the need to scale and manage these services independently, Helm offers a way to do this through the use of Helm Charts.

  • Linux Conference 2019 here next week – Register Now [Ed: LinuxConf [ZA] 2019 has been infiltrated by Microsoft to whom Linux is a cancer]

    The conference, hosted in collaboration with PyConZA and PostgresConf, will feature 27 presentations across four tracks and two side events run by Obsidian and Microsoft.

  • Open graphics in Montreal

    Collabora is proud to be hosting this year’s edition of the X.Org Developer’s Conference (XDC), the leading event for developers working on all things Open graphics, including the Linux kernel, Mesa, DRM, Wayland and X11.

    Taking place later this week at the Concordia University Conference Centre in Montreal, XDC 2019 promises to be one of the best editions yet, with a packed schedule of talks, workshops and lightning talks spread out over three days.

    As usual, all the presentations on the main track will be live-streamed throughout the conference. Stay tuned for link to view the stream, which will be available on the morning of October 2, on both the XDC website and Twitter account.

• Web Browsers

  • Mozilla

    • WebHint in Firefox DevTools: Improve Compatibility, Accessibility and more

      Creating experiences that look and work great across different browsers is one of the biggest challenges on the web. It also is the most rewarding part, as it gets your app to as many users as possible. On the other hand, cross-browser compatibility is also the web’s biggest frustration. Testing legacy browsers late in the development process can break a feature that you spent hours on, even requiring rewrites to fix.

      What if the tools in your primary development browser could warn you sooner? Thanks to Webhint in Firefox DevTools, we can do exactly that, and more.

    • Mozilla Reps Community: Rep of the Month – August 2019

      Please join us in congratulating Yamama Shakaa, our Rep of the Month for August 2019!

      Yamama is from Nablus, Palestine. She is a teacher and has become a very active Mozillian, she joined the Reps program in November 2018 and is also part of the Mozilla Tech Speaker program. She keeps contributing deeply in the program as Reps Resources member.

    • Aaron Klotz: Coming Around Full Circle

      One thing about me that most Mozillians don’t know is that, when I first applied to work at MoCo, I had applied to work on the mobile platform. When all was said and done, it was decided at the time that I would be a better fit for an opening on Taras Glek’s platform performance team.

      My first day at Mozilla was October 15, 2012 – I will be celebrating my seventh anniversary at MoCo in just a couple short weeks! Some people with similar tenures have suggested to me that we are now “old guard,” but I’m not sure that I feel that way! Anyway, I digress.

      The platform performance team eventually evolved into a desktop-focused performance team by late 2013. By the end of 2015 I had decided that it was time for a change, and by March 2016 I had moved over to work for Jim Mathies, focusing on Gecko integration with Windows. I ended up spending the next twenty or so months helping the accessibility team port their Windows implementation over to multiprocess.

      Once Firefox Quantum 57 hit the streets, I scoped out and provided technical leadership for the InjectEject project, whose objective was to tackle some of the root problems with DLL injection that were causing us grief in Windows-land.

      I am proud to say that, over the past three years on Jim’s team, I have done the best work of my career. I’d like to thank Brad Lassey (now at Google) for his willingness to bring me over to his group, as well as Jim, and David Bolter (a11y manager at the time) for their confidence in me. As somebody who had spent most of his adult life having no confidence in his work whatsoever, their willingness to entrust me with taking on those risks and responsibilities made an enormous difference in my self esteem and my professional life.

      Over the course of H1 2019, I began to feel restless again. I knew it was time for another change. What I did not expect was that the agent of that change would be James Willcox, aka Snorp. In Whistler, Snorp planted the seed in my head that I might want to come over to work with him on GeckoView, within the mobile group which David was now managing.

    • Julien Vehent: Beyond The Security Team

      Good morning everyone, and thank you for joining us on this second day of DevSecCon. My name is Julien Vehent. I run the Firefox Operations Security team at Mozilla, where I lead a team that secures the backend services and infrastructure of Firefox. I’m also the author of Securing DevOps.

• Databases

  • Peter Bengtsson: Update to speed comparison for Redis vs PostgreSQL storing blobs of JSON

    Last week, I blogged about “How much faster is Redis at storing a blob of JSON compared to PostgreSQL?”. Judging from a lot of comments, people misinterpreted this. (By the way, Redis is persistent). It’s no surprise that Redis is faster.

    However, it’s a fact that I have do have a lot of blobs stored and need to present them via the web API as fast as possible. It’s rare that I want to do relational or batch operations on the data. But Redis isn’t a slam dunk for simple retrieval because I don’t know if I trust its integrity with the 3GB worth of data that I both don’t want to lose and don’t want to load all into RAM.

• CMS

  • WordPress 5.3 Beta 2

    WordPress 5.3 Beta 2 is now available!

    This software is still in development, so we don’t recommend running it on a production site. Consider setting up a test site to play with the new version.

• Pseudo-Open Source (Openwashing)

  • Microsoft is considering bringing Chromium-based Edge to Linux [Ed: Microsoft googlebombing “Linux” again?]

  • Microsoft to Linux developers: We want your help to bring Edge browser to Linux

• FSF/FSFE/GNU/SFLC

  • Richard Stallman’s 10 suggestions to Microsoft

  • Richard Stallman Reveals 10 Suggestions He Gave To Microsoft

    Richard Stallman recently gave a talk at Microsoft’s office, and all the speculation around it was kind of expected — many people concluded that Microsoft might have convinced the FSF-founder to jump the ship.

    It certainly hasn’t been the case, according to Stallman, who has come forward to clear the air. “I was invited, and I accepted,” he wrote on his website.

  • Richard Stallman to Microsoft: Publicly retract ‘open source is a cancer’ claim

    Former Microsoft CEO Steve Ballmer once described Linux and the General Public License as a “cancer”. One-time Windows boss Jim Allchin also called open source a killer of intellectual property and un-American.

    Stallman, a long-time critic of Microsoft and founder of the GNU project, to the surprise of some delivered a speech at Microsoft Research earlier this month. The free-software movement argues against proprietary constraints, as opposed to zero-cost software.

  • Microsoft Loves Linux Needs More Work Argues Open Source Leader

    Microsoft has increasingly embraced Linux in recent years, enough for Redmond to run under the mantra, “Microsoft Loves Linux”. Of course, the reason for the sea change from hating open source to embracing it is simply good economic movement.

    Despite its new-found love for Linux, one expert believes Microsoft has a long way to go to atone for past problems. Specifically, free-software leader Richard Stallman says Microsoft’s top execs previously targeted open source in the past.

    Most famous of the Linux attacks was former Microsoft CEO Steve Ballmer, who described the platform as a “cancer”. Former Windows chief Jim Allchin said the open source idea was both un-American and a killer of intellectual property.

  • What MIT Media Lab’s funding scandal says about sexism in tech

    Another prominent researcher, the computer scientist Richard Stallman, was pressured to resign from the school over comments he made that seemed to excuse Epstein’s behaviour, such as his statement that “it is morally absurd to define ‘rape’ in a way that depends on minor details such as which country it was in or whether the victim was 18 years old or 17.” He stepped down earlier this month.

  • Lubomir Rintel: Open letter to Neil McGovern

    Neil McGovern recently published an article entitled GNOME relationship with GNU and the FSF where he described parts of an e-mail exchange from Dr. Richard Stallman as “reprehensible” and called for him stepping down from his position at the Free Software Foundation. This eventually happened.

    Mr. McGovern decided to close comments on his blog entry. I respect this decision, especially because the topic is bound to attract troll commenters and an attempt to moderate the discussion might just take too much effort. I might end up doing the same. However, I disagree with Mr. McGovern’s assessment and believe it shouldn’t remain without a response. I figured out that an open letter might be the right way to respond.

    I’d like to stress that I’m, unlike Mr. McGovern, not speaking for GNOME, my colleagues, fellow hackers, my employer or anyone else but myself. Don’t cancel your GNOME Foundation membership because you think either of us is wrong. Engage in civilized discussion!

  • RenPyWeb – one year

    Big thanks to Ren’Py’s author who immediately showed full support for the project, and to all the other patrons who joined the effort!

    One year later, RenPyWeb is officially integrated in Ren’Py with a one-click build, performances improved, countless little fixes to the Emscripten technology stack provided stability, and more than 60 games of all sizes were published for the web.

  • 8 Best Plex Alternatives You Must Try in 2019

    MediaGoblin app comes with easy-to-use instruments to allow you to handle and share your media conveniently as well. Because it mainly supports a range of media types such as audio files, videos, books, 3D models, and even ASCII-art, it ensures that you don’t have to face incompatibility problems.

• Licensing/Legal

  • OnePlus publishes OnePlus 7T Kernel Sources

    During this week OnePlus caught the headlines with the release of OnePlus 7T. The new handset is the company’s upgrade over the OnePlus 7 released earlier this year alongside the 7 Pro. Interestingly enough, the OnePlus 7T has a better chipset (Snapdragon 855+) which is better than the standard SD855 inside the OnePlus 7 Pro.

    There’s one undeniable fact about OnePlus devices, no matter if you like the brand or their pricing policies, they have one of the best software supports in the industry. Moreover, OnePlus handsets are easy to mod, due to the company’s good nature of offering an open-source experience. Now, in another good example of commitment in complying with GPL, OnePlus has disclosed the Kernel Sources of the 7T.

• Programming/Development

  • The monumental impact of C

    is the original general-purpose programming language. The Season 3 finale of the Command Line Heroes podcast explores C’s origin story in a way that showcases the longevity and power of its design. It’s a perfect synthesis of all the languages discussed throughout the podcast’s third season and this series of articles.

    C is such a fundamental language that many of us forget how much it has changed. Technically a “high-level language,” in the sense that it requires a compiler to be runnable, it’s as close to assembly language as people like to get these days (outside of specialized, low-memory environments). It’s also considered to be the language that made nearly all languages that came after it possible.

  • Moving to C++11

    Greetings,
    
    I asked about moving to C/C++ 11 as it would make it easier to
    
    allow multithreading support due to having a memory model
    
    alongside other features. Jason Merill mentioned due to it
    
    being so common it may be a good  time to.
    
    Moving to git seems to be universally agree on so I'm opening the discussion
    
    for the same as related to C/C++11 migration and if possible opening
    
    a TODO similar to git if decided on.
    
    Please post your comments or ideas about the migration in response to this
    
    email,
    
    Nick
    
    

  • Moving to C++11

    Greetings David,
    
    I posted on the list about moving to C++11/C11 but the focus was on
    
    C++11 for my work. Seems that other people wanted to use some
    
    parts of the C++11 standard including rvalues,move,auto and template
    
    aliases. The thread is here:
    
    https://gcc.gnu.org/ml/gcc/2019-09/msg00228.html
    
    I've come to the conclusion that enabling parts of it would be useful overall based
    
    on the linked discussion.
    
    Therefore I'm opening up the discussion again with the commitee involved to figure
    
    out what should be used and how the migration should take place,
    
    Nick
    

  • GCC Developers Look At Transitioning Their Codebase To C++11

    Seven years after the GNU Compiler Collection (GCC) developers began transitioning their codebase from C to C++, they are now discussing the prospects of adopting C++11 as their allowed C++ standard revision for developing this open-source compiler.

    This past week the conversation over allowing C++11 code into the compiler code-base was brought up. So far there seems to be a lot of upstream developer interest in allowing C++11′isms into the GCC code-base. In fact, some have even expressed being open to allowing C++14.

  • Grants Awarded for Python in Education

    The Python Software Foundation has been asked about Python in education quite a bit recently. People have asked, “Is there an official curriculum we can use?”, “Are there online resources?”, “Are there efforts happening to improve Python on mobile?”, and so on.

    9 years ago we instituted the Education Summit at PyCon US where educators as well as students work together on initiatives and obstacles. Earlier this year we decided we needed to do more. In November of 2018, the PSF created the Python in Education Board Committee and it was tasked with finding initiatives to fund to help improve the presence of Python in education.

    In January of this year, the Python in Education Board Committee launched a “request for ideas” phase taking suggestions from the community on what we should focus our funding on. After the RFI period, we came up with 3 areas of education we wanted to focus on and asked to receive grant proposals on the following: resources (curriculums, evaluations, studies, multidisciplinary projects), localization (primarily translations), and mobile (development on mobile devices).

    We are happy to publish more details on the grants the PSF approved from this initiative!

  • ML with Python: Part-3

    In preious post, we saw various steps involved in creating a machine learning (ML) model. You might have noticed in Building ML Model we consider multiple Algorithums in a pipeline and then tune hyperparameter for all the Models. Don’t you feel that it would have been easier if some automated tools are there to ease the burden of repetitive and time-consuming tasks of machine learning pipeline design and hyperparameter optimization.

    Here comes AutoML, taking over the machine learning model-building process: once a data set is in a relatively clean format, the AutoML system will be able to design and optimize a machine learning pipeline faster than 99% of the humans out there.

  • Analyzing the Stack Overflow Survey with Python and Pandas

    I’m using the popular Pandas library, which is a “BSD-licensed library providing high-performance, easy-to-use data structures and data analysis tools,” according to the library’s About page.

  • Evennia: Blackifying and fixing bugs

    Evennia’s source code is extensively documented and was sort of adhering to the Python formatting standard PEP8. But many places were sort of hit-and-miss and others were formatted with slight variations due to who wrote the code.

    After pre-work and recommendation by Greg Taylor, Evennia has adopted the black autoformatter for its source code. I’m not really convinced that black produces the best output of all possible outputs every time, but as Greg puts it, it’s at least consistent in style. We use a line width of 100.

    I have set it up so that whenever a new commit is added to the repo, the black formatter will run on it. It may still produce line widths >100 at times (especially for long strings), but otherwise this reduces the number of different PEP8 infractions in the code a lot.

  • PyDev of the Week: Marlene Mhangami

    Sure, in college I studied molecular biology. I was actually in the schools pre-medicine track because I initially thought I wanted to become a doctor. Looking back on it now I laugh because I hate blood, just the sight of it in movies makes me shut my eyes tightly, so I’m genuinely happy that didn’t work out! I went to a liberal arts college and appreciate that I had the space to take courses in other fields like philosophy and politics which I really enjoy.

    I get asked about what hobbies I have quite often, and I’m not sure if I have anything I do consistently enough to call a hobby. I read, and sometimes run, and love to journal. I also occasionally paint, but the last time I told someone I painted they asked me where my studios were and started listing off artists that I had never heard of before, so I like to disclaimer that I don’t paint in a way that is cultured or sophisticated but just as a way to express myself and have fun.

  • Webinar: “React+TypeScript+TDD in PyCharm” with Paul Everitt

    ReactJS is wildly popular and thus wildly supported. TypeScript is increasingly popular, and thus increasingly supported.

    The two together? Not as much. Given that they both change quickly, it’s hard to find accurate learning materials.

    React+TypeScript, with PyCharm? That three-part combination is the topic of this webinar. We’ll show a little about a lot. Meaning, the key steps to getting productive, in PyCharm, for React projects using TypeScript. Along the way we’ll show test-driven development and emphasize tips-and-tricks in the IDE.

  • The Rust Programming Language Blog: Security advisory for Cargo

    The Rust team was recently notified of a security concern when using older versions of Cargo to build crates which use the package rename feature added in newer versions of Cargo. If you’re using Rust 1.26.0, released on 2018-05-10, or later you’re not affected.

  • The Rust Programming Language Blog: Async-await hits beta!

    Big news! As of this writing, syntactic support for async-await is available in the Rust beta channel! It will be available in the 1.39 release, which is expected to be released on November 7th, 2019. Once async-await hits stable, that will mark the culmination of a multi-year effort to enable efficient and ergonomic asynchronous I/O in Rust. It will not, however, mark the end of the road: there is still more work to do, both in terms of polish (some of the error messages we get today are, um, not great) and in terms of feature set (async fn in traits, anyone?).

  • September 2019 report: Jules, OpenSMTPD 6.6.0 upcoming release and related things

    Three months ago, I switched to a 75% part-time schedule so that I could spend a “free” week each month working on my own stuff, mostly opensource, without being pressured on what I should do. My employer does not know what I’ll be working on and I get to decide myself how I’ll spend this time.

    This came at the cost of slashing a quarter of my wage, so while most of my “free” weeks will be spent on opensource and writing articles, I might also have to take some contracts and sponsored developments based on the state of my finances. I opened a patreon account so that if enough people want to sponsor me, I can spend these free weeks focusing solely on community work rather than proprietary work.

    Thanks again to the people who make this possible !

• Standards/Consortia

  • Why much of the [WWW] is closed off to blind people

    Ultimately, those pushing for digital accessibility argue that businesses have no excuse for dragging their feet over it.

    “It’s not hard to do, it should just be part of best practice, not an additional line item, just like making sure a website loads quickly is,” says Laura Kalbag, a website designer and author of Accessibility for Everyone.

    “It basically just involves HTML coding, which even a blogger can do. If it is a huge website, it might take some time, but the work itself is not complicated.”

    She adds it is a myth that making a website accessible makes it ugly, there is no correlation – you can still have snazzy images and graphics.

  • Neil Young’s Boring, Prophetic Message to Readers

    To Feel the Music is the story of Pono, which was Neil Young’s quixotic attempt to create and sell a new kind of portable music player and download service. Something that didn’t crush recorded sound into nasty little MP3s. If you’ve read either of his previous books, Waging Heavy Peace and Special Deluxe, you’ll be familiar with his preoccupation—his obsession, his foreboding—in this area. Young has long contended that with digitization, the conversion of music into data, has come a terrible shriveling of our sonic universe. You’ll also be familiar with his distinctively dazed, American Primitive prose style: “You have to give your body a chance to absorb [music] and recognize how good it feels to hear it. The human body is incredible. It’s great! It’s made by God/nature, depending on your beliefs.”

    MP3s, and I’ll try to be as scientific as I can here, are evil. They go against God/nature by chopping music into numbers. I’m with Young 100 percent on this. Beautiful flowing music, sliced to bits! And what is the devil’s price for having the entire Tangerine Dream back catalog at your fingertips? Why, shitty sound quality. The sound coming out of my Bluetooth speaker is no longer a dimension; it’s a narrow pulse, a serrated wave. Bass-blurts, ragged spikes of treble, a terrible crowdedness or crammedness in the midrange. My old-fart ears are squeaking in discomfort. The acoustic environment, like every other environment, is being degraded.

    But it doesn’t have to be, is Young’s point. We’ve all settled for this, because Steve Jobs said so. [...]

Budapest Stadium Blasts a Rammstein Song on Repeat — All Night Long [iophk: misuse of Facebook in place of official communication channels ]

After a speaker test malfunctioned, a track from German raging rockers Rammstein was blasted for hours. Residents near the Puskas Arena complained about the noise. Rammstein’s recently released “Deutschland” song played on repeat throughout the night.

The ‘accident’ sounds suspicious, though somehow, a blaring speaker system went rogue. And nobody slept as a result.

Science

• DIY Thermal Imager Uses DIY Gaussian Blur

  Since [DZL] wanted to implement it on a microcontroller, the lightweight implementation was born. The project page walks through the details of Gaussian interpolation and how some effective shortcuts were made, so be sure to give it a look.

Security (Confidentiality/Integrity/Availability)

• Malware Delivery Campaign Employs Advanced Fileless Techniques [iophk: Windows TCO]

  The attack starts with the delivery of an HTML Application (HTA), most likely through compromised advertisements. The file attempts to connect to a randomly named domain to download additional JavaScript code that attempts to retrieve content from the command and control (C&C) server.

  The downloaded file then attempts to contact the remote C&C domain to download an RC4-encrypted file and a decryption key. The file is an additional JavaScript snippet that starts a malicious PowerShell script.

• Chinese [Attackers] Hit Technology Firms in Southeast Asia With PcShare Backdoor

  The attackers also used a trojanized screen reader application that replaces the built-in Narrator “Ease of Access” feature in Windows, essentially gaining remote control over the infected systems, all without having to steal the victim’s credentials.

  The malware is executed on the victim’s machine via DLL side-loading. Specifically, the backdoor is side-loaded by the legitimate NVIDIA Smart Maximise Helper Host application (part of NVIDIA GPU graphics drivers), the security researchers discovered.

• Security updates for Monday

  Security updates have been issued by CentOS (dovecot, kernel, and qemu-kvm), Debian (cimg, cups, e2fsprogs, exim4, file-roller, golang-1.11, httpie, and wpa), Fedora (curl, ghostscript, ibus, krb5, mod_md, and nbdkit), Mageia (chromium-browser-stable, libheif, and nghttp2), openSUSE (djvulibre, expat, libopenmpt, mosquitto, phpMyAdmin, and webkit2gtk3), Red Hat (nodejs:10), SUSE (gpg2), and Ubuntu (e2fsprogs and exim4).

• Exim 4.92.3 security release

  Exim 4.92.3 has been released with a fix for CVE-2019-16928, a heap-based buffer overflow in string_vformat that could lead to remote code execution. “The currently known exploit uses a extraordinary long EHLO string to crash the Exim process that is receiving the message. While at this mode of operation Exim already dropped its privileges, other paths to reach the vulnerable code may exist.”

• New Critical Exim Flaw Exposes Email Servers to Remote Attacks — Patch Released

  A critical security vulnerability has been discovered and fixed in the popular open-source Exim email server software, which could allow a remote attacker to simply crash or potentially execute malicious code on targeted servers.
  Exim maintainers today released an urgent security update—Exim version 4.92.3—after publishing an early warning two days ago, giving system administrators an early head-up on its upcoming security patches that affect all versions of the email server software from 4.92 up to and including then-latest version 4.92.2.
  Exim is a widely used, open source mail transfer agent (MTA) developed for Unix-like operating systems like Linux, Mac OSX or Solaris, which runs almost 60 percent of the Internet’s email servers today for routing, delivering and receiving email messages.

• Critical Exim Flaw Opens Servers to Remote Code Execution

  A fix has been issued for a critical Exim flaw that could lead to servers crashing or remote code execution attacks being launched.

  A patch has been issued for a critical flaw in the Exim email server software, which could potentially open Exim-based servers up to denial of service or remote code execution attacks.

  Exim, which is free software used on Unix-like operating systems (including Linux or Mac OSX), serves as a mail transfer agent that manages mail routing services for organizations. According to a Shodan analysis, Exim is the most used mail transfer agent globally and has over five million internet-facing hosts.

• Stop us if you’ve heard this one before: Yet another critical flaw threatens Exim servers

  Admins of Linux and Unix boxes running Exim would be well-advised to update the software following the disclosure of another critical security flaw.

  The Exim 4.92.3 patch, released on September 28th, includes a fix to close up the CVE-2019-16928 flaw.

  Discovered by bug-hunters with the QAX A-Team, the vulnerability is caused by a buffer overflow error that occurs when Exim processes an extremely long string in an Extended HELO (EHLO) Extended Simple Mail Transfer Protocol (ESMTP) command message.

  In practice, an attacker could write an exploit into the EHLO message and remotely trigger the bug to get control over the targeted server. So far, no active attacks on the flaw have been reported in the wild.

  “It’s a simple coding error, not growing a string by enough,” said Jeremy Harris, the Exim dev who patched the flaw in what he described as a simple “one-line fix.”

• pam-python: local root escalation (CVE-2019-16729)

  Last week the openSUSE Security Team spent some time to check and review the PAM module from the pam-python project. Main reason for that – to make sure that the source code of the project is secure enough and bug free of course. Badly implemented PAM modules may cause user authentication to always succeed or otherwise badly influence security.

Defence/Aggression

• The Trump Administration is Waging a War on People Fleeing Persecution. We Can’t Let Them Win.

  In June 1939, a passenger ship named the St. Louis approached the coast of Florida, planning to dock in Miami. The boat was packed with nearly a thousand refugees fleeing Nazi persecution in Europe. Most were Jewish, and they thought they’d find a safe haven in the United States.

• In Media Newspeak, a ‘Peace Plan’ for Israel/Palestine Is Anything US Proposes

  Prior to the elections in Israel/Palestine in September—marred by blatant racism posturing as the “democratic process,” with millions of Palestinians living under varying degrees of Israeli rule unable to vote due to their ethnicity—Prime Minister Benjamin Netanyahu generated headlines for repeatedly pledging to annex nearly a third of the illegally occupied West Bank, in violation of international law, to gain support for his and the Likud party’s reelection (New York Times, 9/10/19).

• After the fall of the ISIS caliphate

  Among the Russians who joined ISIS, the most interesting one are those who eventually rejected the terrorist organization. This category itself can be divided into two subgroups: those who left ISIS after realizing its impending defeat, and those who left due to ideological disagreements or who became disappointed in ISIS’s handling of its matters.

• Islamist extremists are exterminating Christians in northern Burkina Faso

  According to sources close to the international Catholic charity and pastoral foundation Aid to the Church in Need, the Christian population in the north of Burkina Faso is currently being exterminated or expelled from their villages by Muslim extremists.

  The most recent villages to have been abandoned are those of Hitté and Rounga, where the inhabitants have been given an ultimatum by the Islamist terrorists, ordering them to convert to Islam or leave their homes.

• Supporting Kashmiris is doing ‘jihad’, says Pakistan PM Imran Khan

  In his speech that went on for about 50 minutes, far exceeding the 15-minute limit for UN speeches during the General Debate, Mr. Khan devoted half of his address to the Kashmir issue, warning that if there’s face-off between two nuclear-armed neighbours, the consequences would be far beyond their borders.

  His speech was in contrast to PM Narendra Modi’s message from the same podium few minutes earlier, in which he said India is a country that has “given the world, not war, but Buddha’s message of peace.”

  Pakistan has been trying to internationalise the Kashmir issue after India withdrew the special status of Jammu and Kashmir on August 5, but New Delhi has asserted the abrogation of Article 370 was its “internal matter.”

• The Tragic Logic of the Attacks on the Saudi Oil Plants

  Maybe we’re the wrong species to conjecture about sanity, but between 3 and 4 am on Saturday, September 14, Yemeni Houthi forces—or Iran, or someone—did what may, under different circumstances, have been the sanest thing that any human beings resident on this warming Earth could do: They managed to shut down the largest crude-oil processing plant on the planet. Nineteen drone strikes did the job, 17 of them hitting targets at Saudi Arabia’s Abqaiq stabilization facility and Khurais oil field with an accuracy that was, in the words of one energy expert, “exquisitely precise.” In a single, two-pronged operation, they cut oil production by 5.7 million barrels per day, nearly 7 percent of the current global output. Decades of climate negotiations have not been nearly so effective.

• China’s demand for undivided loyalty is causing tragedy in Hong Kong

  In Hong Kong the city’s former colonial master, Britain, left behind an awkward hybrid. The territory has the political culture and education system of a liberal democracy. But its leaders are mostly appointed, with only a minority of political offices opened to direct election. Since Mr Xi became the Communist Party’s boss, China has betrayed its impatience with even that limited accountability, and the central government’s agents have worked to marginalise competing voices.

• Hong Kong: First Line of Defence against a Rising Fascist Power

  Why has no crackdown come? The answer is economic: the Chinese Communist Party exercises tight control over the movement of funds in its territory, but at the same time it desires greater integration into the world economy. The only way to achieve the latter while maintaining the former is by preserving the special status of Hong Kong. The region enjoys a free market economy, allowing foreign companies to access China while mainland companies can extend their influence beyond the country—indeed, as Kerry Brown points out in CEO, China: The Rise of Xi Jinping, more than 60 percent of China’s outward investment actually goes through Hong Kong. “We are a window for China to look to the outside world,” says Hong Kong politician Emily Lau.

  A repeat of the Tiananmen Square nightmare would almost certainly lead to a massive economic crash, and China cannot risk this, especially now that its economy is slowing down. [...]

• Filming the Philippines’ ‘War on Drugs’

  The International Criminal Court (ICC) recently made a surprising request for its preliminary examination into thousands of alleged extrajudicial killings in Philippine President Rodrigo Duterte’s “war on drugs.” The court said it wanted to review footage from a movie set to be released to international audiences later this month.

• More Violence Grips Hong Kong Ahead of China’s National Day

  Protesters and police clashed in Hong Kong for a second straight day on Sunday, throwing the semiautonomous Chinese territory’s business and shopping belt into chaos and sparking fears of more ugly scenes leading up to China’s National Day holiday this week.

Transparency/Investigative Reporting

• Trump’s Whistleblower Attacks Are Troubling, But Not Unprecedented

  The @realDonaldTrump Twitter handle was on overdrive this weekend, assailing the anonymous whistleblower who reported that President Trump used the power of his office to solicit interference from a foreign country in the 2020 U.S. election. Like clockwork, President Trump tried to attack the whistleblower’s credibility, questioned the meager whistleblower protections currently in place, labeled those who provided information to the whistleblower as spies, and suggested such “spies” should be treated as they were in “the old days” — presumably referring to execution.

• Shooting of King Salman’s guard deepens Saudi turmoil

  His death immediately led to speculation of palace intrigue, with claims that he had recently been dismissed from the king’s service and may have had information pertinent to the murder last year of the journalist Jamal Khashoggi.

• Pakistan minorities in US to expose PM Imran Khan at UN

  “Pakistan is focusing on the wrong K. Pakistan is raising the Kashmir issue only to divert attention from Pakistan Army atrocities on its minorities from Mohajirs to Balochs, Pashtuns, Hindus and Christians,” Nadeem Nusrat, chairman voice of Karachi, told Mail Today in New York.

  “We have documented facts about the condition of minorities in Pakistan. More than seven decades after the Independence, Mohajirs (Muslims who moved to Pakistan after Independence) have still not been integrated. Our youth have been abducted, tortured and killed by Pakistan ISI and Rangers as intimidation tactics,” said Wasay Jalil, former Mayor of Gulshan Iqbal in Karachi who was forced to flee Islamabad facing Pakistan Army atrocities.

• Why transcripts of Trump’s calls with heads of state are so hard to get

  “Every other telecon I’ve seen had an individual person — someone like Rose Gottemoeller, who was on the White House staff, or Nicholas Burns, who went on to be high-level State Department — they would be listed as note-taker because they were responsible for making sure the transcript was accurate as possible. The second really unusual item is the caveat down at the bottom of the page; it says ‘caution,’ it’s not a verbatim transcript. It just is our notes and recollections of these duty officers and policy staff, and there are a lot of factors that can make it inaccurate.’ That’s a really unusual caveat,” Blanton said.

• Who is responsible for enforcing the US whistleblower law? The president.

  “Instead the transcript was loaded into a separate electronic system that is otherwise used to store and handle classified information of an especially sensitive nature,” the report said. “One White House official described this act as an abuse of this electronic system because the call did not contain anything remotely sensitive from a national security perspective.”

• Do Not Feed The Climate Trolls

  As public acceptance of climate science continues to shift towards the scientific consensus, the insidious lobbies who have long-funded climate change denial are mobilising. Their goal is to erode the “consensus gap” between climate scientists and the public. It’s nothing new.

  But they have started gathering on a new battleground: polluting the comment sections on social media, to make it appear that even readers of science websites like ours don’t agree with climate science. Yeah, we’re on to them. We’re calling them climate trolls.

• Interview With CIA Whistleblower John Kiriakou On Ukraine Call Whistleblower Complaint And War On Whistleblowers

Environment

• Thai Premier Prayut urges people to wear masks as smog envelops Bangkok

  Pollution spikes caused by industrial emissions, construction, crop burning and vehicle fumes have rattled Thailand in recent years. The smog was one of the top trending items in the country on Twitter, underlining growing concern as officials struggle to control the problem.

• Palm oil from Sumatra illegal plantation found in supply chains of brands like Nestle: Forest group

  A Rainforest Action Network (RAN) investigation showed Asia-based palm oil traders Golden Agri-Resources (GAR) and Musim Mas Group bought oil from two mills that sourced palm fruit from a small, privately owned plantation on Sumatra island.

  The plantation is inside the protected Rawa Singkil Wildlife Reserve, in a high-priority conservation area and critical wildlife habitat, dubbed the “orang utan capital of the world”.

• Nature’s Solution to Climate Change

  The carbon capture potential of whales is truly startling. Whales accumulate carbon in their bodies during their long lives. When they die, they sink to the bottom of the ocean; each great whale sequesters 33 tons of CO2 on average, taking that carbon out of the atmosphere for centuries. A tree, meanwhile, absorbs only up to 48 pounds of CO2 a year.

  Protecting whales could add significantly to carbon capture because the current population of the largest great whales is only a small fraction of what it once was. Sadly, after decades of industrialized whaling, biologists estimate that overall whale populations are now to less than one fourth what they once were. Some species, like the blue whales, have been reduced to only 3 percent of their previous abundance. Thus, the benefits from whales’ ecosystem services to us and to our survival are much less than they could be.

  But this is only the beginning of the story.

• Whales worth about $1 trillion in carbon sequestration, analysis finds

  On top of that, the metabolic activity of whales — their breathing, peeing and pooping — stimulates huge growths of phyloplankton, which itself sequesters tons of carbon. As National Geographic notes, in a post about this new study …

• How much is a whale worth?

  While they are alive, whales might do even more to capture carbon, thanks to their jumbo-sized excrement. Great whales feed on tiny marine organisms like plankton and krill in the ocean’s depths before surfacing to breathe, poop and pee—and the latter activities release enormous plume of nutrients, including nitrogen, phosphorus, and iron, into the water. So-called poo-namis stimulate the growth of phytoplankton, marine algae that pull carbon out of the air via photosynthesis.

  When phytoplankton die, much of their carbon gets recycled at the ocean’s surface. But some dead phytoplankton inevitably sink, sending more captured carbon to the bottom of the sea. Another study from 2010 found that the 12,000 sperm whales in the Southern Ocean draw 200,000 tons of carbon out of the atmosphere each year by stimulating phytoplankton growth and death through their iron-rich defecations.

• An Unlikely Weapon in the Fight Against Climate Change

  Climate scientists say seabed carbon storage could be a new ally to help reduce greenhouse gas emissions by a volume greater than all the carbon dioxide pumped into the atmosphere from the planet’s coal-burning power stations.

• California Polluters May Soon Buy Carbon ‘Offsets’ From the Amazon — Is That Ethical?

  California thinks it has an answer.

• Three Billion Canaries in the Coal Mine

  I was wrong. A new study in the journal Science reports that nearly 3 billion North American birds have disappeared since 1970. That’s 29 percent of all birds on this continent. The data are both incontrovertible and shocking. “We were stunned by the result,” Cornell University’s Kenneth V. Rosenberg, the study’s lead author, told The Times.

  This is not a report that projects future losses on the basis of current trends. It is not an update on the state of rare birds already in trouble. This study enumerates actual losses of familiar species — ordinary backyard birds like sparrows and swifts, swallows and blue jays. The anecdotal evidence from my own yard, it turns out, is everywhere.

• Too many single-use plastics tossed in trash; deposit on small bottles possible

  Van Veldhoven also said that the association of Dutch municipalities VNG and the packaging industry are little to no action to make sure that cans don’t end up littering the streets. “So I decided to take measures myself to ensure the reduction of the amount of cans in litter.” She is considering various measures, “including legal measures”, on this front. Exactly what these measures are, is not yet clear.

• Mexico City park purifies enough wastewater to fill a stadium each month

  Mexico City’s Ecoducto is a linear green space where a system of artificial wetlands purifies 30,000 liters of sewage daily, enough to fill the city’s 87,000-seat Estadio Azteca soccer stadium each month.

  The artificial wetlands were designed by Dr. Alejandro Alva, a hydrobiologist at the National Autonomous University (UNAM).

• India’s Sikkim State Leads Country’s Plastic Ban with Bar on Bags

  Nestled on Himalayan slopes, Sikkim replaced plastic bags with paper or cloth bags and even leaves long before environmentalists raised an alarm about plastic choking cities and oceans. It imposed the ban on plastic bags after a spate of landslides in 1998, when experts feared they were partly caused because drains choked with plastic waste left no outlet for torrential rainwater.

  As India gears up to announce a nationwide push to eliminate single-use plastic this week, the state with the country’s smallest population is being hailed for launching the battle two decades ago.

AstroTurf/Lobbying/Politics

• China runs full-page ad on Hong Kong in Helsingin Sanomat, sparking criticism

  Mikko Kärnä (Centre), a second-term Member of the Finnish Parliament from Lapland, responded to the ad by calling for a legislative amendment preventing foreign nations from attempting to sway public opinion through media.

  He viewed that the newspaper showed extremely poor judgement in publishing the ad because of the violence that ended yet another week of protests in Hong Kong on Sunday. Media reports indicate that law enforcement officers fired rubber bullets, tear gas and water cannons to disperse the protesters.

• ‘The Campaign Is The Amplifier’: How Trump Plans To Fight Impeachment Push

  Evidence of this came over the weekend when the Trump campaign, along with the Republican National Committee, announced a combined $10 million cable ad buy. The ads go after former Vice President Joe Biden and House Democrats and are an attempt to sway public opinion as the impeachment inquiry gets going. It’s not clear yet how saturated the airwaves will be, but it is a significant buy.

• FATAH: Is the 9/11 mastermind still a matter of public debate?

  Sameer Zuberi seems to have made attempts to de-emphasize his past. He either de-activated his previous Twitter account and created a brand new one that has no content or was the only activist on the globe who found no use for Twitter until he became candidate. I asked him if he had a previous Twitter trail, but did not receive a response.

• Is Johnson really going to ‘rein in’ NHS privatisation? Don’t you believe it!

  But it’s nonetheless worth investigating. When an election does come, the NHS will be a key battleground, and one in which the Conservatives hope to at least neutralise Labour’s natural advantage. And in the disgruntled words of US President Harry Truman (describing the tactics of his political enemies), “if you can’t convince them, confuse them”. Well, the news – reported in the Guardian, no less – that Johnson will legislate to “rein in” NHS privatisation – is certainly likely to have confused many. Particularly given that Johnson is surrounded by the most pro-free market, anti-state cabinet in recent history, that he’s desperate for a vindicatory US trade deal, and with the US explicitly desperate to profit from our NHS.

  So what’s really going on?

• Stunned authorities find dozens of encrypted computers in alleged spy’s home

  Most of the computers were encrypted — which is legal but creates potential barriers for the RCMP officers still investigating the case.

  Ortis, the 47-year-old director general of the RCMP’s national intelligence co-ordination centre, faces multiple charges under the Security of Information Act for allegedly preparing to share sensitive information with a foreign entity or terrorist organization.

• Why claims that Hong Kong protesters support escalating violence could be wrong… and dangerous

  A recently published study by a respected political scientist at Lingnan University found that more than half of its respondents advocated the escalation of protest tactics. The report was widely shared on social media and was the subject of a article in The Conversation.

  This is because the line that protesters support violence plays to three important biases. Firstly, it reads like a good news piece. Second, it provides reassurance to radical protesters that their actions carry public support. Thirdly, blurring the lines between peaceful and violent protesters justifies an indiscriminate crackdown that has already had a chilling effect on civil society.

  However, the study itself has important limitations and therefore does not really support this understanding. What the study shows is that of the 8,000 protesters surveyed over 19 demonstrations, with an 85 per cent response rate, an increasing number are choosing to either agree or strongly agree that over time “Radical protests can force the government to listen to the people.”

• Bernie Sanders Is Tied With Joe Biden in Crucial State: New Poll

  New CNN polls from two key early states released Sunday solidify the notion that the Democratic Party presidential primary has largely become a three-way race between Joe Biden, Bernie Sanders, and Elizabeth Warren.

• With Vote Over, Afghanistan Faces Possible Political Chaos

  Presidential elections are over, and Afghanistan now faces a period of uncertainty and possible political chaos. Saturday’s vote was marred by violence, Taliban threats and widespread allegations of mismanagement and abuse. It was the fourth time Afghans have gone to the polls to elect a president since 2001 when the U.S.-led coalition ousted a regressive Taliban regime.

• Australia: Bring Home Children of Fighters in Syria

  The Australian government should bring home Australian children of parents who may have joined armed groups and who are living in deplorable conditions in camps in Syria, Human Rights Watch, Amnesty International, and Save the Children said today. 

• Could Washington’s Impeachment Drama Spark China Trade Deal?

  The Democratic impeachment inquiry may do at least one thing for President Donald Trump: It could give him more incentive to resolve his trade war with China.

• Moscow’s FSB chief says a corrupt lawyer is using illicit court ties to steal money from Putin’s biographer

  Alexey Dorofeyev, the head of the Federal Security Service’s Moscow branch, has written a letter to state prosecutors alleging that a handful of Moscow judges and “individual heads” of the Moscow City Court have provided assistance to several illegal business takeovers. The newspaper RBC has obtained an audio recording from a Supreme Court hearing, where the contents of Dorofeyev’s letter were read aloud on September 27.

• ‘United’ opposition parties step up plans to prevent Boris Johnson’s no-deal Brexit

  Opposition parties have for the first time put formal plans in place for a government of national unity as they step up attempts to stop Boris Johnson overseeing a no-deal Brexit.

  Whips from Labour, the Liberal Democrats, SNP and smaller parties will meet in Westminster to discuss arrangements for a possible national unity government, or GNU, if the Prime Minister refuses to request an extension to Brexit.

  The parties are in disagreement over who should lead the temporary government – with Labour chief Jeremy Corbyn insisting it should be him as leader of the opposition.

Censorship/Free Speech

• The Guy Who Wrote Facebook’s Content Rules Says Its Politician Hate Speech Exemption Is ‘Cowardice’

  Though Facebook says it will still remove content from politicians that encourages violence or harm, Willner argues that allowing hate speech—whether it’s from a politician or a private citizen white supremacist—can create a dangerous atmosphere. He cites research from the Dangerous Speech Project, which studies the types of public speech that spark violence, that backs up his claim. He also charges that Facebook’s exception now makes politicians a privileged class, enjoying rights denied to everyone else on the platform. Not only is Facebook avoiding hard choices, Willner says, it is betraying the safety of its users to placate the politicians who have threatened to regulate or even break up the company. “Restricting the speech of idiot 14-year-old trolls while allowing the President to say the same thing isn’t virtue,” writes Willner. “It’s cowardice.”

• Tens of thousands rally in Moscow urging release of jailed opposition protesters

  The current wave of demonstrations was triggered by the refusal of Moscow authorities to allow opposition activists like Sobol, an associate of top Kremlin critic Alexei Navalny, participate in local elections.

  The sweeping, sometimes violent crackdown on protests backfired when crowds of many as 50,000 began to gather with wider political demands while the opposition gained dozens of seats in city parliament.

• TikTok Bans Pro-LGBT Content In Certain Countries — Including Same-Sex Touching, Kissing, or Holding Hands

  The move comes after a reveal that the service is censoring references to Tiananmen Square, Tibet, and Falun Gong.

• TikTok censors references to Tiananmen and Tibet

  Criticism of China’s socialist system comes under a general ban of criticism towards the policies and social rules of any country. A ban covering the distortion of local or other countries’ history includes the example of the Tiananmen Square “incidents”.

• Social Media App TikTok Censors anti-China Content

  TikTok instructs moderators for the app to censor content that casts China in a negative light, including any vides that reference Tiananmen Square, the Falun Gong religious group, and Tibetan independence. There is also suspicion that the app is censoring videos related to the Hong Kong protests against Chinese encroachment on its independence.

  When the Washington Post searched for Hong Kong on the app, the results barely showed any sign of the protests or unrest.

• TikTok’s moderation guidelines penalized political criticism and ‘controversial topics’

  The Guardian says TikTok moderators were told to flag content based on very general rules that purposely covered specific Chinese censorship concerns, like criticizing government policies. Some sections mentioned specific forbidden topics, including the Tiananmen Square protests and the Tibetan or Taiwanese independence movements.

• WhatsApp restrictions slow the spread of fake news – but don’t stop it

  The researchers joined public WhatsApp groups dedicated to political discussions and tracked how 784,000 unique images were shared by users in the 60 days before and 15 days after the recent general elections in each of the three countries. These public groups are key arenas for propagating misinformation, says Benevenuto.

  The team found that 80 per cent of the images stopped being shared after two days, but some continued cropping up more than two months after their first appearance.

Privacy/Surveillance

• Snowden in the Labyrinth

  How does one decide to become the dissident, the scapegoat, the whistleblower? Snowden seems as mystified as we are. It is as if one day the question simply appears, fully formed: Why am I the one who cares? Why am I haunted by the eyes of the boy in his father’s lap while other operatives with access to XKEYSCORE are busy collecting nudes and stalking ex-girlfriends? (Alas, yes. They even have a nickname for it: LOVEINT, a satirical variation on HUMINT and SIGINT—human and signals intelligence.) “To whom could I turn?” he writes. “Who could I talk to? Even to whisper the truth, even to a lawyer or a judge or to Congress, had been made so severe a felony that just a basic outlining of the broadest facts would invite a lifetime sentence in a federal cell.”

  Snowden suffers as he privately traces the extent of the government’s crimes and realizes the deceptions required to carry them out. He twists through feelings of shame at his complicity; astonishment at the indifference around him; fear at the onset of loneliness, a loneliness he knows is only a preview of the isolation awaiting him if he acts. There’s also a sort of bargaining and denial phase, as he assesses whether he’s too lowly to play the part in which he’s cast himself: “Who’d elected me the president of secrets?”

  Yet the answer is as plain as the publication date of his book: September 17, Constitution Day. (I’d never heard of it.) Snowden’s a Constitution dork. He’s the one guy in the office who actually takes a copy of the document off the “free table”; he’s the one guy who actually reads it. He likes reading it, “partially because its ideas are great, partially because its prose is good, but really because it freaked out my coworkers.”

• How Facebook is profiting off of our loneliness

  It goes without saying that it is presumptuous for the company to suggest human Facebook profiles are “authentic” reflections of ourselves, especially when Facebook sees its human users as data points to make a profit from. It is also brazen to suggest that humans are still buying the narrative that meaningful connections can be made online, one we fell for over a decade ago, before the research spoke for itself. Yet Facebook’s desperate attempt to feed us a false narrative about human connection puts its success into a different context.

• 200 years before Orwell, a German naturalist prophesied surveillance capitalism

  In this regard, it’s perfectly appropriate to recall Orwell, but we shouldn’t forget Humboldt as we do. The Uber example is less about surveillance in service of discipline as measuring as an end…to well, to what purpose? Even Uber itself couldn’t say precisely. The company talked about a little “analytic game.” But it could just as well have said that data that is collected but not collated is an insult to human reason.

• Dunkin’ Donuts Sued by New York’s State Attorney General Over Data Breaches

  New York Attorney General Letitia James filed a lawsuit against Dunkin’ Donuts in the Supreme Court of the State of New York on Thursday, September 26, 2019. The complaint alleges fraudulent, deceptive and illegal conduct, and focuses on Dunkin’ Donuts breaches in 2015 and 2018. It claims an alleged failure to respond to these breaches in violation of state laws.

• Migrating From Cloudflare

  But CDNs can get expensive, too. Since they are designed to mitigate costs for such a niche thing (upload storage bandwidth), they usual target enterprise customers. That means that they’re expensive. Or rather, they have been. Cloudflare became really popular because it offers free CDN services, and you only pay for the “pro” features if you need them. This is pretty cool, and it’s why I’ve used Cloudflare for a few years.

  However, I don’t really like Cloudflare. I don’t like how they protect hate forums, where mass shootings are planned; I don’t like how they have grown to the point where a huge portion of the internet’s total traffic flows through their infrastructure; I don’t like how un-seriously they treat their responsibilities. So, I wanted to move off.

• Freedom of Information/Freedom of the Press

  • Moroccan journalist Hajar Raissouni jailed on abortion charges

    Ahmed Benchemsi, regional director for Human Rights Watch, described the verdict as a “black day for freedom in Morocco”, calling it “a blatant injustice, a flagrant violation of human rights, and a frontal attack on individual freedoms.”

  • Moroccan Journalist Sentenced to Prison for Abortion and Premarital Sex

    The trial was perhaps the most prominent example yet in a pattern of arrests and prosecutions of journalists who are critical of the state, on charges seemingly unrelated to their reporting. Last year, Taoufik Bouachrine, the founder and publisher of Akhbar Al Yaoum, was sentenced to 12 years in prison on sexual assault charges, in a prosecution that the United Nations Working Group on Arbitrary Detention concluded was unfair.

  • Moroccan court jails journalist on abortion charge that she denies

    A Moroccan court on Monday sentenced a journalist to a year in prison for sex outside marriage and having an abortion, both of which she denied, in a case that has outraged rights activists, who say the charges are politically motivated.

  • Moroccan journalist sent to prison for ‘illegal’ abortion

    Hajar Raissouni has been sentenced to one year in jail for an abortion she denies having, in a case that has sparked mass protests over women’s rights. The journalist says the charges stem from her government criticism.

• Civil Rights/Policing

  • Kickstarter To Workers and Project Creators: Drop Dead

    The statement was the most blatant slap in the face imaginable to both the workers and the project creators. It says, in essence: drop dead. We do not care what you think. We do not want a union and we are going to try to stop one from forming. We will fire union organizers if we want to, and if they complain to the National Labor Relations Board, they will be facing our lawyers. Kickstarter heard the hundreds of creators who signed our statement, and they have said plainly and unequivocally that they reject our values and will remain an anti-union company.

  • Tamarac City Commissioner Under Fire For Comments To A BSO Deputy During City Meeting

    On Wednesday morning, Broward Sheriff’s Deputy Joshua Gallardo received a Deputy of the Month award at a Tamarac City Commission along with a number of other deputies. But after the photos were taken and the handshakes ended from the feel-good moment, City Commissioner Mike Gelin dropped a bombshell.

    “Joshua Gallardo can you come down for a second,” Gelin said from the front of the commission chambers.

    “It’s good to see you again,” Gelin told Gallardo, as Gallardo approached the front. “You probably don’t remember me but you’re the police officer who falsely arrested me four years ago. You lied on a police report. I believe you’re a rogue police officer, you’re a bad police officer and you don’t deserve to be here.”

  • Sindhi Foundation to hold event during UNGA session to raise awareness against Pak girls’ forced conversion

    According to Human Rights Commission of Pakistan, every month between 40 to 60 Sindhi girls are abducted and forced converted to Islam and the families who report about it are often ignored by police, never submitting a First Information Report (FIR). Therefore, girls are left with their abductors, where they are often coerced into silence through threats or use of violence against them or their families.

    From January 2004 to May 2018, there were 7,430 cases registered, although the numbers are estimated to be higher since many go unreported.

  • I’ll Drink to That: Captain Morgan Website Asks Visitors to Affirm They’re Non-Muslim

    Were they drunk? Last week it was discovered that the U.S. website of rum brand Captain Morgan was asking visitors to check a box confirming that they were “non-Muslim.” After the box became a focus of controversy, it was quickly removed, but questions remain. The UK’s Metro newspaper says that the box “provoked intense theological debate online, with some calling it an example of ‘back door Sharia’ and others branding it ‘corporate racism.’” Neither Islam nor rum is a race, but back door Sharia? That it certainly is.

  • Pakistan college bans boys and girls walking together, notice goes viral. Twitter is divided

    Colleges, to maintain the decorum and discipline are known to pass out various kinds of circulars. However, this university located in Charsadda in the Khyber Pakhtunkhwa province of Pakistan took things to the next level with their latest circular.

    The notice that was issued by the Assistant Chief Proctor, Farmanullahon on September 23, 2019, in the Bacha Khan University, banned male and female students from roaming together in the college.

    The circular stated these activities as ‘un-Islamic’ and indulging in such activities would lead to a complaint to the parents along with a hefty fine.

  • Saudi Arabia’s extraordinary attack on Australia

    Australia led a coalition of countries condemning the Saudis over a series of human rights abuses, including arbitrary detention, torture and the murder of journalist Jamal Khashoggi.

    Ms Mansfield, delivered a statement on behalf of 24 nations expressing her “deep concern” at the human rights situation in Saudi Arabia.

    “Civil society actors in Saudi Arabia still face persecution and intimidation. Human rights defenders, women’s rights activists, journalists and dissidents remain in detention or under threat,” she said.

    “We are concerned at reports of torture, arbitrary detention, enforced disappearances, unfair trials and harassment of individuals engaged in promoting and defending human rights, their families and colleagues.”

• Monopolies

  • Patents and Software Patents

    • AICTE and CIPAM spar over invention guidelines, USPTO invites comments on patenting inventions developed by AI and more

      The USPTO has extended the dates for receiving public comments on “Artificial Intelligence (AI) Patents” to November 8, 2019. The USPTO in August had sought public comments on the patenting of inventions developed by AI (wholly or partially) and inventions of AI. The USPTO had sought information and comments on 12 very interesting questions including – What are elements of an AI invention? If a person instructs an AI to solve a particular problem; has that person invented the solution (once it is solved by the AI)? Should an entity or entities other than a natural person, or company to which a natural person assigns an invention, be able to own a patent on the AI invention? Do current patent laws and regulations regarding inventorship need to be revised to take into account inventions where an entity or entities other than a natural person contributed to the conception of an invention?

  • Copyrights

    • Facebook Takes Down TorrentFreak Post Over ‘Infringing’ Meme

      Facebook has removed a five-year-old link to a TorrentFreak article, presumably over a ‘copyright infringing’ meme. The social media platform took the action following a takedown notice from a photographer, whose image was used for the meme. Interestingly, the portrait in question is public domain.

    • DISH to Subpoena Google, Facebook, PayPal & Twitter to Identify ‘Pirate’ IPTV Operators

      Back in August, DISH Networks filed a $10 million lawsuit against IPTV provider Easybox IPTV. The broadcasting company has now been given permission by the court to identify the IPTV service’s currently-unknown operators, using information held by some the world’s largest Internet companies – and more.