05.02.21

Richard Stallman: “Google Can Forcibly Impose Software Changes and the User Can’t Say No.”

Posted in Google, Interview at 6:57 pm by Dr. Roy Schestowitz

First published a decade back

Summary: “This is the same thing that Microsoft has in Windows,” Stallman told me, “so Microsoft can also impose software changes. Any malicious feature that’s not in the program today could be remotely installed tomorrow.”

I think in practice one of the issues is many of the browsers these days have actually got some surveillance built in and one of the usual excuses these days is security, so they try to prevent phishing scams and things like such that are absolute; I think since Internet Explorer version 7 and Google Chrome and other browsers by default they will track the users and leave a trail, or at least provide the corporate maker of the browser, with a list with pages you visit, so the other releases…

“…Google can forcibly impose software changes and the user can’t say no.”Richard Stallman: Those are non-Free programs. Internet Explorer is non-Free and Google Chrome is non-Free. Not only that, Google Chrome has a universal back door, which is another way of saying auto-update; basically it means that Google can forcibly impose software changes and the user can’t say no. This is the same thing that Microsoft has in Windows, so Microsoft can also impose software changes. Any malicious feature that’s not in the program today could be remotely installed tomorrow. So, once a program has a universal back door, you must consider it not merely malware but universal malware.

Download:

Ogg Theora

As embedded (HTML5):

It’s Not About Richard Stallman

Posted in Free/Libre Software, FSF at 6:48 pm by Dr. Roy Schestowitz

No GPL

First they came for the Founder

And I did not speak out
Because I was not an FSF employee

Then they came for the GPL
And I did not speak out
Because I was not into copyleft, let alone a coder

Let's wrestle with the community. Take them down to our level...Then they came for the activists
And I did not speak out
Because I was not among their targets

Then they came for the community
And I did not speak out
Because I was salaried by IBM

Then they came for me
And there was no one left
To speak out for me

Links 2/5/2021: “Landlock” in Linux 5.13, Comics, Patents Catch-up

Posted in News Roundup at 1:03 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • I put all of my comics online!

      There are 273 comics right now which is a lot, so I’ve added a very simple search using list.js. Here’s what it looks like.

      It searches based on the title and also a few keywords I manually added, which is why “authoritative nameservers” matches the search “dns”.

      I wrote a small custom search function that only matches starting at the beginning of the word, so that the search “tar” doesn’t give you “start”. It feels pretty good to use.

      If you want to read the pages from the Bite Size Linux sequel I mentioned that I started writing 2 years ago and never finished, you can search for “linux2”.

      [...]

      But I felt a bit worried about making all the comics more easily available online because – what if I put them online and then nobody wants to buy the zines anymore?

      I decided this week not to worry about that and just do it because I’m really excited about being able to easily link any comic that I want.

      The zine business is going really well in general so I think it’s a lot nicer to operate with a spirit of abundance instead of a spirit of scarcity.

    • Audiocasts/Shows

      • This Week in Linux 149: Linux 5.12, Fedora 34, elementary OS 6, openSUSE Leap, RHEL 8.4, Pine64

        On this episode of This Week in Linux, we’re going to check out the latest release of the namesake of this show, the Linux Kernel with Linux 5.12 being released. This episode is just stacked with Distro news with the release of Fedora Linux 34, the Release Candidate of openSUSE Leap 15.3, elementary OS 6 Beta has been released, and we’ll check out version 21 of Calculate Linux. That’s not all for Distro news, I did say it was stacked . . . we also got some Enterprise Distros to discuss with Red Hat Enterprise Linux 8.4 aka RHEL then we’ll check out the CentOS alternatives with AlmaLinux 8.4 Beta & Rocky Linux 8.3 RC. We’ve got some cool mobile hardware news this week with updates from Pine64 about the PinePhone Keyboard Addon and the PineTime SmartWatch. There’s just so much good news this week but there’s also a new Linux Backdoor Malware that was found being named RotaJakiro so we’ll talk about that. All that and much more on Your Weekly Source for Linux GNews!

    • Kernel Space

      • Linus Torvalds Reflects In New Interview on Linux’s Earliest Days

        Linus Torvalds gave a long new email interview to Jeremy Andrews, founding partner/CEO of Tag1 (a global technology consulting firm and the second all-time leading contributor to Drupal). Torvalds discusses everything from the creation of Git, licenses, Apple’s ARM64 chips, and Rust drivers, to his own Fedora-based home work environment — and how proud he is of the pathname lookup in Linux’s virtual filesystem. (“Nothing else out there comes even close.”)

      • Intel Proposes Calibrated Timestamps As It Works Towards Vulkan Video – Phoronix

        Since the publishing of the provisional Vulkan Video specification last month, the only driver on Linux to have exposed any early Vulkan Video support is NVIDIA’s Vulkan beta Linux driver. But it would appear that Intel’s open-source developers are working at least towards eventually handling this video acceleration API.

        Given how well Intel has been maintaining their open-source “ANV” Mesa Vulkan driver for Linux systems, it shouldn’t come as much of a surprise that they would likely be supporting Vulkan Video too. While they don’t yet have any public implementation to showcase, a new Vulkan extension proposal this week seems to indicate they are working in that direction.

      • New Realtek Audio Support, VirtIO Sound Driver Ready To Play On Linux 5.13

        While PipeWire continues garnering interest this year for improving Linux sound in user-space, the kernel’s sound drivers continue to be improved upon as well and tacking on support for new devices.

        On Friday the Linux 5.13 sound updates were sent out and subsequently merged to mainline. For this next kernel version there is the introduction of a VirtIO Sound driver that complies with the new VirtIO sound device specification that is part of this I/O virtualization standard. The VirtIO sound is intended for use-cases where audio is needed but device pass-through or emulation is not available or preferred.

    • Applications

    • Instructionals/Technical

      • How To Install Centrifugo on Ubuntu 20.04 LTS

        In this tutorial, we will show you how to install Centrifugo on Ubuntu 20.04 LTS. For those of you who didn’t know, Centrifugo is a scalable real-time messaging server in a language-agnostic way. It can use as a free alternative to pusher.com services. Centrifugo supports WebSocket and SockJS. Websocket or SockJS connections from application clients (from web browsers or other environments like iOS/Android apps). When you need to deliver an event to your clients in real-time you publish it to Centrifugo API and Centrifugo then broadcasts the event to all connected clients interested in this event (i.e. clients subscribed to the event channel). In other words – this is a user-facing PUB/SUB server.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of Centrifugo on an Ubuntu 20.04 (Focal Fossa) server. You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

      • 5 ways to use the move command in Linux – LateWeb.Info

        In this article, you will learn 5 common uses of mv command in Linux. The mv command is not only used for moving files but also for renaming files. However there’s more that you can do with this utility command.

      • Docker Commands for Managing Container Lifecycle (Definitive Guide)

        Knowing the various states of the Docker Container is essential for any serious Docker user.

        I’ll explain the container lifecycle and then show the Docker commands for each stage of the lifecycle.

        But before you learn all those things, let’s revisit the concept of the container once more.

      • Delete UEFI boot entry – Remove Unwanted UEFI Entries on Linux using efibootmgr

        This is quick guide howto remove unwanted UEFI entries on Linux using efibootmgr.

        Sometimes just efibootmgr commands are enough to remove UEFI entries, but some UEFIs need EFI System partition modifications or all UEFI entries are regenerated on reboot.

      • How to select all text in qutebrowser using Ctrl+A | Hund

        This is really not a complicated thing to do, but it took me a while to figure out how to bind the command vvG to a key like Ctrl+A.

    • Games

      • Steam on Linux Gaming Marketshare Steady For April

        For those curious about the Steam on Linux gaming marketshare always as we begin a new month, Valve published their April 2021 figures overnight.

        In March the Steam on Linux gaming marketshare was 0.85%… Pretty much since Steam Play came out for running Windows games on Linux, the marketshare grew and has consistently held in the 0.8~0.9% range. It’s flirted with 1% but hasn’t been above that threshold in years since Steam on Linux first came out and had around a 2% marketshare albeit with a smaller overall Steam customer base at that time.

      • The Sunday Section is here for Linux and gaming fans

        Another week down, plenty of items missed that we couldn’t fit in. Here’s your Sunday Section going over a few random bits of news. Grab a coffee and enjoy.

        How about some Linux distribution news?

        siduction, the distribution based on Debian unstable/sid wrote a blog post to announce the death of Axel Beu. Someone who not many will know but Beu was important to siduction, as their major sponsor that made the project actually sustainable. As a result, they now need to take outside donations so they’ve setup a spot on Open Collective – one for the EU and the US. R.I.P Axel Beu.

        Solus, the home-grown distribution with its own Budgie desktop environment has a new development blog post up, which highlights that they’ve now: released Budgie 10.5.3 with plenty of bug fixes, introduced support for the GNOME 40 stack, lots of quality of life changes have also been made along with upgrades to KDE Framework 5.81.0 and Plasma 5.21.4 as well.

      • Running Steam and Windows Games on Slackware Linux without Multilib

        Few years ago, i was quite lucky to get 3 free games from Ubisoft Holiday Bundle, Assasin Creed IV: Black Flag, World in Conflict: Complete Edition, and Watch Dogs. I played Assasin Creed IV for a while under Windows in my spare time, but later on, i rarely login to my Windows machine (it’s only available on my laptop, not in my other machines), so it’s kinda abandoned.

        The arrival of Steam under Linux does give some inspiration, but it also comes with it’s own problems. In order to install/use Steam you need to have 32 bit libraries installed. This can be achieved in Slackware by using multilib provided by Eric Hameleers, but you must be really careful when using Slackware-Current since changes in -current can break your multilib. It’s not officially supported by Slackware, so you must rely on community to help your issues if you encountered them. Many people have been using this approach and it worked just fine for them. I didn’t install multilib on my machines because i’m not really a hard core gamers. I just play games on my spare time and it’s not my highest priority.

      • How To Install Steam on Linux Desktop | Play Your Favorite Games

        If you are a gaming and Linux enthusiast, you have probably been pondering for a long time about how to play professional games in a Linux environment. No wonder earlier gaming was a daydream on Linux distributions. But with the development of Steam, you can now smoothly play games on Linux. Steam had become available for Linux in 2013; since then, the popularity graph of Steam has been increasing. Even if you are not a gamer, you would not mind giving Steam a shot to check how it works on Linux.

        Well, how smooth and good Steam is on Linux? Can it utilize the GPU cores as Widows or Mac can? Do games buffer on Steam? If you are a newbie in Steam, a lot of questions are playing around your head. All the answers are about to end, only if you stay with the post till the end.

    • Distributions

      • IBM/Red Hat/Fedora

        • Rocky Linux 8.3 RC1 – CentOS Replacement Brings First Release Candidate

          The first pre-release of Rocky Linux is here. It is immediately available for download and for you to test.

        • 15 unusual paths to tech | Opensource.com

          The lives we led before we arrived where we are now sometimes feel like a distant land full of memories we can’t quite recall. And sometimes we have lived experiences that we’ll just never forget. Many times those experiences teach us and help us appreciate where we are today. We may even wish for those days as we recount our past lives.

          What did you do before tech? Tell us in the comments.

          I did janitorial work in the university cafeteria after it closed every day, and I got extra pay cleaning it up after live gigs held there (which happened about 4 times a year). We started to clean up for the following morning after the venue was vacated about 4 am, and had to get it cleaned and set up for opening the following morning at 7 am. That was fun. I worked summers in a livestock mart in the West of Ireland, running the office, keeping the account books, minding the cash that came through. I also had stints as a barman, lecturer, and TA at a local university while I was a post-grad, and once spent a few days stocking a ship with boxes of frozen fish in a Dutch port. —Dave Neary

          I was a musician in the Marine Corps, but being a bassoonist in the Corps means that you’re mostly playing bass drum. After burning out, I changed to data comms for my second enlistment. —Waldo

      • Debian Family

        • Debian Have Re-elected Jonathan Carter As The Leader Of The Project

          Developers of the Debian Linux distribution have re-elected Jonathan Carter as the leader of the free operating system project.

          Jonathan Carter is a South African based in Cape Town who works part-time for the African Institute for Mathematical Sciences, where he does system administration work on the institutional network that it uses in its centers across Africa. He has served as the Debian Project Lead since April 2020 and was re-elected for another year.

          Carter had only one opponent, Sruthi Chandran. She contested the elections in 2020 as well, but was unsuccessful that year too. Carter received 421 votes while Chandran was backed by 312 developers. The project has more than 1000 developers spread all over the globe.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Programming/Development

        • CVE-2021-31799: A command injection vulnerability in RDoc

          There is a vulnerability about Command Injection in RDoc which is bundled in Ruby. It is recommended that all Ruby users update RDoc to the latest version that fixes this issue.

          [...]

          RDoc used to call Kernel#open to open a local file. If a Ruby project has a file whose name starts with | and ends with tags, the command following the pipe character is executed. A malicious Ruby project could exploit it to run an arbitrary command execution against a user who attempts to run rdoc command.

        • HowTo: Using a Pager in the 21st Century | by Dmitrii Eliuseev | May, 2021 | Medium

          In the 90th I was a student and the pager for me was something like a Star Trek Communicator, a piece of the cutting edge technology. It is fun to remember it because now I know that technologically the paging protocol is very straightforward. From the encoding perspective, the pager is not so different from the wireless doorbells that are selling now for 5$ in Aliexpress.

          [...]

          Bits are encoded with a frequency shift keying (FSK) modulation using 9 kHz bandwidth and 1200 bits per second speed, all this message is transmitting in about 0.5s.

          Looks simple, and it really is. I will skip the details, those who are interested can read the protocol specification. It is even easy to draw all these bits with pen and paper — these protocols were simple in the past, I think nobody can do it with modern GSM or WiFi. In POCSAG messages there is no authentication, no security keys — all messages to all paging company customers are available on-air “as is”, and by the way, can be easily decoded with PC software like PDW.

          How customers are receiving their messages? Every pager has its own unique ID, called CAP — Channel Access Protocol or RIC — Receiver Identification Code. All pagers from the paging provider are listening to the same frequency, let’s say, 164 MHz. If the message code is equal to the pager code, the pager saves the message and makes the loud “beep”. That’s it. It’s a one-way communication, there is no confirmation sending back, the pager has only the receiver and no transmitter at all. The logic and hardware are extremely simple, and because of that, the pager can work for more than a month from a single AAA battery. Interestingly, pagers are still in use in some countries even now — in the hospitals or emergency services, where it is important to have a portable and lightweight device with long battery life.

  • Leftovers

    • Hardware

      • UVA Engineering Computer Scientists Discover New Vulnerability Affecting Computers Globally

        A team of University of Virginia School of Engineering computer science researchers has uncovered a line of attack that breaks all Spectre defenses, meaning that billions of computers and other devices across the globe are just as vulnerable today as they were when Spectre was first announced. The team reported its discovery to international chip makers in April and will present the new challenge at a worldwide computing architecture conference in June.

        The researchers, led by Ashish Venkat, William Wulf Career Enhancement Assistant Professor of Computer Science at UVA Engineering, found a whole new way for hackers to exploit something called a “micro-op cache,” which speeds up computing by storing simple commands and allowing the processor to fetch them quickly and early in the speculative execution process. Micro-op caches have been built into Intel computers manufactured since 2011.

      • Computer scientists discover new vulnerability affecting computers globally

        Because all current Spectre defenses protect the processor in a later stage of speculative execution, they are useless in the face of Venkat’s team’s new attacks. Two variants of the attacks the team discovered can steal speculatively accessed information from Intel and AMD processors.

        “Intel’s suggested defense against Spectre, which is called LFENCE, places sensitive code in a waiting area until the security checks are executed, and only then is the sensitive code allowed to execute,” Venkat said. “But it turns out the walls of this waiting area have ears, which our attack exploits. We show how an attacker can smuggle secrets through the micro-op cache by using it as a covert channel.”

    • Health/Nutrition

    • Integrity/Availability

      • Proprietary

        • Apple captures 42% share, Samsung largest smartphone OEM globally

          Riding on the success of its iPhone 12 series, Apple captured 42 per cent market share (by value) in the global smartphone market that posted a record $113 billion in sales for the first time in the first quarter (January-March) this year, according to a new report.

        • Basecamp implodes as employees flee company, including senior staff

          After a controversial blog post in which CEO Jason Fried outlined Basecamp’s new philosophy that prohibited, among other things, “societal and political discussions” on internal forums, company co-founder David Heinemeier Hansson said the company would offer generous severance packages to anyone who disagreed with the new stance. On Friday, it appears a large number of Basecamp employees are taking Hansson up on his offer: according to The Verge contributing editor Casey Newton’s sources, roughly a third of the company’s 57 employees accepted buyouts today. As of Friday afternoon, 18 people had tweeted they were planning to leave.

        • Security

          • “Landlock” Lands In Linux 5.13 For Unprivileged Application Sandboxing

            Going back about a half-decade has been the Landlock Linux Security Module (LSM) as a means of allowing even unprivileged processes to create “powerful security” sandboxes. After a number of rounds of reviews and revisions over the year, Landlock has finally been mainlined for Linux 5.13!

            The Landlock LSM pull request was submitted earlier in the week and wasn’t acted upon right away leaving us to wonder if it would be another cycle where it’s left out… But on Saturday night Linus Torvalds went ahead and merged it.

          • Privacy/Surveillance

            • Google’s FLoC is Based on the Right Idea, but With the Wrong Implementation

              FLoC (Federated Learning of Cohorts) is a new technology that aims to solve the privacy concerns associated with cookies. Unlike the old way of using 3rd party cookies to build an advertising ID, FLoC uses data from your searches to place you into a predefined group (called a cohort) of people interested in similar topics as you.

              Advertisers can then serve the same ads to the group of people that are most likely to purchase their product. Because FLoC is built into Chrome, it can collect much more data than third-party cookies. For the average consumer, this should be a huge concern.

              In simple terms, if cookies were bad, then FLoC is down-right evil.

    • Defence/Aggression

      • In 2018 the US Was at War With Uyghur Terrorists. Now It Claims They Don’t Even Exist

        In the dying months of his administration, President Donald Trump removed from the United States terrorist list a little-known paramilitary organization called ETIM, an acronym that stands for either the East Turkestan Independence Movement or the East Turkestan Islamic Movement, depending on whom one asks. The group is also sometimes known as the [East] Turkestan Islamic Party (TIP or ETIP).

      • Opinion | Bottom-up Politics: Grassroots Activism Behind Pro-Palestine Shift in the US

        A decisive US public opinion shift must also not be ignored, as it is empowering voices within the Democratic Party to speak out more freely without jeopardizing their political careers.

      • Oregon Lawmaker Who Opened State Capitol To Far-Right Protesters Faces Charges

        The decision to charge Nearman follows a monthslong investigation by state police that began Dec. 21. As lawmakers met in a special legislative session to take up COVID-19 relief that day, surveillance footage showed Nearman exiting the locked Capitol building into a throng of protesters who were trying to get inside the statehouse. In doing so, he appeared to purposefully grant entrance to far right groups demanding an end to ongoing restrictions related to COVID-19.

    • Environment

      • Energy

        • Biden toots horn for Amtrak and future of US rail travel

          President Joe Biden — he’d probably be just as happy with his nickname Amtrak Joe — celebrated the national rail system’s 50th anniversary Friday by urging huge funding increases as part of a $2.3 trillion US infrastructure makeover.

          Dubbed the passenger rail system’s best customer, Biden became famous for daily commutes between Washington and his Delaware home during the 36 years he was a senator.

    • Finance

    • AstroTurf/Lobbying/Politics

    • Censorship/Free Speech

      • China blocks mention of Oscar-winner Chloé Zhao

        What happened? The answer is a form of nationalist backlash that is increasingly common. Soon after Ms Zhao won the Golden Globe, internet-users dug up comments she had made in 2013, saying China is “a place where there are lies everywhere”. Censors pounced, removing any mention of her from the Chinese internet.

        Nationalist [astroturfers] have long been intolerant of speech they deem critical of China. The government is now endorsing these attacks, perhaps for fear of looking weak if it doesn’t. It has intervened to cancel the distribution of “Nomadland” in China.

        Ms Zhao is not the first to be dealt with in this way. In June last year Hao Haidong, a Chinese footballer who is the country’s top scorer and now lives abroad, said that the Communist Party’s rule “has caused horrific atrocities against humanity”. Chinese websites swiftly deleted his name.

      • Indigenous activist in Brazil says accused of ‘slandering’ Bolsonaro

        A leading indigenous activist in Brazil said she has been summoned to appear before police after being accused of “slandering” the government of far-right president Jair Bolsonaro.

        Other Bolsonaro critics have been interrogated by police in recent months, part of what one newspaper called an “intimidation campaign” by the government.

        “I was summoned by the Federal Police in connection with an investigation into the Maraca series,” Sonia Guajajara, the coordinator of the Association of Brazil’s Indigenous Peoples (APIB), said Friday on Twitter.

    • Freedom of Information/Freedom of the Press

      • Repressive Laws Trigger Massive Press Freedom Decline for Malaysia

        Since the new leader, Muhyiddin Yassin, was sworn in on March 1, 2020, press freedom has come under attack, with the government relying on pre-existing laws, and a new “anti-fake news” decree targeting journalists, media experts say.

        These measures introduced during the pandemic, along with cases of journalists being questioned or raided by police over their coverage, led to an 18-point decline for Malaysia on the annual World Press Freedom Index. Released by media watchdog Reporters Without Borders (RSF), the index ranked Malaysia 119 out of 180 countries, with 1 being the most free.

