06.23.21

Links 24/6/2021: End of Akademy 2021 and Good News From SCOTUS (About PTAB)

Posted in News Roundup at 7:04 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Desktop/Laptop

      • Slimbook launches light and thin 14-inch Executive laptop with 3K 16:10 90 Hz display and Intel Tiger Lake-U processor

        You know the demand for laptops is clearly on the rise when even Europe is seeing new OEMs popping up. Breaking into the global market directly with Windows-based models might be tough, so the new OEMs from Europe are also focusing on GNU / Linux systems. Just like Germany has the Schenker / XMG OEM with the Tuxedo subsidiary, Spain offers similar solutions through its relatively new Slimbook OEM. Apart from catering both for the Windows and Linux crowds, Slimbook also focuses to stay true to its name and deliver lightweight but powerful notebooks, and this can easily be seen with the new Executive models that feature Intel Tiger Lake-U processors packed in a 14-inch chassis that weighs only 2.2 lbs (1 kg) and is 0.59-inch (15 mm) thick.

        As with most slim and light models, the Slimbook Executive is geared more towards premium users. The magnesium alloy chassis appears to be made by Tongfang and is identical with those from Schenker Vision 14 and Tuxedo InfinityBook Pro, but the default price is noticeably higher. This is because Slimbook is including more advanced features like a 2880 x 1800 16:10 LTPS screen with 90 Hz refresh rate, 400 nit maximum brightness and 99% sRGB color gamut. It also comes equipped with the Intel Core i7-1165G7 CPU integrating an Iris Xe iGPU, which can be coupled with up to 64 GB of DDR4-3200 RAM and up to 4 TB of SSD storage through two M.2 slots.

    • Audiocasts/Shows

      • The Brave Search Engine. Will This Be The Google Killer?

        Brave’s new search engine recently had it’s public launch. Brave, the makers of the Brave Browser, aim to provide a truly privacy-focused search engine that serves independent results rather than pulling from Google or Bing.

      • FLOSS Weekly 635: KDE Neon – Jonathan Riddell

        Jonathan Riddell, who created and leads KDE Neon, gives Doc Searls and Simon Phipps the fascinating backstory of the project and what makes it distinctive. Here’s a clue, it was inspired by surfing. The conversation also ranges across the past and future of Linux on desktops and laptops, KDE’s Akademy, OpenUK and its awards and much more.

    • Kernel Space

      • PipeWire Under The Hood

        The PipeWire project is slowly getting popular as it matures. Its documentation is still relatively sparse but is gradually growing. However, it’s always a good idea to have people from outside the project try to grasp and explain it to others in their own words, reiterating ideas, seeing them from their own perspective.

        In a previous posts I went over the generic audio stack on Unix and had a section mentioning PipeWire. Unfortunately, because at the time I didn’t find enough docs and couldn’t wrap my head around some concepts, I think I didn’t do justice to the project and might have even confused some parts.
        In this post I’ll try to explain PipeWire in the most simple way possible, to make it accessible to others that want to start following this cool new project but that don’t know where to start. It’s especially important to do this to open the door for more people to join in and follow the current development, which is happening at a fast pace.

      • PipeWire, The Newest Audio Kid On The Linux Block | Hackaday

        Raise your hand if you remember when PulseAudio was famous for breaking audio on Linux for everyone. For quite a few years, the standard answer for any audio problem on Linux was to uninstall PulseAudio, and just use ALSA. It’s probably the case that a number of distros switched to Pulse before it was quite ready. My experience was that after a couple years of fixing bugs, the experience got to be quite stable and useful. PulseAudio brought some really nice features to Linux, like moving sound streams between devices and dynamically resampling streams as needed.

        The other side of the Linux audio coin is JACK. If you’ve used Ardour, or done much with Firewire audio interfaces, you’re probably familiar with the JACK Audio Connection Kit — recursive acronyms are fun. JACK lets you almost arbitrarily route audio streams, and is very much intended for a professional audio audience.

        You may wonder if there is any way to use PulseAudio and JACK together. Yes, but it’s just a bit of a pain, to get the PulseAudio plugin to work with JACK. For example, all of the Pulse streams get mixed together, and show up as a single device on the JACK graph, so you can’t route them around or treat them seapartely.

      • Louis: PipeWire under the hood [LWN.net]

        For those wanting lots of grungy details about how the PipeWire system works, this blog entry from Patrick Louis should be of interest.

      • AMD PSF Control Support Still Awaiting The Mainline Linux Kernel – Phoronix

        It’s been three months since AMD published a security whitepaper outlining the possibility of a side channel attack with PSF. The Predictive Store Forwarding functionality is new to AMD Zen 3 (Ryzen 5000 / EPYC 7003 series) processors and as part of their security analysis they are allowing users the ability to opt-out of using this feature in the name of greater security but the feature still hasn’t been picked up for the mainline Linux kernel.

        While the security whitepaper mentioned Linux patches for allowing PSF to be disabled, it wasn’t until days after that when the PSF control patches were published.

    • Applications

    • Instructionals/Technical

      • How To Install Askbot on Ubuntu 20.04 LTS – idroot

        In this tutorial, we will show you how to install Askbot on Ubuntu 20.04 LTS. For those of you who didn’t know, AskBot is an open-source question-and-answer forum written in Django and Python. It provides features similar to StackOverflow, including a karma-based system, voting, and content moderation. Currently, it is used by open-source projects like Fedora and LibreOffice.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Askbot on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

      • Install and Use Duf Disk Monitoring Tool on Ubuntu 20.04

        Duf also called “Disk Usage Free utility” is a free and open-source tool written in Golang. It is used to display disk usage of the system in a tabular format. It is an alternative to the df command and it can be installed on Linux, BSD, Windows, and macOS. It also displays the disk usage details in the JSON output.

        In this post, we will show you how to monitor disk usage with the Duf utility on Ubuntu 20.04.

      • Linux tee command explained (with examples)

        When you run basic commands on the terminal the output is usually printed to the terminal i.e standard out. But what if you could also save the output in a file as well as print it out to standard out? This is what the tee command does. The Linux tee command reads from stdin ( standard input ) and then writes to stdout ( standard output ) as well as to a file or multiple files.

      • How to Filter or Disable Blue Light on Ubuntu

        For most of our waking days, we are surrounded by screens. While it’s not a big problem in itself, staring at screens well into the evening can result in a disturbance of the natural sleep cycle, which in turn, can result in health risks like insomnia, daytime fatigue, and more. The culprit behind this is the blue light emitted by these screens.

        This makes it pertinent that we remove, or, at the very least, filter the blue light from our screens. There are both manual and automated ways to disable the blue light on your Ubuntu system.

      • How to Install FreeIPA on AlmaLinux or Rocky 8 – Linux Shout

        FreeIPA stands for Free Identity, Policy, Audit and it is an open-source identity management solution based on an LDAP directory and Kerberos with optional components such as DNS server, certification authority, and more. It can manage a domain with users, computers, policies, and trust relationships. Isn’t it sounds like Microsoft Active Directory? Yes, it is exactly what it is all about. FreeIPA can also set up a forest-to-forest trust with existing Active Directory forests and even live in a DNS zone below a zone managed by Active Directory, as long as they do not overlap. It consists of a web interface and command-line administration tools.

      • How to run Linux on an iPad

        Do you use an Apple iPad as your primary mobile computer? Wish you could run Linux on it for development purposes or other stuff? It turns out, with a bit of work, it is possible to run Linux on an iPad via virtualization. Here’s how to set it up.

      • How to access a remote Linux computer from an iPad

        Those who are Linux users who also happen to own an iPad may be wondering how they can access a remote Linux computer from it. Despite it being a mobile device, it is possible. In this guide, we’ll show you how.

    • Games

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Akademy 2021 – Wedneday BoF Wrap-up

          Wedneday continued the Akademy 2021 BoFs, meetings, group sessions and hacking. There is a wrap-up session at the end of the day so that what happened in the different rooms can be shared with everyone including those not present.

        • KDE Plasma 5.22: The best KDE to date

          In other words, the developers of KDE Plasma have nailed it on every conceivable level. Does that mean I’ll be switching from my go-to Pop!_OS Linux? No. But that’s all about the perfect melding of hardware and operating system, so Pop!_OS has an unfair advantage. However, had it not been for the power of the Thelio, you can bet I’d be seriously considering a migration from whatever desktop I was using to KDE Plasma—that’s how good 5.22 is.

          What new features have the developers brought to light that makes this release so special? To be honest, the best thing they’ve done is a bit of code refactoring and take care of a laundry list of bugs. They’ve seriously improved the behavior and performance to the point where KDE Plasma can stand with the best desktop environments on the market—regardless of the operating system.

          Bug fixes galore make KDE pretty fantastic. But you’re not here to read about bug fixes, you want to know what’s changed and what’s been added. Let’s take a look.

          First off, I tested KDE Plasma 5.22 on KDE Neon (which, after a quick update, was running KDE Plasma 5.22.1). If you want to kick the tires of KDE Plasma 5.22, I highly recommend you go this route, as KDE Neon is a fantastic distribution for getting the latest version of the desktop.

          With that said, let’s get on with what’s new.

    • Distributions

      • BSD

        • TrueCommand 2.0 Enables TrueNAS Clusters

          iXsystems, the leader in Open Source storage, announced the general availability of TrueCommand 2.0, the second major release of the single-pane-of-glass management system that simplifies the monitoring and control of fleets of systems running TrueNAS CORE, Enterprise, or SCALE.

          TrueCommand 2.0 adds an array of new features to its existing ability to manage faults, configuration, access control, performance, and security. Chief among the key features enabled is the ability to manage clusters of TrueNAS SCALE nodes for high capacity (100+ PB) and bandwidth (100+GB/s) applications. It also adds real-time (per second) statistics and a storage navigator function to manage datasets and their snapshots.

      • SUSE/OpenSUSE

        • SUSE Linux Enterprise 15 SP3 [LWN.net]

          SUSE Linux Enterprise (SLE) 15 SP3 has been released. “With the release of SLES 15 SP3 we now have 100% binary compatibility with openSUSE Leap 15.3 (our developer platform). That means that you can smoothly move workloads from development to production environments that run SLE 15 SP3 – and back again – with assured application compatibility.” See the release notes for additional information.

      • IBM/Red Hat/Fedora

        • Projects and the advantages of Git branching – IBM Developer

          It took me a while to start to understand the power that Red Hat OpenShift brings to the Kubernetes world. As someone who is supposed to advocate for OpenShift, I first need to know why I would use the technology before I can advocate. This post explains one of the value adds that got me. OK, let’s get started!

          If you are someone who is encouraged or even required to move to the cloud-native ecosystem, running an application on Kubernetes (or OpenShift) can be overwhelming. If you visit the CNCF Cloud Native Interactive Landscape map and look at all the options you can plug into a vanilla Kubernetes, it’s safe to say that it’s intimidating. I am every time I look at it.

          One of the first advantages of OpenShift is that it’s an opinionated deployment of Kubernetes. Red Hat spent the time and effort to create a proper production-grade installation of a cloud-native platform and gave you the power to just “use it”. You no longer need to sift through all of the different options; OpenShift just gives you the choices to focus on the business value add and to hopefully get your features out faster than your competition.

        • Open the possibilities of your data

          First software ate the world. Now Artificial Intelligence (AI) is eating software.

          You’ve heard all the adages. Something about every company being a data company. Data being the most valuable assets. A competitive differentiator, the corporate pundits call it. A game changer, even.

          We get it. Data has value. But the real questions are: does data contain intrinsic value irrespective of how well it is mined, how easily it is accessed, and how smartly it is secured?

      • Debian Family

        • There’s no ‘Skype’ in Teams: Microsoft lets signing key for its Debian Skype repository slip gently into the night

          Microsoft’s inattentive approach to Linux has continued unabated, with reports that the signing key for its Debian Skype repository has expired.

          Last week we noted the dread 404 being returned to enthusiasts keen to do the apt-get fandango to grab some of Microsoft’s wares on packages.microsoft.com, but things seem to have been returning to normal of late.

          Sadly, for Skype, “normal” appears to be on the wrong side of bork for some Linux users as an expired signature left customers pondering how to get the chat platform safely down via apt.

          “This is not the first time that Microsoft has forgotten to renew an apt key,” muttered one user, “I’m guessing it won’t be their last time either.”

          Ouch. Far be it from us to suggest that we are perhaps witnessing an attempt by Microsoft to steer users toward Teams on Linux rather than that old Skype thing. Not satisfied with axing beloved features, the company didn’t bother to renew the GPG key.

        • Louis-Philippe Véronneau: Hardening Weechat Relays Against RCE on Bullseye

          I’ve been using weechat to connect to IRC since late 2016 and one of its killer feature is relays. They let use other frontends like the Weechat Android app or the amazing Glowing Bear (packaged in Debian Bullseye by yours truly).

          Sadly, relays also used to be somewhat of a security risk: anyone with access to a relay1 could run scripts on the machine running weechat by using commands such as /exec or /script. Not great.

      • Canonical/Ubuntu Family

        • Ubuntu-maker Canonical will support open source Blender on Windows, Mac, and Linux

          Blender is one of the most important open source projects, as the 3D graphics application suite is used by countless people at home, for business, and in education. The software can be used on many platforms, such as Windows, Mac, and of course, Linux.

          Today, Ubuntu-maker Canonical announces it will offer paid enterprise support for Blender LTS. How cool is that? Surprisingly, this support will not only be for Ubuntu users. Heck, it isn’t even limited to Linux installations. Actually, Canonical will offer this support to Blender LTS users on Windows, Mac, and Linux. Wow!

    • Devices/Embedded

      • Open Hardware/Modding

        • 6 Best Raspberry Pi Alternatives For IoT Development

          Raspberry Pi is a good starting point whenever you want to build an app, device, or project for the IoT marketplace,. This credit card-sized device has changed the very concept of personal computing, and supports prototyping of every kind of new developer idea. It does have a few limitations though.

          Despite the excellent specs of Raspberry Pi 4, the single-board computer lacks important capabilities as an embedded engineering device. If you want higher performance, you need a device with far superior specs that won’t suffer Pi’s problems of overheating, lower memory, and unsuitability for industrial applications.

          Since so much of DIY syllabus is oriented towards Raspberry Pi, you should seek a close enough alternative when it’s time for you to “scale up”. We have listed some of these best alternatives which will give you a familiar feel to Raspberry Pi but with higher performance and more ruggedness.

        • Olimex ships SoM and eval board based on STM32MP1

          Olimex has released its first STM32MP1 SoC-based boards: The STMP15X-SOM SoM and the STMP1(A13)-EVB eval board. The eval board functions as a carrier for the STMP15X-SOM or Olimex’s earlier A13-based SoM.

          Bulgaria-based Olimex, best known for its open spec OLinuXino SBCs, has announced the availability of its first boards based on STMicroelectonics’ STM32MP1 dual-core Arm Cortex-A7/M4 SoC. The STMP15X-SOM is a system-on-module (SoM) offered in variety STM32MP1 SoC flavors and temperature ranges. The STMP1(A13)-EVB is an evaluation board that acts as a carrier for the STM15X-SOM and Olimex’s Allwinner A13 SoM.

    • Free, Libre, and Open Source Software

      • 13 Best Free Beat Making Software For Music Production

        This free software is inspired by FL Studio and is an open source DAW created by a group of programming volunteers.

        And over the years of its existence, LMMS has grown by leaps and bounds in terms of its functionality and user interface.

        LMMS is now among the best beat making software available out there for music enthusiasts to explore.

        Digital audio design and production was kept in mind by the makers of this software, which is why there’s no provision to record audio in LMMS.

        LMMS is known for its free 16 synthesizers that form the cornerstone of its functionality.

      • Stanford’s New Open-Source Software for Designing Sustainable Cities

        New technology could help cities around the world improve people’s lives while saving billions of dollars. The free, open-source software developed by the Stanford Natural Capital Project creates maps to visualize the links between nature and human wellbeing. City planners and developers can use the software to visualize where investments in nature, such as parks and marshlands, can maximize benefits to people, like protection from flooding and improved health.

        “This software helps design cities that are better for both people and nature,” said Anne Guerry, Chief Strategy Officer and Lead Scientist at the Natural Capital Project. “Urban nature is a multitasking benefactor — the trees on your street can lower temperatures so your apartment is cooler on hot summer days. At the same time, they’re soaking up the carbon emissions that cause climate change, creating a free, accessible place to stay healthy through physical activity and just making your city a more pleasant place to be.”

      • Web Browsers

        • From I’m feeling lucky to I’m feeling Brave: Browser maker erects web search engine beta • The Register

          Having rebelled against Google’s web hegemony with a privacy-focused browser and a crypto token-based monetization system, Brave Software opened a second competitive front on Tuesday with the beta launch of Brave Search.

          Brave has managed to attract more than 32 million monthly active users to its alternative browser that’s similar to Google Chrome – being based on its open source Chromium foundation – but is still distant enough on the privacy continuum to avoid being overshadowed.

          “Brave Search is the industry’s most private search engine, as well as the only independent search engine, giving users the control and confidence they seek in alternatives to big tech,” said Brendan Eich, CEO and co-founder of Brave, in a statement.

        • Mozilla

      • FSF

        • GNU Projects

          • GnuCash review: The best free desktop budgeting software for small business owners

            For small business owners, budgeting is necessary to understand your business’s financial health. While tracking your company’s expenses and income may seem time-consuming and complicated, there are a number of apps and software programs that make it easier for individuals and business owners to understand their finances.

            With so many different apps on the market, it can be hard to know which one is the best fit for you. Select compared over a dozen options when rating the best free budgeting tools, and we found that the most popular ones have nearly 5 out of 5-star ratings and thousands of customer reviews.

            We ranked GnuCash as the best desktop budgeting software for small business owners. GnuCash is a free software that uses a double-entry accounting method, making it a good option for small business owners trying to manage invoicing, bill payment and payroll.

            Below, we review GnuCash to give you all the details on its features, including the tools, perks, safety, pricing, availability and ratings so you can decide if it’s the right choice for managing your money.

      • Programming/Development

        • Enrico Zini: Transilience check mode

          This is part of a series of posts on ideas for an ansible-like provisioning system, implemented in Transilience.

          [...]

          Unlike Ansible, with Transilience this is actually pretty fast! ;)

        • Perl/Raku

          • Perl Weekly Challenge 118: Binary Palindrome
          • gfldex: Being pragmat-ish

            The question was raised if one can provide a custom pragma. As it happens, today I needed just that. API::Discord is a bit chatty. It is outputting debug and status info right to the terminal. Since I got the Discord bot now also being an IRC bot, the clutter got a bit much. My first thought was to wrap note and warn to filter messages out I don’t want. But there is also $*ERR.print in the mix. So I went and meta6 –fork-module=API::Discord.

            The goal is to use API::Discord::Debug; to change the behaviour of the module. That is what a pragma does. It changes the way how to compiler or the runtime work. I also want two subs to make the whole thing .wrap-able, to allow feeding the debug output into a Supply.

        • Rust

          • Rust Compiler April Steering Cycle

            On Friday, 25 June, we will be having a meeting to review a document discussing the incremental compilation fingerprint issue that led to the emergency 1.52.1 release, and the steps the project is taking to prevent future occurrences of similar scenarios. (This date is a change in schedule from its original date that had been discussed in the planning meeting.)

  • Leftovers

    • Integrity/Availability

      • Proprietary

        • Pseudo-Open Source

        • Security

          • A Review of the Linux Kernel’s Release Signing and Key Management Policies

            The Linux Foundation sought a review of the kernel teams’ processes for release signing and for the policies and procedures for the handling of the signing keys. Working with OSTIF, Trail of Bits was selected to lead the project and a two person-week review was conducted.

            Unlike most OSTIF projects, this review did not cover code but was a policy and process overview to identify potential pain points in the key handling and key signing processes for one of the most critical pieces of infrastructure in the world. As such, there are no CVEs nor CIDs addressing vulnerabilities.

            Special thank-you’s go out to Greg Kroah-Hartman and Konstantin Ryabitsev for participating in the interviews that helped the reviewers clarify the documentation and setting aside time to discuss the researchers’ findings. Thank you to David A. Wheeler and Mike Dolan at the Linux Foundation for helping to facilitate the project. Thank you to Jim Miller, Mike Martel, Opal Wright, and Cara Pearson for their work in this review and for writing this assessment. And finally, a special thank you to Dan Guido at Trail of Bits for working with us to improve critical open source infrastructure.

          • A review of the kernel’s release-signing practices [LWN.net]

            At the behest of the Linux Foundation, a security-oriented review of the kernel project’s release-signing and key-management practices was done; the report from this work has now been published.

          • Sigstore: A New Tool Wants to Save Open Source From Supply Chain Attacks (WIRED)
          • Email Bug Allows Message Snooping, Credential Theft | Threatpost

            Researchers warn hackers can snoop on email messages by exploiting a bug in the underlying technology used by the majority of email servers that run the Internet Message Access Protocol, commonly referred to as IMAP. The bug, first reported in August 2020 and patched Monday, is tied to the email server software Dovecot, used by over three-quarters of IMAP servers, according to Open Email Survey.

          • What’s that hurtling down the Bifröst? Node-based network fun with Yggdrasil 0.4

            Alexander described v0.4 as a “significant change” and highlighted the improved mobility performance due in the release (useful for nodes that move around or change peerings frequently) as well as opportunistic source routing, which should make for improved connection quality of sessions.

            Yggdrasil (the cosmic tree of Norse mythology) is a network routing technology that ditches the centralised design of traditional networks in favour of a globe-spanning tree, forming a scalable IPv6 encrypted mesh network, replete with end-to-end encryption of all traffic.

            A farewell to unwieldy routing tables in favour of something node-based.

            Version 0.3 is getting a bit long in tooth nowadays, having been originally released back in 2018. Version 0.3.13 arrived at the beginning of 2020. The “all-new protocol implementing an improved routing scheme” of v4.0 therefore represents a significant update.

          • Preparing for Yggdrasil v0.4

            In the coming weeks, we will be preparing to release Yggdrasil v0.4. This is a significant change from the v0.3 branch with an all-new protocol implementing an improved routing scheme.

          • Zephyr OS Bluetooth vulnerabilities left smart devices open to attack • The Register

            Vulnerabilities in the Zephyr real-time operating system’s Bluetooth stack have been identified, leaving a wide variety of Internet of Things devices open to attack – unless upgraded to a patched version of the OS.

          • ‘Set it and forget it’ attitude to open-source software has become a major security problem, says Veracode • The Register [Ed: Proprietary software is even worse in that regard]

            There’s a minefield of security problems bubbling under the surface of modern software, Veracode has claimed in its latest report, thanks to developers pulling third-party open-source libraries into their code bases – then never bothering to update them again.

          • South Korea’s nuclear research agency breached by North Korea-affiliated cyberattackers, says malware analyst group

            South Korean officials have admitted that government nuclear think tank Korea Atomic Energy Research Institute (KAERI) was hacked in May 2021 by North Korea’s Kimsuky group. The Korean news outlet that broke the story has accused KAERI of a cover-up.

            Malware analyst group IssueMakersLab said in a report that it detected an attack on KAERI on May 14th. The attack saw incoming heat from 13 internet addresses, of which one was traceable to Kimsuky.

          • Google is trying to overhaul the Bluetooth stack on your Chromebook… again

            The Bluetooth story on Chromebooks is… weird. Wireless peripherals have been experiencing frequent stability problems for years now, multiple Chromebooks shipped with a buggy Bluetooth controller from Intel, and Google backpedaled on its ambitious efforts to rebuild Bluetooth from scratch to ‘fix’ its myriad issues. It’s hard to pin down what happened exactly, but on the bright side, Google has managed to resolve most of its Bluetooth issues via software updates — even adding some goodies along the way. It seems Google hasn’t given up on its plans for a broader Bluetooth overhaul, and it’s now trying again with another Bluetooth stack.

          • Zero-day vulnerabilities in Pling leave Linux marketplaces open to RCE, supply chain attacks

            A pair of serious zero-day vulnerabilities in Opendesktop’s Pling could result in drive-by remote code execution (RCE) and supply chain attacks against Linux marketplaces based on the platform.

          • Privacy/Surveillance

            • APNIC left a dump from its Whois SQL database in a public Google Cloud bucket • The Register

              The Asia Pacific Network Information Centre (APNIC), the internet registry for the region, has admitted it left at least a portion of its Whois SQL database, which contains sensitive information, facing the public internet for three months.

              Its Deputy Director General Sanjaya revealed details of the configuration blunder late last week. He explained the error occurred when staff were performing maintenance work on APNIC’s Registration Data Access Protocol (RDAP) service, which, ironically, is set to replace Whois.

            • Final guidance on Schrems II ruling: Data from EU could be held up if a third country lets authorities access it • The Register

              The European Data Protection Board (EDPB) has finalised its guidance to businesses in how they should proceed following the Schrems II ruling which struck down the Privacy Shield data-sharing arrangement between the EU and the US.

              In its final version of the recommendations [PDF] on supplementary measures to accommodate the ruling, the EDPB said the transfer of data could be impinged on if legislation in a third country allows authorities to access data transferred from the EU, even without the importer’s intervention.

            • Ex-NSA bigwig Chris Inglis appointed America’s national cyber director by Senate
            • UK health secretary Matt Hancock follows delay to GP data grab with campaign called ‘Data saves lives’

              Following UK government’s U-turn on the deadline for grabbing GP patient data, under-fire Health Secretary Matt Hancock is launching a policy paper to convince the public of the benefits of sharing their medical data.

              Under the headline “Data saves lives”, the Department for Health and Social Care is publicising a raft of planned initiatives and apparent progress in the face of criticism over its handling of General Practice Data for Planning and Research (GPDPR) programme.

            • UK set for ‘adequacy’ status on data sharing with EU, but it all depends on how much post-Brexit law diverges • The Register

              The European Union has formally voted for proposals to give the UK “adequate” status in its data protection laws, allowing data sharing to continue in the post-Brexit world.

              But the move could prove temporary if the UK were to move too far from the principles of the General Data Protection Regulation (GDPR) in its ambition to be a global tech juggernaut.

              Voting through the draft “Commission Implementing Decisions on the adequate protection of personal data by the United Kingdom”, the Committee on the Protection of Individuals with Regard to the Processing of Personal Data adopted the proposals for data sharing.

    • Digital Restrictions (DRM)

      • Apple scrambles to quash iOS app sideloading demands with ‘think of the children’ defense

        Apple, fearing regulators will force it to allow people to sideload whatever apps they like on their own iOS devices, has published a paper arguing about the importance of its oversight. The iGiant also sent a letter to US lawmakers warning of supposed harm if its gatekeeping is disallowed.

        The letter is directed at members of the House Judiciary Committee and its Antitrust Subcommittee, who on Wednesday held a markup hearing to amend and vote on the advancement of six antitrust bills intended to rein in Big Tech.

    • Monopolies

      • Patents

        • Facebook Filed a Patent For an AR Hat, The Latest in its Evolving AR Push

          Forget AR glasses, according to a new patent registered by Facebook, The Social Network is developing an AR hat, which would expand the immersion of the device, and facilitate more advanced AR experiences within an isolated, standalone unit.

        • Upcoming conference: Mannheim IP Forum on July 2 — top-notch roster of speakers from judiciary and academia

          For those interested in the world’s most popular patent jurisdiction, I have a warm recommendation: on next week’s Friday (July 2, 2021), the Interdisciplinary Center for Intellectual Property (in German “Interdisziplinäres Zentrum für Geistiges Eigentum” (IZG)) will hold its annual conference at Mannheim Castle, just across the street from the Mannheim Regional Court–one of the courts that almost everyone involved with patent litigation has already been to.

          You can find the conference program on the IZG’s homepage. If you don’t want to settle for a simple HTML layout, a flashier option exists: the conference program flyer (PDF).

          You can attend physically or over the Internet, and the registration form is here, but be aware that the conference will be held in German. I’m going to report on parts of it.

          The primary organizer is Professor Lea Tochtermann. The first speaker–sort of a keynoter–will be Professor Peter Meier-Beeck, the Presiding Judge of an antitrust-specialized “senate” (division) of the Federal Court of Justice and previously a patent judge. He’ll discuss his court’s Sisvel v. Haier case law, which was the final one of the topics addressed by the podcast I published on Monday. One of my podcast panelists, patent litigator Dr. Christof Augenstein of Kather Augenstein, is also going to be among the Mannheim speakers next week. He’ll discuss the protection of confidential business information with a particular focus on standard-essential patent (SEP) enforcement.

        • Meade J finds Interface Circuit patent invalid – reminding parties not to be resistant during the pre-action stage

          As many readers will already know, two new full-time Patents Judges have been appointed to the English Court in the last 9 months – Meade and Mellor JJ. Despite the challenges that the global pandemic has brought, the English Patents Court has coped remarkably well and there has been no let-up in the progress of cases to trial or in the determination of case management issues. It came as no surprise to those who worked with Meade and Mellor JJ prior to their elevation to the bench that both individuals have adjusted well to their new roles. Despite the busy workload of the Patents Court, trials and other hearings are going ahead in a very similar way to the pre-pandemic position and, despite their busy workloads, the Judges are handing down timely and well-reasoned decisions.

          [...]

          One interesting aspect of the law in the UK concerning the common general knowledge is the so-called “mindset” of the skilled person or team. The relevant law stems essentially from the celebrated observations of HHJ Fysh QC in Dyson v Hoover ([2001] RPC 26) that the vacuum cleaner designing community was “functionally deaf and blind to any technology which did not involve a replacement bag”. It is often argued by a patentee that the relevant community involved in a given technical field had a prejudice against a particular developmental route and that the patentee made a technical advance by thinking outside of the box in this respect. Meade J took the opportunity in his judgment to remind readers that this is a high hurdle and that the test is usually that should be shown to be a prevalence in the community that something must or should not be done.

          [...]

          For many years English patent law has recognised a ground of insufficiency that the skilled person cannot determine the scope of the claim. This was originally called “ambiguity insufficiency” but was recently rebadged as “uncertainty insufficiency” by the Court of Appeal in Anan Kasei v Neo [2019] EWCA Civ 1646. In rebadging the concept, the Court of Appeal confirmed that a fuzzy boundary was not enough to succeed on this ground but nor would such an allegation fail if there was something within the claim was clear. Here Meade J found that this was not a situation where the patentee had “used nonsense language or set the boundary of the claim in terms of a comparison with something that cannot be identified.” This suggests that the Judge considers that the hurdle for the challenger to overcome in order to prove uncertainty insufficiency is a high one.

        • Arthrex Is Here—What Will It Mean?

          Yesterday, the Supreme Court handed down its much-awaited decision—at least, much-awaited by people who care about patents and the Patent Trial and Appeal Board (PTAB)—in the consolidated U.S. v Arthrex, Arthrex v. Smith & Nephew, and Smith & Nephew v. Arthrex cases. And while the multiple parties and multiple opinions might look complicated, it’s actually a pretty simple opinion when it comes to the patent world. (It might have wider-ranging impacts in other areas of law.)

          [...]

          In the second portion of the primary opinion, Section III, Justice Roberts is again joined by Justices Alito, Kavanaugh, and Barrett. However, Justice Gorsuch does not join this section of the opinion.

          Here, having identified a Constitutional problem, the plurality resolves the problem by finding a minimal remedy. Justice Roberts notes that in “every respect save the insulation of their decisions from review within the Executive Branch, APJs appear to be inferior officers—an understanding consistent with their appointment in a manner permissible for inferior but not principal officers.” Based on that Justice Roberts determines that Congress intended for them to be inferior officers and that, given the powers assigned the Director overall, the most consistent remedy is to provide the Directorial review required for the APJs’ exercise of power to be Constitutionally permissible.

          There’s four votes in this portion of the opinion for the remedy of allowing the Director to directly review inter partes review (IPR) decisions. But a partial dissent agrees with the proposed remedy, as described below.

          [...]

          So, summing it all up? Five Justices found the appointment scheme for PTAB judges to be Constitutionally impermissible. But seven Justices found the remedy—striking the three-judge requirement to the extent required to permit Directorial review of IPR decisions—to be the correct remedy. And only Justice Gorsuch would have set aside the IPR system entirely. IPR appears to be here to stay, with at most minor changes.

          What will it mean in practice? Well, as CCIA’s amicus brief noted, the Director already had tremendous power in practice to affect the outcome of individual cases. Enough power that the Chair and Ranking Member of the House Judiciary Committee’s IP Subcommittee asked the GAO to investigate whether that power had been abused. Given that power, it seems unlikely that there will be a significant number of cases receiving formal Directorial review that weren’t already subject to it in practice. After two years of Arthrex working its way through the courts, the biggest end result might just be that now the Director will have to be on record when they make changes, rather than doing it behind the scenes.

          And that, as Senator Leahy noted, makes the choice of the next Director all the more important. That means a Director who will enforce the law as written, not his personal preferences. As Senator Leahy stated, “[w]hether an invention is patentable should not depend on who is President or who is head of the PTO.”

        • How the doctrine of equivalents impacts patent protection in Europe [Ed: This whole nonsense about "fragmented way" is an attempt to expand the scope of patents and litigation to better suit lawyers and monopolists, at the expense of everybody else (e.e. UPC)]

          Innovators experience different scopes of patent protection, and generic manufacturers different freedom to develop similar products, as a consequence of the fragmented way an important concept in patent law is applied across Europe.

          The ‘doctrine of equivalents’ can help patent owners achieve meaningful protection to stop products which differ immaterially to their protected original. Conversely, the application of the doctrine can make it harder for others to navigate patents with any certainty.

          In Europe, the doctrine of equivalents derives from long-standing case law developed by national courts and, since 2001, the Protocol on the Implementation of Article 69 of the European Patent Convention (EPC). However, national courts have taken different approaches to the doctrine of equivalents, causing a degree of uncertainty for businesses. New guidelines recently introduced by the European Patent Office (EPO) also have potential to impact on claims of patent infringement on the basis of the doctrine.

        • Indian-American Sumita Mitra Wins European Inventor Award 2021

          Indian-American chemist Sumita Mitra has won the European Inventor Award 2021 in the ‘Non-EPO countries’ category.

        • Indian-American Chemist Sumita Mitra Honoured With Prestigious European Inventor Award [Ed: Yet more paid-for EPO puff pieces, designed partly to distract from EPO crimes and corruption]
        • Protecting inventions in Africa [Ed: Trying to sell a Western protectionist system (protecting the colonisers, the occupiers) to people who don't need it]

          When it comes to patenting inventions in Africa, apart from direct filings in the country of interest using the World Intellectual Property Organization (WIPO) Paris Convention for the Protection of Industrial Property, applicants can choose between two regional offices: the Organisation Africaine de la Propriété Intellectuelle (OAPI) and/or the African Regional Intellectual Property Organization (ARIPO).

          The filing of a patent application in a regional office has the advantage of encompassing several countries in a single application. However, in a continent with two different regional offices, some points should be considered before choosing one of them to protect your invention.

          OAPI and ARIPO do not share common member states, so the first point to be considered by applicants when electing a regional office to file a patent application is the territory where they wish to protect and explore their inventions.

        • Oral proceedings before the EPO only on Zoom [Ed: EPO proudly declares that it is breaking the law until further notice.]

          Zoom has proven to be a reliable and secure videoconference platform for conducting oral proceedings (OPs). This is confirmed by the positive experiences gained over the last months from OPs held via this platform, in appeal, opposition (entirely so since January) and in examination (dozens conducted since May). The EPO is grateful to those applicants and representatives who kindly agreed to the ad hoc conversion of their examination OPs to Zoom as part of our trial this spring.

          With effect from 1 October 2021, all OPs before the Receiving Section, the Legal Division and the Examining Divisions will thus be held exclusively by Zoom.

          The EPO has decided to decommission Skype for Business as of 1 October 2021. Any OPs already scheduled to take place via Skype for Business will thus be converted to Zoom as of that date. Users are therefore encouraged to take all necessary steps to adapt their videoconferencing tools accordingly, as this platform may also be used for personal consultations.

        • German patent judges predict few changes to automatic injunction [Ed: Patent law in Germany seems to be shaped by special interests, not ordinary Germans with their national or personal benefit in mind]

          According to Berlin’s political insiders, seldom has a new law in Germany seen so much lobbying and outside influence. Especially, they say, one which is so relevant to business. Finally, last week, the German Bundestag approved the new patent law. But in the end, many wonder if such focus was worth the effort.

          Over the past three years, the §139 reform – which sets out the automatic injunction in German patent proceedings – has inspired particular passion in stakeholders. It is a central pillar of the German patent procedure, which patent owners globally consider very attractive.

          Proponents of the reform left no stone unturned in their efforts to soften the automatic injunction. Opponents tried to prevent this by all-political means. Above all, supporters included automobile and telecommunications industries.

          On the other hand, SEP holders such as Ericsson, Nokia and large parts of German industry – but also many patent judges – claimed that everything should remain the same.

        • FOSS Patents: German patent judges dispel any doubts that might have existed: injunctive relief continues to be readily available to prevailing patentees

          An international IP-specialized publication that I’ve mentioned on a variety of more positive occasions was totally off-base with the following headline on June 11: “Germany’s automatic injunction regime for patent cases looks set to end”

          That headline is just as wrong as Dewey Defeats Truman was back in the day. There was a procedural juncture last September when I thought the pendulum had swung against the automatic patent injunction regime, but that impression didn’t last long. By the time the German federal parliament held its final vote, we were long past the point at which one could doubt what the impact of the amended injunction statute (§ 139 PatG) would be.

          I’ve never seen a reporter from that publication in or near a German courtroom. That may explain this misconception. To be fair, the second sentence below the headline at least nuanced the fundamental misconception by noting that “[this] does not mean that major changes in practical terms are guaranteed.” That portrayal of the situation is not spot-on either, but a lot closer to accuracy than the headline.

        • Transport Zone Update: NPE litigation rate has nearly doubled since 2019 [Ed: They ought to say patent trolls rather than "NPE"]

          Since 2019, NPE-related Transport litigation has jumped from 41% to 77% overall in this zone.

          While the overall zone litigation is estimated to slightly decrease from 2020, NPE-related litigation has increased by 6% to 77%, reaching 2015 and 2016 levels.

        • Former Marks & Clerk partners set up new IP firm [Ed: Corrupt firm Marks & Clerk (yes, lawsuits over their corruption was successful) seems to be losing staff]

          Former Marks & Clerk patent attorneys Stephen Blake (46) and Douglas Rankin (41) have founded their own venture, Matter IP. With a mixture of expertise between them, including hi-tech patents and oil and gas technology, the two-person team will expand its employee base over the coming year.

          Stephen Blake began his career as an avionics engineer in the Royal Air Force, before completing a PhD in electronic engineering. Following this, he joined patent attorney firm Potter Clarkson, before moving to Page White & Farrer. He later joined Murgitroyd & Company.

          In 2011, Blake joined Marks & Clerk as a patent attorney, where the firm made him partner in 2015. During this time, Blake was a member of council of the European Patent Institute, as well as the managing partner of Marks & Clerk’s Birmingham office.

          Douglas Rankin began his career in-house as a product designer at Motorola. In 2009, Rankin joined Marks & Clerk as a patent attorney in its Aberdeen office, where his role included expanding this offering in Scotland. During their time at the firm, both Blake and Rankin were members on Marks & Clerk’s UK board.

          [...]

          The departure of Stephen Blake and Douglas Rankin from Marks & Clerk comes as former principle associate Jo Bradley also leaves to join Kilburn & Strode. At the latter UK patent attorney firm, which Bradley has joined as partner, she will focus on life sciences and chemistry.

          Marks & Clerk’s UK managing partner, Simon Mounteney, says, “Our current practice is unaffected by these departures and our clients have not been impacted.”

        • UV (non)protection: Commentary on EPO decision T 2275/18 [Ed: Profoundly corrupt 'law' firm Marks & Clerk (they break the law) won't tell you that those courts are stacked and controlled by those whom they rule on]

          We all know that it is important to protect our skin from the sun, but can we obtain protection for our suncream? The recently published decision T 2275/18 from the European Patent Office considers the extent to which a method of using a composition that provides UV protection can be patentable.

          It is well established that methods of treatment by surgery or therapy are excluded from patentability in Europe. In this decision, the Board of Appeal consider whether a method of applying a composition that provides UV protection is always inherently therapeutic and therefore not patentable according to Article 53(c) EPC.

          The case concerns an appeal filed by an opponent against a decision of the opposition division to reject claim 14 of the main request of EP2934458. The patent in question relates to an active mixture containing butyl methoxydibenzoylmethane (BMDM), a known UVA screening agent.

        • Supreme Court 2021 [Ed: Patent litigation firms' operative Dennis Crouch hoping to somehow salvage something out of SCOTUS in pursuit of more fake patents, i.e. frivolous litigation]

          We have one remaining Supreme Court patent case this term: Minerva Surgical Inc. v. Hologic Inc. (Supreme Court 2021) on whether the court will maintain the doctrine of assignor estoppel.

        • Software Patents

      • Trademarks

      • Copyrights

        • EU court rules in Telenet copyright case: ISPs can be forced to hand over some customer data use details

          Europe’s top court has ruled ISPs can be forced to hand over the details of customers who are alleged to have downloaded material illegally online – but only if they meet certain criteria.

          That’s the latest judgement in another case involving Cyprus-based Mircom International Content Management Consulting, and Belgian ISP Telenet.

          The complex case – which involves a number of legal arguments – appears to pivot on the balance between enforcement of IP rights and the data protection of the individuals accused of infringing them.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

This post is also available in Gemini over at:

gemini://gemini.techrights.org/2021/06/23/good-news-from-scotus/

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. Links 4/8/2021: Mesa 21.2 and Kaisen Linux Rolling 1.8

    Links for the day



  2. Links 4/8/2021: Audacity as Spyware and PCLinuxOS Updates

    Links for the day



  3. Destroying Freenode Was Not the Objective, But That's Just What Happened

    Killing Freenode was certainly not what Andrew Lee wanted, but Lee will be remembered as the person whose takeover basically led to the end of Freenode; it's in disarray



  4. GNU/Linux Users, Developers and Advocates Being Painted as Unruly and Rude by Corporate Media Looking to Undermine Software Freedom

    Corporate media, funded by companies that nonchalantly oppress people, would have us believe there's something wrong with people who reject corporate masters in their computing; reality, however, suggests that it is a wholly false narrative induced or cemented by endless repetition, so this framing ought to be rejected outright



  5. IRC Proceedings: Tuesday, August 03, 2021

    IRC logs for Tuesday, August 03, 2021



  6. The Free Software Community Needs Solidarity and Stronger Resistance Against Corporate Oligopolies With Their Overlapping Interests

    Linus Torvalds and Richard Stallman (RMS) do not have to be idolised ("cult of personalities") but they definitely need to be defended from a longstanding and ongoing corporate coup, which the corporations seek to justify using nicer-sounding terms like "security" (that's how they justify added complexity such as Rust) or "safe space" (they're collectively insulting the community as if only employees of monopolies can help combat bigotry)



  7. Links 4/8/2021: More IBM Downtimes and Firefox Losing Many Users

    Links for the day



  8. Links 3/8/2021: DeaDBeeF 1.8.8, CrossOver 21, AMD and Valve Hook Up for GNU/Linux Work

    Links for the day



  9. Links 3/8/2021: LibreOffice Autoupdater and Vulkan in X-Plane

    Links for the day



  10. How the News About 'Linux' Gets Manipulated to Spread FUD and Promote the Competition of GNU/Linux

    We quickly examine the sorts of news one gets from Google 'News' when searching for “Linux” and we conclude that real news is occluded or missing



  11. The EPO is Europe's Largest Scale Scam (by Far the Largest)

    In another fine instance of deja vu, the biggest scammers are warning everybody else about lesser “scammers”; one might be tempted to call this “projection tactics” or deflection (staring at the mirror) which helps churn/flood the "news" section with tons of recycled old fluff (they could certainly use a distraction right now)



  12. Links 3/8/2021: Raspberry Pi ‘WeatherClock’ and IPFire 2.27 - Core Update 159

    Links for the day



  13. IBM's Attack on the Community and on GPL/FSF is an Attack on Red Hat's Greatest Asset

    Ever since IBM bought Red Hat it has repeatedly attacked the FSF (in a malicious and personified fashion), looking for its own ‘copyright grab’ whilst outsourcing loads of code to proprietary software monopolisers who attack the GPL; by doing so, IBM is destroying the value of what it paid more than 30 billion dollars for (IBM is governed by pretentious fools, according to IBM insiders; they’ve already lost Red Hat’s longtime CEO and IBM’s new President), so it’s falling back on openwashing of IBM's proprietary software with help from the so-called ‘Linux’ Foundation



  14. Four Weeks of Non-Compliance: EPO Only Accepts Courts That It Rigs and Controls

    Compliance is for suckers, believes the “Mafia” which runs the EPO; it is not even responding (for three weeks!) to letters from the victims who won the cases; this is bad for Europe's image and it sets a dangerous precedent



  15. Seven Eleven: 11 is to 10 What 7 Was to Vista

    Microsoft is, as usual, aggressively manipulating/bribing the media (hyping up a shallow version inflation along with paid-for vapourware advertising) while strong-arming the market; there’s no other way they can compete anymore



  16. IRC Proceedings: Monday, August 02, 2021

    IRC logs for Monday, August 02, 2021



  17. Links 3/8/2021: Nitrux 1.5.1 and Gerbera Media Server 1.9.0

    Links for the day



  18. Links 2/8/2021: XEyes 1.2 and Fwupd 1.6.2 Released

    Links for the day



  19. Freenode is IRC... in Collapse

    Freenode is now down to just 13,194 online users, which makes it the 6th biggest IRC network. Months ago it was #1 with almost 6 times as many users as those below it. The graph above shows what the latest blunder has done (another massive drop in less than a week, with a poem and the all-time chart at the very bottom).



  20. Barrier and Synergy Can Work Together, Connecting Lots of Different Machines

    Barrier and Synergy can be configured to work properly in conjunction, though only provided different port numbers (non-default) are specified; in my current setup I have two computers to my right, working over Barrier, and two older ones on the left, working over Synergy; the video explains the setup and the underlying concepts



  21. Links 2/8/2021: Open Science in France and Zoom Pays to Settle Privacy Violations

    Links for the day



  22. It Almost Feels Like Battistelli Still Runs the EPO (by Extension/Proxy)

    The "Mafia" that destroyed the EPO is still being put in charge and is using the EPO for shameless self-promotion; it is never being held accountable, not even when courts demand remediatory action and staff seeks reparations



  23. [Meme] Vichyite Battistelli Committed Crimes and His Buddy António Snubs Courts That Confirm These Are Crimes

    Staff of the EPO is coming to realise (or reaching acceptance of the fact) that the spirit of Battistelli — not just people he left in charge of the EPO — dooms the Office and there’s no way out of this mess



  24. Links 2/8/2021: Linux 5.14 RC4 and 20% Growth in Steam

    Links for the day



  25. IRC Proceedings: Sunday, August 01, 2021

    IRC logs for Sunday, August 01, 2021



  26. Links 1/8/2021: LibreOffice 7.2 RC2 and Lakka 3.3

    Links for the day



  27. Was Microsoft Ever First in the Market?

    Confronting the false belief that Microsoft ever innovates anything of significance or is "first" in some market/s



  28. Links 1/8/2021: 4MLinux 37.0, IBM Fluff, and USMCA Update

    Links for the day



  29. Microsoft Knows That When Shareholders Realise Azure Has Failed the Whole Boat Will Sink

    The paranoia at Microsoft is well justified; they've been lying to shareholders to inflate share prices and they don't really deliver the goods, just false hopes and unfulfilled promises



  30. [Meme] Nobody and Nothing Harms Europe's Reputation Like the EPO Does

    Europe’s second-largest institution, the EPO, has caused severe harm/damage to Europe’s economy and reputation; its attacks on the courts and on justice itself (even on constitutions in the case of UPC — another attempt to override the law and introduce European software patents) won’t be easily forgotten; SUEPO has meanwhile (on Saturday, link at the bottom in German) reminded people that Benoît Battistelli and António Campinos have driven away the EPO’s most valuable workers or moral compass


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts