Kernel Space

• Linux 5.13.9

  I'm announcing the release of the 5.13.9 kernel.
  
  All users of the 5.13 kernel series must upgrade.
  
  The updated 5.13.y git tree can be found at:
  	git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.13.y
  and can be browsed at the normal kernel.org git web browser:
  
  https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...
  
  thanks,
  
  greg k-h
  

• Linux 5.10.57

• Linux 5.4.139

• Linux 4.19.202

• Linux 4.14.243

• Linux 4.9.279

• Linux 4.4.279

Instructionals/Technical

• Color STDERR in output

• SQLite DB Browser, How to Install and Use it on Linux
  

  In this article, we’ll show you how to install and use SQLite DB Browser to load a database file, browse the data, and run SQL queries.

  SQLite is is an open source self-contained, lightweight serverless relational database management system. It is a database, which is zero-configured, which means like other databases you do not need to configure it in your system.

• How to Stress Test Your CPU in Linux | Tom’s Hardware

  A key matrix for determining the vitality of a Linux distro, or the hardware that it runs on, is system performance. Depending on your purpose, you can choose from a variety of dedicated tools to monitor the different components such as CPU frequency, temperature and memory utilisation. But if you favour the CLI, like us, you’ll rather enjoy working with S-TUI.

  With S-TUI, which is an acronym for Stress-Terminal UI, you can simultaneously monitor CPU temperature, frequency, power and utilisation. The utility presents all the information graphically and can even be used to export the data into CSV files. Better still, you can configure S-TUI to automatically launch scripts when the values of any of the components being monitored breaches the defined threshold values. When coupled with stress, another command-line utility, S-TUI can also be used to stress-test your system.

• How to Install and Configure PostgreSQL on Ubuntu

  Relational database management systems (RDBMS) have proven to be a key component of many websites and applications, as they provide a structured way to store, organize, and access information.

  In this article, we will discuss PostgreSQL in detail, along with a step-by-step guide on installing and configuring PostgreSQL on Ubuntu.

• How to use PinePhone as a mobile hotspot

  I’ve recently started using my Android phone as a mobile hotspot with mixed results so instead, I’ve switched to using PinePhone as a hotspot with Manjaro Arm Linux with Plasma Mobile instead, and performance seems much more stable now.

  Early this year, I received Pinephone with PostMarketOS beta, and after playing with it a bit I did not do much with it so far. But in recent times, I’ve been staying in various places without WiFi, so I purchased a lost cost SIM card with a one-year cellular data plan to be able to work from any location using my Android 10 smartphone (Huawei Y9 Prime 2019) as a mobile hotspot. It works most of the time, but sometimes I have massive packet loss, and the only way to recover is to turn off and on the hotspot, and in some cases even reboot the phone. Playing with settings on the phone or my laptop did not help, so instead, I decided to make use of my PinePhone and use it as a mobile hotspot to see if things improved.

Desktop Environments/WMs

• K Desktop Environment/KDE SC/Qt

  • GSOC: Second Coding Period; Some Notes on the Catalog Repo. – Hiro’s Stuff

    As promised last time I’ll now go a little into the Catalogs Repository.

    Usually DSO catalogs are pretty static and rarely change due to the nature of their contents. But although galaxies do not tend to jump around in the sky, catalogs still get updates to correct typos or update coordinates with more precise measurement. Our primary catalog OpenNGC for example gets updates quite regularly.

    [...]

    After implementing the framework porting over all the existing catalogs to the new system, I went on to configure the KDE Invent CI to rebuild the catalogs upon changes. The CI artifacts are sync-ed to the KNewStuff data server for KStars periodically and users are able to update their catalogs to the latest version.

    To get the CI working I had to create a Docker image that encapsulates the more or less complicated build process for the KStars python bindings. This container is updated weekly by CI and is also suitable as a quick-and-easy development environment for new catalogs.

    That’s it for today but do not fret. This is not all that I’ve done. There’s still more to come including something that has to do with the following picture.

Devices/Embedded

• Open Hardware/Modding

  • This autonomous chess-playing robot will beat its human opponents nearly every time | Arduino Blog

    Almost done with his degree in mechanical engineering, Rose-Hulman Institute of Technology student Josh Eckels had the inspiration to put what he learned to the test by creating an AI-powered robot that plays chess against a human opponent. The system is essentially a giant cube fashioned from a series of aluminum extrusions placed at right angles with a large chess board at its base. At the top is a gantry made with a few metal rods and timing belts that slide the X axis and grabbing mechanism to the correct positions.

    Four total stepper motors were used to move the grabber, including one for the X axis, another for the Y axis, a motor that spins a threaded rod to lift the gripper, and a final motor that rotates to open or close it. All of these motors connect to a central Arduino that has a CNC shield on top. This is connected via a USB cable to a Raspberry Pi running the Stockfish chess engine.

Free, Libre, and Open Source Software

• Measuring The Fediverse

  Fediverse is what Diaspora, Mastodon, PeerTube and other federated social media altogether being called. These relatively new style of social networking is growing rapidly, as people demand more independence to their own hands, and now everyone of us can overview how large its growth or simply how big one part of it grows with nice statistics and charts. I hope this helps you to find a fediverse you want with either crowded or less crowded population. Let’s see!

• On the topic of community management, CoCs, etc. [Ed: CoCs are selectively and disproportionately enforced (to suit the enforcers, who make themselves immune), so IME common sense and discussion can achieve a lot more]

  Many people may remember that at one point, Alpine had a rather troubled community, which to put it diplomatically, resulted in a developer leaving the project. This was the result of not properly managing the Alpine community as it grew — had we taken early actions to ensure appropriate moderation and community management, that particular incident would never have happened.

  [...]

  It is not necessarily a requirement to write a Code of Conduct. However, if you are retrofitting one into a pre-existing community, it needs to be done from the bottom up, allowing everyone to say their thoughts. Yes, you will get people who present bad faith arguments, because they are resistant to change, or perhaps they see no problem with the status quo. In most cases, however, it is likely because people are resistant to change. By including the community in the discussion about its community management goals, you ensure they will generally believe in the governance decisions made.

  Alpine did ultimately adopt a Code of Conduct. Most people have never read it, and it doesn’t matter. When we wrote it, we were writing it to address specific patterns of behavior we wanted to remove from the community space. The real purpose of a Code of Conduct is simply to set expectations, both from participants and the moderation team.

  However, if you do adopt a Code of Conduct, you must actually enforce it as needed, which brings us back to moderation. I have unfortunately seen many projects in the past few years, which have simply clicked the “Add CoC” button on GitHub and attached a copy of the Contributor Covenant, and then went on to do exactly nothing to actually align their community with the Code of Conduct they published. Simply publishing a Code of Conduct is an optional first step to improving community relations, but it is never the last step.

• SaaS/Back End/Databases

  • Cassandra 4.0 finally out of the gates after being delayed for last-minute bug swat

    After an Apple engineer called an 11th-hour halt to the release, Cassandra 4.0 has finally launched flaunting newfound stability, speed and consistency, according to the open-source project’s users and contributors.

    The code for wide-column database – which has been popular as a distributed system with users including Apple, Instagram and eBay – officially went live today, around six years after 3.0′s debut.

    The developer community is said to have invested the time in wanting to make this the most stable release of the NoSQL system, and ship with no known bugs.

    Speaking to The Register in the run-up to launch, Vinay Chella, engineer and cloud data architect at Netflix, said the new model for streaming data between nodes made it between four and five times faster, accelerating the recovery from failed nodes, and reducing costs.

• Productivity Software/LibreOffice/Calligra

  • Week #9 – GSoC Weekly Report – 100 Paper Cuts

    GSoC progress for week #9.

    Diagonal borders now accessible from “Table Toolbar > Borders” tab in Calc

    Calc has diagonal borders feature in Format > Cells… > Borders tab and (Sidebar Tab) Properties > Cell Appearance. However, this feature wasn’t exist in “Table Toolbar > Borders” tab. With commit https://gerrit.libreoffice.org/c/core/+/119685, Calc can draw diagonal left and diagonal right borders from table toolbar. \o/

• FSF

  • GNU Projects

    • GNUnet 0.15.0 released

      We are pleased to announce the release of GNUnet 0.15.0.
      This is a new major release. It breaks protocol compatibility with the 0.14.x versions. Please be aware that Git master is thus henceforth INCOMPATIBLE with the 0.14.x GNUnet network, and interactions between old and new peers will result in issues. 0.14.x peers will be able to communicate with Git master or 0.14.x peers, but some services – in particular GNS – will not be compatible.
      The MESSENGER service goes out of experimental to be used by libraries and applications as dependency. It handles decentralized messaging in flexible groups by using the CADET service and messages can be signed with your ego from the IDENTITY service. The service is still in an early stage, so its protocol (currently version 0.1) will likely adapt or change in future releases to some degree.
      In terms of usability, users should be aware that there are still a number of known open issues in particular with respect to ease of use, but also some critical privacy issues especially for mobile users. Also, the nascent network is tiny and thus unlikely to provide good anonymity or extensive amounts of interesting information. As a result, the 0.15.0 release is still only suitable for early adopters with some reasonable pain tolerance .

    • 2021-8: Code Blau GmbH deploys first external Taler auditor

      We received a grant from NLnet foundation with the goal to qualify Code Blau GmbH to act as an external auditor for GNU Taler. To do this, we created a guide that describes how to deploy a Taler auditor and then practiced the steps using the existing Taler exchange deployment at BFH. Code Blau wrote a report detailing all the steps taken. Finally, we have created a draft of the kind of business agreement that Code Blau would enter with banks operating the Taler payment system. We thank CodeBlau for their work, and NLnet and the European Commission’s Horizion 2020 NGI initiative for funding this work.

• Openness/Sharing/Collaboration

  • Open Data

    • What I love about OpenStreetMap

      This month is the 17th birthday of OpenStreetMap (OSM), a community-owned collaborative geographic database of the world. This cool database was inspired by the success of Wikipedia and the (rather annoying) predominance of proprietary map data. With over two million registered users and growing, many collect and provide data from GPS devices or local knowledge of the mapping area. OSM also has established a model for non-governmental organizations to collaborate with international organizations. A notable example of this, during the 2010 Haiti earthquake, OSM and Crisis Common volunteers using available satellite imagery to map the roads, buildings, and refugee camps of Port-au-Prince in just two days built the most complete digital map of Haiti’s roads. This is known as Crisis mapping and is a real-time way to have people contribute and create situational awareness of the surroundings for the citizens and any humanitarian aid groups.

      I find all of that absolutely amazing and interesting, so let’s talk about all the cool ways you can view and contribute to populating information into the database.

Hardware

• Brain-inspired highly scalable neuromorphic hardware

  Researchers fabricated a brain-inspired highly scalable neuromorphic hardware by co-integrating single transistor neurons and synapses. Using standard silicon complementary metal-oxide-semiconductor (CMOS) technology, the neuromorphic hardware is expected to reduce chip cost and simplify fabrication procedures.

• The Register just found 300-odd Itanium CPUs on eBay • The Register

  In January 2019, Chipzilla issued an advisory [PDF] warning that last orders for the CPU must be lodged by January 30, 2020, and that final shipments would head out the door on July 29, 2021.

  Which was yesterday.

  So concludes an odd story that started in the age of the minicomputer, when the likes of pre-split HP, Data General, Wang, and Prime dominated the server market with machines based on their own proprietary products.

  By the mid-1990s, HP was worried that the minicomputer market was running out of steam because customers feared proprietary architectures would limit their software choices and lock them in to expensive ecosystems. But Sun was still in business, IBM never gave up on proprietary architectures, and DEC was telling anyone who would listen that its leap into the then-exotic realm of 64-bit CPUs with its Alpha platform represented a huge step forward.

Integrity/Availability

• Josh Bressers: Episode 283 – When vulnerability disclosure becomes dangerous

  Josh and Kurt talk about a very difficult disclosure problem. What happens when you have to report a vulnerability to an ethically questionable company? It’s less simple than it sounds, many of the choices could end up harming victims.

• Ordinary salaried Brits: Sweet! Payday! Banking giant HSBC: Oh no it isn’t • The Register

  According to Downdetector, users started reported problems between 8 and 9am BST this morning just as many were starting their day’s work.

  It’s not clear at this stage what’s behind the outage, prompting some to criticise the lack of information from HSBC.

  HSBC’s status page suggests that the bank’s systems are all functioning well. But that doesn’t chime with what some customers are experiencing.

• Proprietary

  • Pseudo-Open Source

    • Privatisation/Privateering

      • Linux Foundation

        • MaterialX project starts in the incubation phase at the Academy Software Foundation

          The Academy Software Foundation (ASWF) has accepted MaterialX as its seventh Foundation-hosted project. ASWF was founded to provide a selected set of open source code for content creation. Those technologies are available as open-source resources, meaning they are free to everyone, including source code and can be updated and changed. The ASWF was founded to maintain the code and handle changes through a controlled process. MaterialX is an open standard for the transfer of rich material and look-development content between applications and renderers.

  • Security

    • Got a cheap Cisco router in your home office? If it’s one of these, there’s an exposed RCE hole you need to plug

      Cisco has published patches for critical vulns affecting the web management interface for some of its Small Business Dual WAN Gigabit routers – including a 9.8-rated nasty.

      The two vulnerabilities affect the RV340, RV345, RV340W, and RV345P products, which are aimed at SMEs and home office setups. Attackers abusing them on unpatched devices are able to execute arbitrary code and also force reboots of affected routers, causing a denial-of-service condition.

      CVE-2021-1609, rated 9.8 on the CVSS v3.1 scale, allows attackers to “remotely execute arbitrary code” thanks to improper validation of HTTP requests, according to Cisco’s advisory.

      Similarly, CVE-2021-1610 (advisory also available at the link above) is a command injection vuln allowing attackers to run arbitrary commands as root – again, because “HTTP requests are not properly validated.” This one’s rated at 7.2 on the CVSS v3.1 scale.

    • Google Play puts Android apps on notice: No naughty JavaScript, Python, Lua

      Google’s pending Play Store policy changes are bringing various privacy improvements – but also include a security enhancement and disclosure requirement that deserve mention.

      First, there’s a specific ban on the deceptive use of interpreted languages like JavaScript, Python, and Lua. This is more of a refinement and tightening of prior policy than a new rule.

      Starting October 15, 2021, Google said, “We’re clarifying the Device and Network Abuse policy to prohibit apps or SDKs with interpreted languages (e.g., JavaScript) loaded at run time from violating any Google Play policies.”

    • Das tut mir leid! Germany’s ruling party sorry for calling cops on researcher after she outed canvassing app flaws

      A “left-wing” German infosec researcher was this week threatened with criminal prosecution after revealing that an app used by Angela Merkel’s political party to canvass voters was secretly collecting personal data.

      Germany’s respected Chaos Computer Club (CCC) announced it would stop reporting any weaknesses in the centre-right wing Christian Democratic Union’s (CDU) web-facing infrastructure to the party after it procured a criminal prosecution against Lilith Wittmann.

      “I got an email from the Cyber Security Police of Berlin,” she told The Register. “Could you please provide us your address, so we can send you… legal documents? And then I was like, that’s weird. I didn’t do anything wrong. Let’s tweet about that. Let’s find a lawyer who can look into that.”

      Although the prosecution is due to be withdrawn after an apology from the CDU, the episode shines a light on some German politicians’ attitudes to vulnerability disclosures.

    • Credit-card-stealing, backdoored packages found in Python’s PyPI library hub

      Malicious libraries capable of lifting credit card numbers and opening backdoors on infected machines have been found in PyPI, the official third-party software repository for Python.

      That’s according to the JFrog security research team, which documented its findings here at the end of last month.

    • We can’t believe people use browsers to manage their passwords, says maker of password management tools

      It seems some of us are, in the year of our lord 2021, still reusing the same password for multiple sites, plugging personal gear into work networks, and perhaps overly relying on browser-managed passwords, judging from this poll.

      ThycoticCentrify, formed from a merger between two computer access management firms, said it surveyed about 8,000 people, and reports just under a quarter admitted they reuse passwords across multiple websites – a cybersecurity no-no because it opens you up to credential stuffing.

    • Make-me-admin holes found in Windows, Linux kernel [Ed: Spin attempting to create an illusion of parity on security]

    • Privacy/Surveillance

      • Remember Google Plus? Remember its privacy blunder? Remember applying for a slice of a settlement?

        Check your bank accounts this month. A settlement payment from Google, regarding a privacy hole in its now-defunct Google+ social network, may be winging its way to you. All $2.15 of it.

        The vulnerability in question was in the Google+ People API. It could have been exploited by third-party apps to swipe people’s personal information, such as their names, email addresses, genders, and ages, even if this data wasn’t publicly visible.

        At first it was thought 438 apps could have siphoned off the records from up to 500,000 users. It was later discovered that actually a whopping 52.5 million accounts were at risk. It’s believed no data was actually stolen by apps.

Defence/Aggression

• Israeli authorities investigate NSO Group over Pegasus spyware abuse claims

  Israel’s Ministry of Defense says the nation’s government has visited spyware-for-governments developer NSO Group to investigate allegations its wares have been widely – and perhaps willingly – misused.

Environment

• Paperless office? 2.8 trillion pages printed in 2020, down by 14% or 450 billion sheets [Ed: Cars cause vastly more damage to the planet. Let people work from home, whenever/wherever possible; reduce production of cars and reduce air pollution (which kills more than COVID-19 does, shows the science)]

  Around 450 billion fewer pages were printed from home and office devices in 2020 as COVID-19 disrupted the world of work.

  The direction of travel has been obvious in recent times: people were printing less even before the pandemic took hold, but the decline was sharper last year as volumes plunged 14 per cent on 2019 levels to a total of 2.8 trillion pages, according to IDC.

Civil Rights/Policing

• eBay ex-security boss sent down for 18 months for cyber-stalking, witness tampering • The Register

  The former global security manager for eBay was sentenced on Tuesday to 18 months in prison and was ordered to pay a $15,000 fine for his role in the cyber-stalking and harassment of a Massachusetts couple who published a newsletter critical of the internet yard sale.

  Philip Cooke, a police captain in Santa Clara, California, prior to his employment at eBay, was the last of seven former employees of the company charged by the US Department of Justice in 2020 for alleged involvement in a scheme to threaten and silence Ina and David Steiner, who publish the web newsletter and website EcommerceBytes.

Internet Policy/Net Neutrality

• On its 30th anniversary, the Internet now has 1,8 billion websites

  It’s 30 years since Tim Berners Lee, a young English software engineer, launched the world’s first website, while working at CERN, the European Organization for Nuclear Research.

  Most people who search on Google, share on Facebook and shop on Amazon have never heard of Sir Tim Berners-Lee. But they might not be doing any of those things had he not invented the World Wide Web.

  In1989, Berners-Lee began working on ways to identify digital objects and retrieve them through browser software capable of rendering graphics and other images.

  He published a proposal on March 12, 1989, opening the way to a technological revolution that has transformed the way people buy goods, share ideas, get information and much more.

• Thoughts on the 30th anniversary of the World Wide Web [Ed: Avast uses the WWW's anniversary to push proprietary skakeoil]

• 1.8 billion websites: Internet marks its 30th anniversary | Daily Sabah

  Most people who search on Google, share on Facebook and shop on Amazon have never heard of Sir Tim Berners-Lee. But they might not be doing any of those things had he not invented the World Wide Web.

  It’s 30 years since the young English software engineer launched the world’s first website while working at CERN, the European Organization for Nuclear Research.

  Starting in 1989, Berners-Lee began working on ways digital objects could be identified and retrieved through browser software capable of rendering graphics and other images.

  He published a proposal on March 12, 1989, opening the way to a technological revolution that has transformed the way people buy goods, share ideas, get information and much more.

Digital Restrictions (DRM)

• Tangent Animation Shuts Down Production. As Many As 400 People Laid Off [Ed: Netflix only works for Netflix with DRM for monopoly]

  Tangent Animation, a studio in Toronto and Winnipeg, announced yesterday that they were shutting down production on all projects. The unexpected news came as a likely shock to staffers, who were working on multiple feature film projects for Netflix at the time.

Monopolies

• Patents

  • DABUS: legal team reveals winning strategy and long-term hopes [Ed: Of course the patent propaganda mill is over the moon, seeing that patents are now being granted to bots as well]

    Counsel from South Africa, Australia and beyond explain what recent legal wins mean for AI inventorship

  • If machines can be inventors, could AI soon monopolise technology? [Ed: Crisis of legitimacy for the entire patent system]

  • Conflict of interest: how five firms make close calls [Ed: This publisher fails to disclose its own conflict of interest; it's sponsored by the mass-litigation cartel to become a one-sides propaganda mill in "news" clothing]

    US lawyers weigh whether firms should advise both innovator and generic pharma companies, and whether competitors can be too close to advise

  • Counsel: what the USPTO should do about mass bad-faith filings [Ed: A race to the bottom against China benefits nobody but the litigation cartel; moreover, it looks like such laws are becoming obsolete because of misuse]

    The USPTO could pressure the government on China, introduce expedited petitions and even require narrower filings, say sources

  • What law governs your without prejudice settlement discussions?

    Autostore sued Ocado for patent infringement in England relating to automated storage technology. Ocado denied infringement and counterclaimed that the patents were invalid. As well as in England, proceedings were also taking place in Germany, before the European patent office, in two states in the U.S., and in the ITC. Ocado was claiming in the ITC that Autostore made certain statements about the scope of the invention that Ocado relied on when designing and importing its products to the U.S. market. To rebut this, Autostore wanted to deploy, before the ITC, evidence of settlement discussions that took place in London. Ocado sought an injunction from the English court to prevent this.

  • Judge Albright will Keep the Google and Apple cases [Ed: Texas facilitates gross abuse of the courts for the sole purpose of treating cases like a private business rather than a matter of law]

    Even though Apple has a $1 billion Austin Texas Campus and 8,000+ employees within the district, the company argued that litigating a patent case within the district would be truly inconvenient. In a prior decision, the Federal Circuit held that Apple’s extensive presence within the district should not be given much weight. In re Apple Inc., 979 F.3d 1332 (Fed. Cir. 2020). I would argue that decision was clearly wrong for convenient venue purposes. The real answer here is that the plaintiff (Koss Corp) shopped for Judge Albright and the defendant is shopping for a different Judge (any other judge). In a short opinion, the Federal Circuit has denied mandamus — finding that Apple did not show entitlement to the “extraordinary relief” of mandamus.

  • Lithium Australia subsidiary receives cathode powder patent

    The VSPC process that was granted the new patent is called ‘Method for making lithium metal phosphates’ and will provide the company with 20 years of intellectual property [sic] (IP) rights [sic] in Australia. VSPC plans to get global patent protection of this IP.

  • The Supreme Court Provides a Different Fix to Make APJs Inferior Officers [Ed: Patent litigation firms want the quality of patents to deteriorate so they can profit from more lawsuits and PTAB cannot get in their way]

    On June 21, 2021, in United States v. Arthrex, the United States Supreme Court ruled that Patent Trial & Appeal Board (“PTAB”) Administrative Patent Judges (“APJs”) are unconstitutionally appointed because they effectively wield the power of principal officers while being appointed as inferior officers. 594 U.S. ____ (2021).

    The primary question before the Supreme Court was whether APJs, who have the authority to conduct adversarial proceedings and issue decisions regarding the validity of patents, are principal officers or inferior officers. Under the Appointments Clause, U.S. Const. Art. II, § 2, Cl. 2., principal officers must be appointed by the President with the advice and consent of the Senate. Inferior officers may be appointed by the President or by a department head, without Senate approval.

    The United States Patent & Trademark Office (“USPTO”) is an executive agency within the Department of Commerce, and the PTAB is therefore an executive adjudicatory body. Only the Director of the USPTO is a principal officer. APJs are inferior officers whom the Secretary of Commerce (a department head) appoints. APJs whose appointments qualify them as inferior officers cannot have the authority of a principal officer without violating the Constitution.

  • Raising the rainbow flag in The Hague [Ed: Shameless pinkwashing by first-class criminals who engage in major corruption (EPO managers).]

    As the summer of Pride continues and the city of Amsterdam marks 25 years of Pride celebrations, the Office expresses solidarity with Lesbian, Gay, Bisexual, Transgender and Queer (LGBTQ+) communities by flying the rainbow flag in The Hague (Patentlaan 2, 2288 EE Rijswijk).

  • Taliens gains new partner following second Pinsent Masons departure [Ed: JUVE doing ads disguised as ‘articles’ again. How is the hiring of one person actual “news”? One story a day, they never cover EPO corruption, and somehow this is “news”? JUVE became like a link farm]

  • Gilead warns of coun­ter­feit HIV pills cir­cu­lat­ing in some US phar­ma­cies [Ed: Patents have made some drugs so supremely expensive that the incentive to do this grows]

    Gilead is warn­ing pa­tients and health­care pro­fes­sion­als to be on the look­out for tam­pered and coun­ter­feit ver­sions of its HIV med­i­cines Bik­tarvy and De­scovy, which have made their way in­to some US phar­ma­cies.

    The phar­ma said on Thurs­day that unau­tho­rized dis­trib­u­tors have sold the im­i­ta­tion drugs to phar­ma­cies, where gen­uine Gilead bot­tles have been tam­pered with fake foil in­duc­tion seals — those “lift-and-peel” stick­ers you see on bot­tle open­ings — or la­bels, and con­tain the wrong tablets.

    “The safe­ty of in­di­vid­u­als tak­ing Gilead med­ica­tion is al­ways our first pri­or­i­ty,” Gilead CMO Mer­dad Parsey said in a state­ment. “We are tak­ing ag­gres­sive ac­tion to en­sure that health­care providers and peo­ple who re­ly on our med­i­cines can con­fi­dent­ly dis­tin­guish au­then­tic Gilead prod­ucts from coun­ter­feit drugs.”

  • FOSS Patents: Intel points Judge Albright to developments in Delaware: does the chipmaker have a license defense to the $2.2B patent damages verdict?

    VLSI Technologies won a patent infringement trial against Intel in the Western District of Texas in March, and lost (because it failed to establish infringement) another one in April. A third VLSI v. Intel trial has been pushed back from the summer to December.

    Judge Alan Albright has not yet entered a final judgment further to the March and April jury verdicts. In the first case (the one with the $2.2B record verdict), Intel is fighting hard and has raised a number of issues in its post-trial motions, demonstrating to the trial court that it can easily be reversed on appeal if it doesn’t order a retrial or make similarly impactful decisions now. In the second case, VLSI would like another chance to prevail.

  • No special rules for SEPs: the value in dispute of a patent in German nullity proceedings will usually be tied to the value set in parallel infringement proceedings, also if it is an SEP – Kluwer Patent Blog

    The German Federal Court of Justice (FCJ) confirmed that for setting the value in dispute of nullity actions on standard essential patents (SEPs) the well-established general rule applies, i.e. in the absence of special circumstances the value is 125% of the value of the infringement action(s) on the same patent (Order of May 11, 2021, case no. X ZR 23/21, English translation available here). The value in dispute (Value) is the basis for calculating court fees and the amount of reimbursable attorney fees in German court proceedings according to an statutory tariff. In its order, the FCJ lowered the Value for the appeal to EUR 1,875,000 instead of EUR 30 million (i.e. the statutory maximum) previously set by the Federal Patent Court (FPC).

    In Germany, court proceedings for patent infringement are separated from those for ruling on validity (nullity proceedings). Thhus, a Value needs to be set for each of the proceedings. In patent infringement proceedings, the Value considers the damage that the patentee will suffer if the infringement continues, plus past damages if claimed. For nullity proceedings, it is long-standing case law that the Value should correspond to the patent’s fair market value at the time the action is filed plus the amount of damages incurred up to that time. The established practice is that the Value of a nullity action is usually to be set at 125% of the Value(s) of parallel infringement proceedings. This surcharge of 25% is intended to take into account the patentee’s own use of the patent.

    [...]

    Perhaps – hope dies last – this decision may even prompt the Federal Patent Court to reconsider its previous decision practice where quite frequently pretty high Values were pretty freely estimated by the Court based on factors such as turnover figures (to the extent they are known), assumed prices of goods, assumed royalty rates, estimated breadth of the patent and remaining life time. Particularly the alleged breadth of a patent was sometimes overrated by the court, at least in our opinion. An unforgettable exemplary case was the order in 3 Ni 22/09 (EU) (unpublished), where despite several extraordinary appeals of the plaintiff, who had withdrawn his nullity action, the Value was fixed and maintained at 20 million EUR. The FPC stuck to this calculation even after it had been informed that the entire world-wide family of the patent in suit was acquired by plaintiff for 7 million EUR and the Value in infringement proceedings had been set at around 1 million EUR. Unfortunately, for the plaintiff in this case, no appeal to the FCJ was possible anymore, as the nullity proceedings on the merits had already been terminated.

  • Software Patents

    • Epic Tech, LLC v. Fusion Skill, Inc. (S.D. Tex. 2021)

      In the U.S. District Court for the Southern District of Texas (Houston Division), Plaintiff Epic Tech, LLC (a seller of so-called “sweepstakes games”) sued Defendants Fusion Skill, Inc. and Texas Wiz, LLC for infringement of U.S. Patent Nos. 9,589,423 and 8,545,315 with the distribution of gaming systems similar to Epic Tech’s sweepstakes games.

      The two patents at issue are related to the play of sweepstakes games. The first patent (the ’423 patent) is directed to a method of conducting a sweepstakes game in which a computer-based system operating the game immediately determines and credits a player’s account with any prize earned before showing the user the results of the game. According to Epic Tech, this method is beneficial because it “further reinforces to regulators that the prizes are predetermined and that there is no chance or skill involved in the simulated game.”

      [...]

      Again, the Court found that the ’315 patent “flunks” Alice step one. Like the ’423 patent, the ’315 patent expressly describes itself as directed to methods, but does not claim any novel usage or configuration of computer hardware or software.

      Next, under Alice step two, the Court found that the ’315 patent cannot survive. Here, the ’315 patent merely describes a set of steps that could be performed by any computer—or a fast-moving store clerk—without adding any novel or inventive step.

      The ’315 patent claims a method of operating two games simultaneously in which the second game is triggered by certain conditions in the first game. If the ’315 patent described some technologically innovative mechanism by which the second game is triggered, it might well be inventive. But, it does not. Rather, it simply claims the idea of putting two computers next to each other and having the second computer initiate a game if the first computer produces a winning result. That idea is abstract and thus unpatentable.

      Epic Tech contended that the ’315 patent’s processes cannot be performed solely by humans because the patent claims a system that “independently control[s]” the game-in-game and “takes no input from the individual human players playing on the gaming terminals.”

      But the Court found that a human is perfectly capable of independently running a basic game of luck without taking input from a human player—in fact, that is what a casino’s croupiers do every day. In any event, the question is not whether the patent claims a process that cannot be performed by a human, but whether the patent claims a non-ordinary process.

Audiocasts/Shows

• GNU World Order 420

  **help2man** , **indent** , **kernel headers** , **intltool** , **libtool** from the **d** software series in Slackware.

• This Week in Linux 163: Steam Linux Marketshare, PulseAudio, CodeWeavers, Paragon NTFS, Latte Dock – TuxDigital

  On this episode of This Week in Linux, Linux Marketshare Hits 1% on Steam Hardware Survey. CodeWeavers announce the latest release of CrossOver 21.0. PulseAudio 15.0 has been released. We check out a new Desktop Environment with UnityX 10. There’s some Linux Kernel this week with Paragon’s NTFS Driver might make it into the kernel. In App News, we check out Latte Dock 0.10, Gerbera Media Server, and Cozy Audiobook Player. All that and much more on Your Weekly Source for Linux GNews!

• systemd Dependencies & Ordering | systemd on Linux 4

Kernel Space

• Arm SMCCC TRNG Driver Queued Ahead Of Linux 5.15 – Phoronix

  The Linux kernel already supports making use of Arm’s True Random Number Generator (TRNG) SMCCC interface within the random seed code while for the upcoming Linux 5.15 cycle an “arm_smccc_trng” driver is being added and will allow exposing the entropy to user-space.

• Graphics Stack

  • Intel Has A Huge Batch Of New Graphics Driver Code For Linux 5.15 – Phoronix

    Intel engineers on Friday submitted a big batch of kernel graphics driver improvements to DRM-Next for queuing ahead of the Linux 5.15 merge window.

    This latest Intel Linux graphics pull request has DG2 graphics card enabling, initial work on XeHP, DRM scheduler preparations, getting TTM memory management now ready for discrete GPU systems, and other bleeding edge hardware work.

Applications

• 8 Best Free Evernote Alternatives for Linux 2021 (Note Taking Apps)

  No doubt that Evernote is a good app to take notes that can be used across Windows, macOS, and other smartphone OS such as Android. The only problem it caters is that it does not have an official Linux note-taking app, that is sad I know! It too has ignored it like many others. You might use it in the browser but it does not provide the offline capability.

  As it decided not to entertain users of this platform, it does not mean you are left out! Today I have put together a list of the top 8 best Evernote Linux alternatives for 2021 that are both open-source and free to download just because of that.

Instructionals/Technical

• How to Export a 2D illustration of a 3D model in OpenSCAD

  I’ve been getting into OpenSCAD lately—I’d rather wrestle with a text-based 3D modeling application for more dimensional models than fight with lockups of Fusion 360!

  One thing I wanted to do recently was model a sheet-metal object that would be cut from a flat piece of sheet metal, then folded into its final form using a brake. Before 3D printing the final design, or cutting metal, I wanted to ‘dry fit’ my design to make sure my measurements were correct.

• How to Install WP-CLI on Linux Server for WordPress – LinuxCapable

  WP-CLI is the command-line interface for WordPress. The WP-CLI is a tool that enables you to interact with your WordPress site directly by using commands in a text-based interface. It’s also very comprehensive, featuring a wide variety of potential commands. Almost anything you can do on the back end of your site, you can do much faster using the WP-CLI.

• How to check if Intel Hyper-Threading is enabled in Linux

  Hyper-Threading is an Intel’s simultaneous multithreading (SMT) technology that is designed to improve execution parallelism of x86 CPU processors. With Hyper-Threading enabled, each physical core is represented as two “logical processors”, each of which can execute jobs concurrently while sharing resources of the physical core. When one logical processor is halted or interrupted, the other logical processor on the same core can steal resources from the stalled processor. Thus, Hyper-Threading is expected to improve overall CPU throughput, and is particularly useful for multi-threaded applications which involve a mix of CPU- and I/O-intensive workloads, such as video encoding, 3D-rendering, gaming, etc.

  [...]

  Hyper-Threading is a CPU processor feature. Hence typically you need to use BIOS settings to check whether or not Hyper-Threading is enabled. BIOS menu varies across different systems, and Hyper-Threading setting is typically found under “Advanced”, “Processors” or “Performance” related settings. For example, the Hyper-Threading control in Dell XPS 13 BIOS is shown below.

• Self-hosting Rocket.Chat With Docker [Complete Guide]

  Rocket.Chat is an open source communication platform ideal for collaboration among organizations, teams, or forum members.

  We use it for our internal communication at Linux Handbook and It’s FOSS and absolutely love it.

  Now, you may opt for a managed Rocket.Chat instance from the makers of Rocket.Chat itself. It would of course incur additional expenses, but you won’t have to put in extra effort in deploying Rocket.Chat, updating it and maintaining it. In addition, it helps the development of the Rocket.Chat project as well.

  If you want to avoid spending a lot or take matters in your hands with a ‘do it yourself’ approach, you may self-host Rocket.Chat on your server.

  In this tutorial, I’ll show the steps to deploy Rocket.Chat with Docker.

• How To Mount Microsoft OneDrive In Linux [Ed: But why give Microsoft your files and access to your system in the first place?]

  In simple term, Microsoft OneDrive is an answer from Microsoft to Google’s Drive. In this post, we will show you the process of mounting Microsoft OneDrive in Linux based operating systems.

  One of the drawback of Microsoft OneDrive is that it doesn’t have native client for OneDrive for Linux desktop. We do have solution for this too as we will be using third party driver to mount Microsoft OneDrive in Linux based operating system.

• Top 5 Best Free Android Emulators For Linux (2021) – Play Retro Titles

• [Old] Ping metrics as graphs

  Having multiple ping targets gives you a pretty accurate view of the health of your [Internet] connection, and also any networking issues for the target devices themselves.

  If all the lines go up (latency increases), the problem is in your internet connection.

  However, if only one target you’re monitoring starts to act up, you know the problem is elsewhere. Maybe the device itself went down, or lost network connectivity?

Wine or Emulation

• CrossOver 21: MS Office for Linux runs better, macOS Monterey doesn’t yet [Ed: Automated translation]

  Wine 6.0 was released in January 2021. Among other things, the update included a Vulkan backend for WineD3D, expanded the implementation of the console and integrated the Media Foundation framework. The developers also continued their work on converting the libraries to the Windows binary format Portable Executable (PE).

  The Vulkan backend for WineD3D is aimed in particular at games and is now used by default for 64-bit applications with Direct3D 10 or 11 under macOS, provided DXVK is not activated. The latter is a translation layer between Direct3D and Vulkan. DXVK is now included in version 1.7.

  CrossOver is now included with Wine Mono, a free and cross-platform implementation of the .NET framework. As of macOS Big Sur 11.3, Xbox X / S and PlayStation 5 controllers also work with CrossOver 21.0.0 via Bluetooth. However, the package cannot be used with Monterey at all. The developers want to submit support later by the end of the year.

Games

• Linux Gaming Predictions for 2021: What Did You Think Back in April? – Boiling Steam

  Here’s another look at the survey results as collected back in April 2021. After looking at cloud gaming trends, hardware choice between AMD and Nvidia, and the usage of different game stores, we will use this time to focus on how respondents assessed different Linux Gaming predictions we published back in February 2021, about what would happen by the end of the year.

  [...]

  Most respondents did not believe this was going to happen. Only one out of four thought this was somewhat likely or very likely for SteamOS, and only about 18% for the hardware part. Turns out that this small minority guessed right, as it’s now very clear that Valve will achieve both by the end of the year following the introduction of the Steam Deck and its companion SteamOS 3.0.

• Imagine if you could customize the Steam Deck colours – try it out with this tool | GamingOnLinux

  With the upcoming Steam Deck from Valve only (currently) coming in one colour, it’s fun to imagine what it would look like if you could customize the casing colours – so let’s try it out.

  One of our readers Grady Vuckovic mentioned in our Discord Channel a little tool they made, which allows you to customize a few parts of a Steam Deck image and it actually works quite well. It’s been fun to play around with possible colouring and I can’t help but now actually want some official variants. Hopefully once the Steam Deck is out, perhaps we might see some fun skins to stick over it. It’s a portable after-all, we want to show it off right?

• Valve Steam Deck hands-on: the Nintendo Switch of PC gaming

  As one example, Valve says it’s planning to produce its own video to explain exactly what it means to open up the Steam Deck and access the internals, because that’s definitely a thing the company’s planning to let you do. (It has Philips-head screws.) We’d already heard you can swap the SSD, but reparability is very much on the company’s mind as well. Valve’s Greg Coomer says the company has a complete set of nuanced answers to your burning questions there.

• 0 A.D. Alpha 25 Released For This Open-Source RTS Game

  0 A.D. as the long in development real-time strategy game developed by Wildfire Games is out with its twenty-fifth alpha release.

  0 A.D. has been in development as open-source for more than one decade now (and original development being two decades old) while now out is Alpha 25 as their first alpha update in a half-year.

• Impressive free and open source RTS 0 A.D. Alpha 25 is out now | GamingOnLinux

  The twenty-fifth Alpha version of 0 A.D., a very impressive free and open source RTS is out now. Much earlier than usual since they managed to get over some development hurdles in the previous release. It remains is one of the most technically and visually impressive open source games around, and definitely one to take a look at if you love historical themed strategy games.

  With this release the code-name is Yaunã, an old Persian word for Ionians (Greeks).

Desktop Environments/WMs

• K Desktop Environment/KDE SC/Qt

  • Making Kalendar pretty — Kalendar week 9 (GSoC 2021)

    This week, we spent some time making Kalendar more pleasant to look at. We took some of your feedback from last week (thank you for your ideas!), and we think you will like what we have in store for you in this post.

    There’s another feature some of you have asked for that you will also see here.

Distributions

• New Releases

  • OSMC’s August update is here with Kodi v19

    It’s been a while since we released an update. We’ve been very busy behind the scenes and we’re now happy to announce the availability Kodi v19 for all OSMC supported devices (note that these have changed, as explained below). It took a lot of time and effort from a large number of developers to release this stable update and get things to a place where we want it.

    It’s impossible to cover everything. This is our largest update ever in the seven years that the OSMC project has existed, and we’ve got a lot to cover, so let’s dive in.

• BSD

  • scp(1) changes in snaps

    Just a head-up: snaps currently contain a set of changes[1] to make scp(1) use the SFTP protocol by default. This has a number of advantages, mostly relating to the improved security that comes from avoiding the use of a protocol that shambled out of the 1980s (SCP/RCP).

  • OpenBSD on the Framework Laptop

    Framework is a new company offering a laptop that is designed to be repairable and upgradeable, both in terms of internal components like the screen and motherboard, and in pluggable expansion cards.

• IBM/Red Hat/Fedora

  • Qualys scans Red Hat Enterprise Linux CoreOS on Red Hat OpenShift to reduce risk – Help Net Security

    Qualys announced it has collaborated with Red Hat to drive greater security for both the container and host operating system for Red Hat OpenShift.

  • Red Hat tells U.S. workers they must be vaccinated to come to the office

    Raleigh-based open source software firm Red Hat is the latest Triangle-based employer to require a vaccine for non-remote work.

    In a blog post published Friday by Jennifer Dudeck, Red Hat’s senior vice president and chief people officer, the IBM (NYSE: IBM) subsidiary said that starting Monday Red Hatters working at Red Hat Tower in downtown Raleigh – as well as other locations in the United States – must be vaccinated.

Devices/Embedded

• Mobile Systems/Mobile Applications

  • How to connect an Xbox Wireless Controller to Android | Tom’s Guide

  • How to enable Google’s Heads Up feature on your Android phone | Android Central

  • Google Lens for Desktop takes a cue from Android by adding region search capabilities

  • Android: Sideloading Made Easy – This Is How APK Files Can Be Installed Via PC Browser

  • Video of ten-year-old Samsung Galaxy S2 running Android 11 will remind power users of Android’s glory days – NotebookCheck.net News

  • New laptops from Redmi, LG; Realme brings magnetic charging to Android; Amazon’s win in Reliance-Future deal and other top tech news of the week | Gadgets Now

  • Best Nintendo Switch Emulators For PC and Android

  • Every Android user must follow this advice to keep device safe from terrifying threat | Express.co.uk

Free, Libre, and Open Source Software

• Web Browsers

  • Mozilla

    • Thunderbird 91 Is Flying Soon As First Major Mail Client Update In A Year

      Thunderbird 91.0 is approaching release as an annual feature release to this open-source, cross-platform mail client and RSS reader. Given the current release is Thunderbird 78 from last July, there is a lot in store for this “2021″ update.

      Thunderbird 91 is finally set to offer import/export support for Thunderbird profiles, various user-interface improvements, improved GMail account integration, improved calendar settings, and tons of bug fixes and smaller improvements. The user-interface work includes enhancing the message reading UI, the message compose window has also been revamped, calendar UI improvements, and more.

    • Firefox Add-on Reviews: How to use a temp mail extension for spam and security protection

      One of the most common methods malicious hackers use to break into their victims’ computer systems is tricking them into clicking dangerous links within an email. It’s been popular with cyber criminals for decades because it’s so simple yet consistently effective. Just make the email appear like it’s from a trusted source and include a compelling link that, once clicked, is like opening the front door of your home to a thief.

      Temp mail (i.e. temporary email) is a tremendous way to combat this classic cyber scam. Temp mail creates disposable email accounts for you to use for non-personal/business situations, like registering with websites or online services when you don’t want them knowing your actual email, because the more your actual email is in circulation the greater its chances of falling into the hands of malicious actors.

      Beyond security protection, temp mail is also great for filtering spam. Consider how many daily emails you receive from different social media sites, services, etc.—trying to pull you back into their orbit. Certainly your inbox has seen better days?

    • What is Firefox Multi-Account Containers? Why and How to Use It?

      As the needs of users who use various programs on their devices becomes increasingly complex, the programs themselves are also needing to follow suit to keep up with the demand that users are wanting and expecting.

      Something that I find I need on a daily basis is an easy way to be able to stay logged in to multiple accounts inside my web browser at the same time. I could just log in and out of each of my accounts as needed, but this becomes extremely tedious when I’m moving across multiple accounts in a short period of time.

      Originally, I was using Google Chrome’s ability to have multiple accounts, which worked, but was a tad too tedious to manage, and it felt a bit clunky to create an entire new Google account just to do what I considered something that should be able to be done from a single account.

      This is the point where I moved to Firefox’s Multi-Account Containers feature. Not only is it so much more flexible than my setup on Google Chrome, but I am also using something that is created by my browser’s developers themselves, making for an overall smoother and simpler experience.

• Openness/Sharing/Collaboration

  • Open Data

    • Open data developments and directive transposition

      Sharing and reuse of public information has been a focus for the European Commission for many years with the first legal framework being set up in 2003, when the PSI Directive was introduced. It was revised in 2013 and then took a new form under the new Open Data Directive, adopted in 2019 with a transposition deadline for the Member States in July 2021. Poland is one of the countries that transposed the directive into national law and it was unanimously adopted last month.

• Programming/Development

  • 10 Best API Management Tools to Access, Control and Protect API

    An API (Application Programming Interface) connects between computers and softwares. People are now looking for all services in a single device or software. API is used for integrating the different systems or computer programs with the help of API management tools. Besides, this tool ensures a secure environment to deliver the service and monitor traffic.

    The core functions of API management software are to protect API, monitor traffic, ensure availability and compatibility. This tool ensures proper integration of API in the system so that API can be consumable and secure. For this reason, API management software has become popular in integration technology.

    With the help of API management software, your organization can develop, manage and secure APIs easily. Moreover, this software helps your organization test API to ensure that it works properly. Additionally, this tool reduces development cost and simplify publishing process. So let’s find out which API management tool is best appropriate for your organization’s integration system.

Finnish monks turn to forestry to cover virus losses

Last year, Asikainen also helped the monks obtain Forest Stewardship Council (FSC) certification for Valamo’s timber, a mark of sustainability which allows them to sell at higher price.

Science

• ‘I Won’t Budge’: Allie Beth Stuckey Censored by Twitter for ‘Misgendering’ Trans Athlete

  Allie Beth Stuckey says she’s now “out of Twitter jail,” and “men are still men” after she was temporarily silenced by the social media giant.

Hardware

• Package Deal

  But over the last couple of decades, things have gotten a little bit better—screens have gotten flatter, consoles have taken on more capabilities, gadgets have grown more diverse and aren’t single-function like an umbrella is. And a big reason for that has to do with the process of convergence. It’s something I’ve written about before—basically, this idea of messy convergence, the stuff of computer mice combined with telephones.

  That, of course, made no sense. The TV/VCR combo unit, on the other hand, made lots of sense. It didn’t make the combined unit any less awkward, though. And because of the complexity of the two types of components, it was easy to knock them for their weaknesses, which primarily floated around the fact that if one of these extremely complex machines broke, it made the other machine largely useless.

Integrity/Availability

• Proprietary

  • Security

    • iSpy with my little eye: Apple’s u-turn on privacy sets a precedent and threatens everyone’s security

      Apple has just announced significant changes to their privacy settings for messaging and cloud services: first, it will scan all images sent by child accounts; second, it will scan all photos as they are being uploaded to iCloud. With these changes, Apple is threatening everyone’s privacy, security and confidentiality. Although these changes seem to be first applied to users in the US, we concur with Edward Snowden that this change will have repercussions globally.

      “Apple has decided to undermine end-to-end encryption and make all its users vulnerable to censorship and surveillance. By allowing scanning of photos in private communications and iCloud, Apple products will become a threat to their users. The company should take a step back, abandon these changes and defend people from corporate and government surveillance,” says Diego Naranjo, Head of Policy at EDRi.

    • Apple opens the door to mass surveillance

      As one of the world’s biggest tech companies, the decisions Apple make matter. This is a clear signal to every government around the world that Apple – and inevitably their entire industry – have the technology and the will to carry out mass surveillance. By opening the floodgates, even for something as important as protecting children, Apple and the rest of the industry will inevitably be unable to resist doing the same for other reasons and for other governments.

    • Malicious Microsoft Word Remains A Key Infection Vector

      Despite Microsoft’s attempts to make its Office suite more secure and disable many automatic features, despite the fact that users are warned that suspicious documents should not be opened, malicious Word documents remain a key infection vector today. One of our readers (thanks Joel!) shared a sample that he received and, unfortunately, opened on his computer. The document was delivered to him via a spoofed email (sent by a known contact). The document (“legal paper.08.04.2021.doc”) was delivered in a protected ZIP archive and has a VT score of 11/58[1]. This remains a very low score for a simple Word document. It deserved to have a look at the content.

    • Black Hat 2021: Microsoft Wins Worst of Pwnie Awards

      The worst of the awards — Most Epic Fail — went to Microsoft for its handling of the PrintNightmare Print Spooler vulnerability, a bug that led to a problematic patch and more questions about potentially vulnerable code.

    • Israeli cyber company detects severe Amazon security breach

      According to the company’s Israeli cyber investigators, the security breach found allowed them to [crack] the tablets, gain full control and steal the e-reader users’ Amazon accounts.

    • Black Hat USA: HTTP/2 flaws expose organizations to fresh wave of request smuggling attacks

      Two years after taking to the Black Hat USA stage to document his exploits in the field of HTTP request smuggling, PortSwigger* security researcher James Kettle is back with a fresh perspective into how this attack vector can also impact HTTP/2 infrastructure.

      The results are enough to keep sysadmins awake at night, as the researcher demonstrated how desynchronization attacks levied against HTTP/2 systems enabled him to steal secrets from websites running Amazon’s Application Load Balancer, poison every page on Bitbucket, and forced Atlassian to sign every single one of its users out of Jira.

    • Privacy/Surveillance

      • Govt to introduce biometric boarding system through facial recognition at 6 airports; how it is useful

        Passengers will need to scan their passports and register their boarding passes at a Face Express machine. The machine will scan facial data, actively turning each traveller’s face into their passport and boarding pass.

      • Facebook Cares About Privacy—But Only If You’re an Advertiser

        It should come as no surprise that many people—including academic researchers, journalists, the U.S. surgeon general—are very interested in the effects of misinformation and disinformation on society, and are particularly focused on information shared online. This profound desire to comprehend the relationship between our informational environment and civic behavior is necessary context for this week’s battle between social-media platforms and the scholars who want to understand them better.

      • Uganda’s popular boda-bodas are now part of the government’s surveillance system

        With the deal, the government intends to re-register both public and private vehicles, water vessels such as boats, and boda-bodas. This is a process that will involve the installation of digital trackers to enable authorized state