    • Civil Rights/Policing

    • Internet Policy/Net Neutrality

    • Monopolies

      • Opinion | Tim Cook, Apple, and Runaway Limitless Corporate Greed

        People must push Congress to address this injustice.

      • Washington keeps close eye as Apple antitrust fight goes to court

        Apple will head to federal court in California on Monday to defend itself in an antitrust trial with Epic Games, a case that is expected to be closely watched in Washington as lawmakers and regulators crack down on the market power of Silicon Valley giants.

        Epic Games is suing Apple over claims of anti-competitive behavior. The dispute stems from Apple’s decision in August to kick Epic’s popular Fortnite game out of its app store after the developer set up its own payment system in an attempt to avoid the 30 percent commission fees charged by Apple.

        The trial comes amid a backdrop of federal and state-led antitrust lawsuits against tech giants, including Facebook and Google, and as Congress weighs steps to revamp antitrust laws after a House Judiciary panel released a blockbuster report alleging Apple and other companies stifled competition.

      • Apple’s App Store Had 78% Margin in 2019, Epic Expert Says

        Apple Inc.’s App Store had operating margins of almost 78% in fiscal year 2019, according to testimony from an Epic Games Inc. expert witness based on documents obtained from the iPhone maker.

        The figure comes from Ned Barnes, a financial and economics researcher, who said he obtained documents “prepared by Apple’s Corporate Financial Planning and Analysis group and produced from the files of Apple CEO Tim Cook.”

      • Explain-away exercise: mention of antisuit injunction case in negotiations may lead to Munich anti-antisuit injunction (IP Bridge v. Huawei)

        It’s antisuit time again. The related case law is evolving in ever shorter intervals, and I’ll give a talk about that topic on May 19 in a European Commission (specifically, DG GROW) webinar, entitled Enforcement of Standard-Essential Patents — current bottlenecks and possible solutions. I’ll be one of the three panelists on antisuit injunctions, and I’m looking forward to providing an overview of extraterritorial issues in standard-essential patent (SEP) litigation and their interdependencies. I’ll talk about developments in multiple jurisdictions on three continents and make a specific proposal for a way out without having to agree on a new international treaty. Access will be free, but typically those webinars have only a limited window for sign-up. Subsequently to my little contribution to the event, I’ll upload my slide deck to Scribd and post something to this blog.

        Both the European Commission and the Munich I Regional Court are aware of my occasional criticism of their COVID and/or patent policies, yet I know they completely accept that I exercise (within reason, of course) my freedom of speech, and I don’t feel unwelcome in those institutions.

      • UKIPO’s quest to become world-beater ‘must strike right balance’

        In-house and private practice lawyers say UKIPO transformation plans are welcome but should be balanced with a focus on education and data sharing

      • Patents

        • How bundling patents with other benefits can seal licensing deals [Ed: This perpetuates the lie that patents are "rights" (they are not) and patent extortion of euphemised as "licensing deals"]

          Sources from two companies, two universities and two law firms reveal why know-how can be just as valuable as the patent rights themselves

        • IPO Webinar on Compulsory Licensing and Other Government Actions

          The Intellectual Property Owners Association (IPO) will offer a one-hour webinar entitled “Compulsory Licensing and Other Government Actions: To Use or Not To Use?” on May 5, 2021 from 2:00 pm to 3:00 pm (ET). Colene Blank of 3M Innovative Properties Co., Thomas A. Brown of Dell Technologies, and Sharon Reiche of Pfizer will explore the extent to which governments should assume patent licensing powers to make crucial medical related supplies available, and discuss the voluntary IP licensing initiatives taken by companies in the pharmaceutical, medical device, and IT industries in meeting the challenges of the current pandemic.

        • IDEA Act (S.632) [Ed: Instead of classifying patents with terms like "for monopolist" or "for trolls" they resort to racism and want us to fight each other over identity politics (corporations prefer it that way)]

          I previously mentioned the IDEA Act (S.632) that is pending before the Senate. The proposal would have the PTO collect demographic information about patent inventors. This includes “including gender, race, military or veteran status, and any other demographic category that the Director determines appropriate.” The information is to be kept confidential and away from the application file (so that examiners are not biased).The proposal states that the collection is “voluntary . . . [information] related to each inventor … may be submitted voluntarily by that inventor.”

        • Beyond “pay-for-delay” – the EU-Commission’s investigation into patent filing practices and communication measures

          On 4 March 2021, the European Commission (Commission) opened a formal investigation into alleged anti-competitive conduct by the pharmaceutical company Teva. The Commission suspects Teva of having deployed a strategy with the intention of delaying the market entry of generic drugs that competed with Teva’s originator drug Copaxone. This may have amounted to an abuse of a dominant position prohibited under Art. 102 TFEU, the Commission states in its press release.

          While the Commission has sanctioned patent settlements that delay the market entry of generic drugs (“pay-for-delay”) in a number of cases, with this new investigation, the Commission is exploring two novel “theories of harm”. The authority is concerned that Teva’s patent filing practices – namely the filing and selective withdrawal of divisional patents – and communication measures impeded the market entry of generic drugs.

          [...]

          Teva’s drug Copaxone is used to treat multiple sclerosis and contains the active ingredient glatiramer acetate. In 2015, the patent protection for glatiramer acetate expired and generic drugs entered the market, driving Teva’s sales down. Teva responded by introducing a three-times-per-week version of the drug with a different dosage (40 mg/ml instead of 20 mg/ml daily) combined with a potential communication campaign that the Commission says may have created a false perception of health risks associated with competing generic drugs.

          Further, Teva filed various divisional patents that related to the 40 mg/ml three-weekly dosage regimen of Copaxone and withdrew at least one of the patents at the European Patent Office (EPO) during the course of opposition appeal proceedings and before the EPO’s Technical Board of Appeal issued its preliminary opinion on the validity of the patents. Teva also enforced its patents and, inter alia, successfully sought a preliminary injunction against Mylan in Germany; it also unsuccessfully challenged decisions by regulatory authorities to authorise generic versions of Copaxone in the United Kingdom and the Netherlands.

        • Canopy v GW is new cannabis case everyone’s watching [Ed: Only fanatics funded by litigation firms would celebrate patents on cannabis]

          With UCANN v Pure Hemp dead in the water, counsel are turning to a CBD case in the Western District of Texas for answers on cannabis patent law

        • Top Drugs Losing Patent Exclusivity in 2021

          Earlier this month, Eric Sagonowsky reviewed the top ten drugs in the U.S. (in terms of sales) losing patent exclusivity in an article published by Fierce Pharma.

          These drugs are Lucentis (Genentech/Roche), Bystolic (AbbVie/Allergan), Vascepa (Amarin), Nothera (Lundbeck), Narcan (Emergent Biosolutions), Brovana (Sunovion), Sutent (Pfizer), Saphris (AbbVie/Allergan), Amitiza (Mallinckrodt), and Feraheme (Amag Pharma). The nature of these losses and consequences thereof can be seen from the article, synopsized here.

          Lucentis (ranibizumab), Roche’s drug for macular degeneration, is a humanized mouse monoclonal antibody fragment specific for vascular endothelial growth factor A. It is related to Roche’s Avastin (bevacizumab) product, having been modified for injection into the vitreous humor of the eye for the treatment of wet age-related forms of the disease (AMD).

        • Naked TM Licensing Allowed, even if Insufficient establishing TM Rights

          The Federal Circuit has denied en banc rehearing in the interesting case of Authentic Apparel Group, LLC v. US. In the case, the court enforced an agreement that was pretty-dang-close to a naked trademark license — holding that use of a mark for decoration on clothing still counts as a trademark-use for licensing purposes.

          [...]

          I see this as a very interesting issue for the US Supreme Court, but the briefing and setup of the case has not been 100% top notch.

        • ‘Put your competition hat on’: pay-for-delay post-Lundbeck

          With the CJEU signalling the end of reverse payment settlements, sources advise how pharma can avoid making contracts that conflict with competition law

        • Pharma innovators commit to use IP differently in poorer nations [Ed: Publicity stunts with misnomers. They try to make it look like a generous act when they seek monopolies and then claim to give away "property"]

          In a move that includes the pharma industry’s largest-ever commitment to approach intellectual property differently in poorer countries, 26 companies this week pledged to follow 10 principles that commit them to using IP in ways that deliver value to patients and societies.

          The pledge, called IP Principles for Advancing Cures and Therapies (IP PACT), was launched on World IP Day on Monday, April 26, by innovator companies including Novartis, Pfizer and UCB, and supporting trade associations such as IFPMA and EFPIA.

        • Five lessons learned from Albright’s early trials [Ed: This court is self-rigging for the sole purpose of money; why aren't those sites blasting it? Because they're owners and control but those who profit from it...]

          The scope of rebuttals is broader in the Western District of Texas, and local witnesses may help secure victories

        • BOE Technology’s patent portfolio explosion gives it a lot of firepower

          The Chinese display giant wants an arsenal of IP to allow for offensive and defensive manoeuvres. As its presence in hot tech areas grows, its investment seems justified

        • World IP Day 2021: SMEs in the spotlight [Ed: Twisted propaganda with a misnomer ("IP") wants you to believe monopolies are beneficial to small businesses]
        • Affinor Growers Files for Patent Protection in Eleven Additional Countries
        • Patent Applications Hit Record High in 2020; SeproTec CEO on Growth Drivers [Ed: "Sponsored Content" mans sales; now the EPO 'news' is paid for spam and that overlooked the aspect of reduced patent quality]

          International patent applications continued to grow even as the world plunged deep into the pandemic. Patent filings at the World Intellectual Property Office (WIPO) actually reached “the highest number ever” at 275,900 applications in 2020, an increase of 4% over the previous year. Even more remarkable given the estimated 3.5% contraction in global GDP.

          Leading filers, the US and China, also showed a growth in patent applications as reported by the WIPO in March 2021. According to SeproTec’s Juan Julián León, since China has steadily risen up the ranks of the world’s top patent filers, taking over the No. 2 spot from Japan after 2016, “we have seen more organizations taking control of their patent translations not only in China, but globally, by centralizing their translation needs.”

        • UKIPO affirms end of temporary fee cuts
        • BASF targets Carpmaels in €1bn row over missed patent deadline

          German company BASF is facing off against Carpmaels & Ransford at the England and Wales High Court in a billion-euro dispute following the attorney firm’s “admitted negligence” in missing an appeal deadline.

          According to written opening submissions seen by Managing IP, Carpmaels’ failure to file an appeal against an EPO revocation decision resulted in BASF missing out on a lucrative monopoly.

          In a skeleton argument filed with the court this month, BASF alleged that the total “loss of profits” it suffered was €1.05 billion ($1.2 billion). The trial began on April 16.

        • IP Forecast: PTAB Fee Bias Claims & Uggs At The Fed. Circ.

          The Federal Circuit plans to turn its attention to the latest constitutional challenge against Patent Trial and Appeal Board judges, another patent battle between Apple and Qualcomm, and an Australian apparel company’s argument that “ugg” is generic — plus all the other major intellectual property matters on deck for the coming week.

          While the Supreme Court has yet to issue its much-awaited ruling on whether or not PTAB judges are properly appointed in U.S. v. Arthrex, the Federal Circuit will hear an argument Monday that claims patent judges are encouraged to rule against patent holders because of the structure of their…

        • Substantive Examination of Patent Applications According to The Angolan Patent Law

          This study aims to provide an approach of the topics followed by a patent examiner when a patent application is processed by a Patent Office during the substantive examination phase, in the context of the Angolan Patent Law (APL). As a matter of comparison, the same topics are evaluated according to the European Patent Convention (EPC), wherein we focus on the main differences between the two legal frameworks.

          Angola is a Member State of the World Intellectual Property Organization (WIPO) since 1985, a member of the Paris Union for the Protection of Industrial Property since 2007, and a member of the Patent Cooperation Treaty (PCT) since 2007. Moreover, Angola is a member of the World Trade Organization, and consequently of the Agreement On Trade-Related Aspects Of Intellectual Property Rights(TRIPS) since 1996.

          Angola establishes the provisions regarding the protection of Industrial Property by means of the Industrial Property Law of February 28, 1992. On the other hand, the European Patent Convention (EPC) is in its 16th edition, which is in force since July 1st, 2020.

        • Jörg Thomaier: “A company must have the right to show up at the EPO” [Ed: This is actually illegal, but the EPO doesn't care because there's no rule of law over there]

          Jörg Thomaier: Bayer is being very vocal against the compulsory part of it, because we don’t see there being any power from the authorities to force everyone into video conferencing. We have the right to be heard, according to the European Patent Convention, and the right to be heard does not mean just calling in. Of course, on one level video conferencing is more than just being on the phone. But it’s still not the same as having a live discussion.

          [...]

          But if you are the attacking party and you lose at the Board of Appeal, in almost all countries you can still go to the regular court and try to attack the patent again. Nothing lost.

          So I expect the voluntary ratio of full video hearings will not be as high as the EPO would like, because of the importance specifically it has for patentees. But from my perspective the EPO should live with it because their obligation is to have full, fair proceedings and processes to end up with validly-executed and examined patents.

          Patent attorneys have put video conferencing under scrutiny for a lack of data security. Is this a worry for Bayer?

          It was never a worry for us, as almost all patent proceedings are public. So even if someone comes in, then that’s OK. But data security falls under the title of a technical issue which parties can resolve. In MS Teams, the initiator can block the recording option for anyone. If the EPO issue the invites, which they should do if it’s a hearing, they can ensure that participants are not recording. So, it’s very rare that they are still in the prosecution period and still not published and secret.

          What are your expectations for the outcome of next month’s G 1/21 proceedings?

          It’s very difficult. After seeing how the Enlarged Board of Appeal decided on Rule 28, nothing is impossible. I have the impression that the corrective means for which the Enlarged Board of Appeal is in the European system did not work for Rule 28. Because, from my perspective, the EPO definitely overstepped what they could do, because they changed the law by regulation. But we are convinced that it would not be OK for the EPO to force people into video conferencing.

        • Brexit: implications for holders of intellectual property and domain names [Ed: "The Unitary Patent System has yet to come into force," but says, but actually it is dead; law firms that say something else are just lying for profit. Lots of loaded and misleading statements there.]

          Brexit has no effect on European patents designating the UK that are currently in force. This is because the European Patent Convention and the European Patent Office (the EPO) that manages it are independent of the EU and in any event, have always had a number of non-EU members such as Switzerland, Norway and Turkey. The UK remains part of the European Patent Convention as a similar non EU European member.

          The filing and prosecution of European applications, whether directly at the EPO or via the Patent Co-operation Treaty route, is also entirely unaffected by Brexit. New and pending applications can continue to designate the UK where so required. At the grant stage, the applicant can opt for national protection in the UK and other countries, exactly as at present. Applicants who have filed for patents in the UK can still claim priority for that application in other countries.

          UK-based European patent attorneys will continue to represent clients at the EPO, as at present.

          [...]

          The Unitary Patent System is intended to provide patentees with an option to apply for a single pan-EU unitary patent alongside benefitting from a Unified Patent Court, which would hear and determine patent disputes on an EU-wide basis. The Unitary Patent System has yet to come into force (and it is currently being challenged in the German courts), and the UK’s inclusion in the scheme remains uncertain as it is subject to negotiation with the EU – so the question of whether a unitary patent covering the UK will become available for businesses, is very much up in the air.

        • Being Aware Of How Inventive Step Is Determined in Japan. Part 1 [Ed: It's the wrong way to assess patents; it's also a loophole for false patents that weren't ever meant to be granted in the first place.]

          Inventive step is the most formidable hurdle among patent registration requirements.

        • Software Patents

          • Want an Eligible Patent: Explain the Technological Advance in Sufficient Detail

            The district court dismissed WhitServe’s patent infringement complaint with prejudice — finding the claims ineligible as a matter of law. On appeal, the Federal Circuit has affirmed. WhitServe is the brainchild of patent attorney and inventor Wesley Whitmyer of Whitmyer IP Group. The patent at issue here. U.S. 8,812,437.

            [...]

            a client data request, sent from at least one client computer via the Internet to said central computer, the client data request comprising a request for a backup copy of at least one of the plurality of data records;

            software executing on said central computer to receive, via the Internet from the at least one client computer, the request for a backup copy of at least one of the plurality of data records including the internet-based data in the at least one of the plurality of data records that has been modified by said data processing software;

            and software executing on said central computer to transmit the backup copy of the at least one of the plurality of data record including the internet-based data in the at least one of the plurality of data records that has been modified by said data processing software to the client site for storage of the internet-based data from the at least one of the plurality of data record in a location accessible via the at least one client computer;

            wherein the location is accessible by the at least one client computer without using the Internet.

          • IPLAC Panel Discussion on Section 101 [Ed: Iancu uses former job at USPTO to become like a lobbyist for software patents now, very much like Kappos (IBM)]

            The Intellectual Property Law Association of Chicago (IPLAC) Corporate Committee will be presenting panel discussion entitled “Patent Focus: Section 101″ on May 6, 2021 from 11:00 am to 12:00 pm (CT). A. Christal Sheppard, Professor, University of Nebraska College of Law, and Distinguished Fellow, NGCT – Nebraska Governance and Technology Center will moderate a panel consisting of Andrei Iancu of Irell & Manella; Rob Sterne of Sterne, Kessler, Goldstein & Fox; Gwilym Roberts of Kilburn & Strode LLP.

          • Patenting visual effects inventions in Europe [Ed: More fake patents like software patents disguised as something they're not]

            Many of us will have seen Queen Elizabeth II apparently delivering an improbable dance as part of an address to the nation or, perhaps, even tuned in to a very unusual phone call seemingly taking place between former US Presidents Obama and Trump. These are just some examples of so-called “deepfakes”, in which the face of one person in a video is convincingly replaced with that of another using sophisticated machine learning technology. Deepfakes are gaining in popularity and, while the technology has raised some existential questions about the threats of misinformation on our democracies, it has also found its uses in the film industry.

      • Trademarks

        • [Older] Unified Patents moves into brands to take on online infringers for SMEs

          Unified Patents made its name by fighting hard against NPE’s at the PTAB. Now it has launched Unified Brands, a venture aimed squarely at counterfeiters. Trevor Little, editor of IAM’s sister publication World Trademark Review, spoke to COO Shawn Ambwani to find out more

        • First thoughts: ‘Monopoly’ case may shift onus on bad faith

          Trademark lawyers and brand owners may have been keeping at least one eye on the EU General Court last week in the hope that it might provide some clarity on bad-faith registrations.

          However, the court may have instead thrown another spanner in the works, while also providing an interesting lesson in the importance of expert witness testimony.

          [...]

          In a judgment handed down on Wednesday, April 21, in Hasbro v EUIPO, the court found that toy company Hasbro’s re-filing strategy related to the board game Monopoly was designed to avoid having to prove genuine use.

          According to the court, the company’s 2011-registered EU trademark (EUTM) for ‘Monopoly’ covered identical goods and services to earlier ‘Monopoly’ EUTMs stretching back to 1998. The General Court affirmed a 2019 decision by the EUIPO’s Boards of Appeal (BoA) to invalidate Hasbro’s EUTM for goods and services in classes 9, 16, 28 and 41, which include games and entertainment.

          Croatian board game seller Kreativni Događaji sought to invalidate the ‘Monopoly’ mark in 2015. Under EU Regulation No. 207/2009 (Community trademark regulation), EUTMs can be invalidated if the owner cannot prove genuine use five years after registration.

        • BioVaxys Broadens Intellectual Property Portfolio Commercial Trademark Application Filed for CoviDTH Diagnostic

          BioVaxys Technology Corp. (CSE: BIOV) (FRA: 5LB) (OTC: BVAXF) (“BioVaxys” or “the Company”), the world leader in haptenized antigen vaccines for antiviral and cancer applications, announced today that it has filed with the United States Patent & Trademark Office (“USPTO”) an intent-to-use application to register the mark CoviDTH®, it’s novel disposable T-cell immune response diagnostic for SARS-CoV-2.

      • Copyrights

        • A Military Career in Jeopardy For TV Piracy: Fair Punishment or a Step Too Far?

          After almost two decades of lawsuits and criminal cases against pirates of all kinds, no one should be surprised that supplying infringing content has the potential to end badly. Nevertheless, it’s a risk that some people are still prepared to take, sometimes with life-altering consequences. Don’t do the crime if you can’t do the time? Perhaps, but there are real lives at stake here too, let’s not forget that.

Audacity for Audio Editing With Free Software Only (GPL)

Posted in Free/Libre Software, Review at 11:26 am by Dr. Roy Schestowitz

Video download link

Summary: Audacity is still our software of choice for audio editing; it had a new stable release just 10 days ago (GPL-licensed)

THE TechBytes audiocast uses Mumble (instance we self-host with Murmur at the back end) for recording and Audacity for editing. A decade or more ago we had used all sorts of applications, including several SIP-based ones, but for multi-user chats Mumble is fantastic and we warmly recommend it. It doesn’t do video, but it copes with audio very well and it’s very easy to use. Some time in the future we’ll try to introduce more people to it.

“The licence is GPLv2 and the project will turn 21 later this month.”The above video focuses on Audacity and how it can generally be used (by virtually anybody). It’s Free/libre software with many developers involved (they welcome more), it still has new releases (very active project; last release 10 days ago, according to Wikipedia), and it runs across platforms with standardised formats. There’s no vendor lock-in and anyone can use it. The learning curve is not steep (especially for people who edited sounds before) and it’s not as monstrous as proprietary counterparts, weighing at 65.6 MB for Windows, 86.0 MB for macOS, and for GNU/Linux it varies depending on the distribution. The licence is GPLv2 and the project will turn 21 later this month.

Audacity logoI’m not new to audio editing, so Audacity was very easy for me to learn. It’s the only application I’ve ever used to edit TechBytes and it keeps getting better all the time. It’s also very stable in my experience. It case of crashes it can (and does) recover data.

Here’s where to download the software.

TechBytes Episode 90: “Big Brother That Would Give Mr Orwell Nightmares.”

Posted in TechBytes at 10:11 am by Dr. Roy Schestowitz

TechBytes 2021

Direct download as Ogg (1:51:13, 55.5 MB) | High-quality MP3 (73.0 MB)

Summary: An episode which focuses on the impact of COVID, privacy implications, games, and so-called ‘cancel culture’

In this episode: Roy and Tim (TechBytes hosts)

Show notes 02/05/2021 (by Tim)


1. Welcome back – summary of years since TechBytes last aired. Goals and intentions of future shows.

  • Tim elaborates on the last few years including his move of 260 miles to the North East of the UK.

2. Police, Crime, Sentencing and Courts Bill 2021 – Why you should be concerned.

  • What is it?
    We look at the reasons why the bill is being introduced (according to the Government) and ask the question of why it’s needed in light of previous protests in UK history.
  • What powers does it give police?
    We consider the ambiguity of the wording used and briefly look at who is in control of these powers and the implications. Use of wording is highlighted, meaning that scope of interpretation is vast.
  • Why is it being implemented?
    Is this legislation required? Recent events are highlighted and its questioned as to “Why now?”
  • Why should we be concerned?
    Roy and myself look at what could come from this bill and the fact that it will not be removed, merely added to in the years to come.

3. YouTube – Big brother that would give Mr Orwell nightmares.

  • The state of YouTube today for those earning a living from its platform.
    How things in YouTube have changed, including the prevalence of self-censorship.
  • What YouTube seems to want to promote.
    The de-listing of content creators in favour of sponsorship-supported media.
  • Brief discussion over YouTube victims and alternatives.
    How YouTube can effectively hold creators to ransom with threat of de-monetising and removal from the platform.

4. Microsoft Gamepass – future implications.

  • A great idea with a Microsoft sting in the tail.
    Microsoft purchases and the Gamepass platform – you never own the downloads or streamed content.
  • Implications for gamers.
    What this could mean for gamers – we already see evidence of other console platforms being left out of titles. Could Microsoft be playing the long game in an effect to bring the majority to their platform?

5. Appeal to listeners for contribution/comment and intention to bring guests onto the platform

  • We would love to hear from listeners and would welcome contributions to the show.
    We explain what we hope to include in future shows and the general direction of the show.

We hope you will join us for future shows and consider subscribing to the show via the RSS feed. You can also visit our archives for past shows.

As embedded (HTML5):

Download:

Ogg Theora
(There is also an MP3 version)

Microsoft-Centric “Ransomware Task Force”

Posted in Deception, Microsoft, Security at 3:37 am by Guest Editorial Team

Original by Mitchel Lewis, republished with permission

Microsoft ransom
Source: https://www.statista.com/statistics/701020/major-operating-systems-targeted-by-ransomware/

Summary: Mitchel Lewis, a former Microsoft employee, takes a look at Microsoft-connected or Microsoft-controlled ‘think tanks’ in ‘task force’ clothing

Although most platforms have had their flare-ups with ransomware, it’s well-known that Microsoft’s legacy architecture has a hyper-monopoly with respect to ransomware infections that consequently renders all other platforms into negligible outliers in comparison. In fact, there’s nothing in this world that Microsoft monopolizes better than ransomware attacks at the moment.

Depending on who you ask, anywhere from 85–99% of ransomware attacks occur on Microsoft architecture, often via well-known vulnerabilities. Because of this common denominator, most working within the ransomware space daily would find it supremely difficult gloss to over the vulnerability of Microsoft’s architecture as being a key component in the rising prominence of ransomware and this is especially true if they were asked to write an 80-page report on the matter.

Taskforce ransom
A “venerable” who’s who of the ransomware field.

Recently though, a team of more than 60 lawyers and supposed experts that no one has ever heard of before from software companies, cybersecurity vendors, government agencies, non-profits, and academic institutions came together with the Institute for Security and Technology, an institute that no one has ever heard of before, and achieved the irrational by developing a “comprehensive framework” attempting to tackle the modern threat of ransomware. To no surprise and in true Dunning-Kruger fashion whenever expertise is proclaimed, these experts managed to accomplish the unconscionable by overlooking Microsoft’s blatant complicity in the ransomware space and the fundamental importance of modern infrastructure in the face of IT security and prevention of ransomware in an 81-page report.

ZDNet ransom
This wasn’t even a revelation in December for anyone with half of an ass in the field of assessing root cause.

To be fair, the task farce rightfully highlighted the rise of cryptocurrency as a motivational force behind ransomware attacks and further dubbed ransomware to be a threat against our national security, this is nothing new; even my stupid ass has been talking about this for 6 months now. Many of their suggestions are relevant too and might help to some degree, but they’re reactionary and ancillary at best in comparison to an architectural shift away from Microsoft solutions; the single best preventative measure that a company can take to defend itself against various attacks plaguing industry throughout the world, ransomware or otherwise. Hell, their whole article only mentioned prevention 3 times.

Safety Detectives
Source: https://www.safetydetectives.com/blog/ransomware-statistics/

With the exception of Hafnium, most attacks are rudimentary at best and exploit well-known vulnerabilities throughout the Microsoft ecosystem and the ignorant companies refusing to mitigate these vulnerabilities in favor of convenience. More often than not, ransomware infections are a direct consequence of phishing campaigns, poor password complexity, poor lockout policies that embolden brute force attacks, poorly trained users, no MFA, no VPN, and admins ignorantly exposing RDP to the WAN, etc. All of which are fundamental no-no’s in the world of IT security that are amazingly easy to prevent and almost all of which are targeted exclusively at Microsoft cloud and server solutions hosted on-premise by their clientele. And a task force of supposed experts would have acknowledged this if they were actually experts in ransomware or IT security.

Given all of this, it seems as if Microsoft is just as much of a threat to our national security as ransomware itself; you can’t have one without the other. Although many of these attacks are preventable and much can be done to supplement Microsoft architecture to harden against said attacks, it’s becoming increasingly evident that it’s impossible for most teams to account Microsoft’s entire threat surface, ransomware or otherwise, and that it’s simply too complex, costly, and cumbersome for most IT staff to manage. As such migrating away from the Microsoft ecosystem entirely is the single most viable way to reduce your threat surface against ransomware and pretty much every other form of attack; the drastic reductions in IT ownership costs and improved employee morale are nice too I hear.

This is not easy though. On top of being notorious for ransomware, Microsoft is notorious for optimizing their solutions for lock-in, addiction if you will, which makes them incredibly difficult and costly to migrate away from. The benefits are immediate to those with the grit to migrate though.

But instead of highlighting any of this, the task farce appears to be operating under a false pretense that ransomware is somehow a platform-agnostic affair and that architecture is irrelevant while further ignoring the important role that architecture plays in preventing ransomware and neglecting to showcase Microsoft for being a common denominator that it is; bungling it massively if you will. This is so much the case that they only mentioned the word architecture once in their entire report. If anything, they appear to be adopting Microsoft’s “assume breach” approach which is just their way of shifting blame to the people who support and manage their unsupportable and unmanageable solutions. All of which forces me to question the degree of their expertise and their intentions.

As harsh as this may seem at first, questioning their expertise is fair when there seems to be no focus on preventative measures and devoid of even the most obvious architectural recommendations; no acknowledgment that most ransomware attacks are preventable, no acknowledgment that not all architectures are equal, and no acknowledgment that they often occur when fundamentals are abandoned or forbidden. More often than not, there’s an IT nerd saying, “I told you so.”, to their change-averse management post-mortem with emails to back it up and this just isn’t something that experts can simply ignore when trying to prevent ransomware.

 Katie Nickels with context
Recommendations given, no response as expected.

Katie Nickels

To say the least, the IST report would look markedly different if boots on the ground were at least consulted with beforehand, hence why I began to question it so flagrantly as someone that has dealt with ransomware and its prevention for half a decade now. In an effort to clarify their expertise, I reached out to Katie Nickels, one of the task farce members, and she didn’t argue or lambast me with credentials proving otherwise and merely asked for my recommendations; a low-key admission of my expertise concern having merit if you’re into that whole social engineering thing.

Unsurprisingly and rather than supplying ransomware experts that could provide action items for people that actually work against ransomware on a daily basis which Microsoft has an abundance of, Microsoft instead supplied their digital diplomacy team comprised of Kemba Walden, Ginny Badanes, Kaja Ciglic, and Ping Look, which is curious because none of these people get wake-up calls when ransomware is dominating the infrastructure of their clientele. So far as I can tell, none of them seem to have even gone on the record about ransomware prior to this task farce being formed and it’s hard to see their role in the task farce and the absence of Microsoft’s complicity in their report as a coincidence.

Katie Nickels' reply

When combining these oversights, the dominant presence of Microsoft spin artists within their task farce, and the high likelihood of a sizable donation from Microsoft to the Institute for Security and Technology though, none of this should come as a shock to you. As shown with fraud of dolphin-safe labeling/oversight, we live in a world where industry has a penchant for hijacking its own watchdogs with massive donations and further installing people throughout their ranks that are sympathetic to the plight of starving investors; all of which Microsoft has been accused of before which appears to be the case with the #ransomwaretaskforce. Roy Schestowitz refers to this approach as entryism and it may be time to pay more attention to these nefarious approaches in the tech space.

In summary, trying to cull ransomware via decree alone is only viable in comparison to throwing virgins into a volcano. Given Microsoft’s monopoly on ransomware attacks, the single best thing that any organization can do to prevent ransomware from ravaging your IT infrastructure is to migrate far, far away from Microsoft architecture entirely. Once that is accomplished, companies can implement multi-factor authentication, complex password requirements with password managers, and spare no expense on user training to further reduce their exposure to ransomware and other attacks that leverage these very same threat vectors. And companies can do this while reducing their ownership costs by a factor of 3 conservatively as showcased by IBM when they standardized on the Apple ecosystem; those less efficient at managing PCs at scale than IBM stand to see greater reductions.

You’re welcome to disagree and stay on Microsoft architecture or believe that approaching ransomware via bureaucracy- laden decrees is viable. It’s your funeral. But if you find yourself in this precarious position of deferring to lawyers and people that have never been on the hook to remove ransomware before, it may be a sign that you should do more reading and less talking about the matter instead.

IRC Proceedings: Saturday, May 01, 2021

Posted in IRC Logs at 2:55 am by Needs Sunlight

HTML5 logs

HTML5 logs

#techrights log as HTML5

#boycottnovell log as HTML5

HTML5 logs

HTML5 logs

#boycottnovell-social log as HTML5

#techbytes log as HTML5

text logs

text logs

#techrights log as text

#boycottnovell log as text

text logs

text logs

#boycottnovell-social log as text

#techbytes log as text

Enter the IRC channels now


IPFS Mirrors

CID Description Object type
 QmfHmZtaodpgTH5gYWhiVT9wBoPaxH1Xi1mBPQaz6Qy9QV IRC log for #boycottnovell
(full IRC log as HTML)
HTML5 logs
 Qmck3U5JohSDUtz8cCJF3tVHEzhXWGqc4eZKMQF9YpSnTg IRC log for #boycottnovell
(full IRC log as plain/ASCII text)
text logs
 QmfCkMuxkYPrtbRoHhvcyhnSocvLFVaARc17SLNuVwwUKC IRC log for #boycottnovell-social
(full IRC log as HTML)
HTML5 logs
 QmeKy4Yc6trFng4GyZQrcRLWrYdXFCUbTLo9eNyL6e4JdL IRC log for #boycottnovell-social
(full IRC log as plain/ASCII text)
text logs
 Qmbvmnuoybb1gDzumiM3TvpTJ41GqMdN3XNZ3ns6odXA8J IRC log for #techbytes
(full IRC log as HTML)
HTML5 logs
 QmegtE5ELgzhBKvhGK9SfxH9Av6diMY81QNtBk9M3tu8cm IRC log for #techbytes
(full IRC log as plain/ASCII text)
text logs
 QmQ3DmqnDJtNDn5yGE85Jednvjp2RWEjKkrNcSqZXEspgq IRC log for #techrights
(full IRC log as HTML)
HTML5 logs
 QmR9Vpbu8zjWMaXFtneWdDhFwSaJ2YvGt1bTJab5j229wr IRC log for #techrights
(full IRC log as plain/ASCII text)
text logs

IPFS logo

Bulletin for Yesterday

Local copy | CID (IPFS): Qma8WdxzNkr8wRWABL5YE3twryLeQmmYM1S2TZp8zaGjj4

The Coup Against Free Software is Not Over

Posted in Deception, Free/Libre Software at 2:20 am by Dr. Roy Schestowitz

Video download link

Summary: The people who work hard (on monopoly salaries) to overthrow Free software luminaries and undermine the Free software movement aren’t done yet; they’re still out there, plotting and scheming at the behest of their sponsors

As we noted last night, 6,600 people had signed a petition in support of the FSF (that number has increased since then, as the video points out and shows). This is very important because, to quote this page: “In the wake of the events of September 2019 that led to the resignation of Richard Stallman from MIT and the FSF, a large part of the community felt hurt by what they saw as an injustice to Stallman that caused damage not only to him, but to the entire free software movement as well. After Stallman announced his return to the FSF Board of Directors on March 21, 2021, a tsunami of virulent attacks to him and the FSF reached unprecedented proportions risking to destroy the very roots of the free software movement.”

Anon conflictThe slanderous accusations (and gross mischaracterisations) have since then been weaponised to silence more people, whose public recognition is far from Stallman’s, which means they’re more vulnerable targets (we know the endgame). We’re being warned that more “cancel mob”-type attacks are looming and in fact the attacks on Stallman were largely foreseen. We need to prepare for the next wave of monopolistic trolling, sponsored by monopolies (e.g. OSI) and media that they sponsor (to control). The video above sheds some light on our ongoing investigations, which will certainly yield some reports in the coming days or weeks.

« Previous entries Next Page » Next Page »

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts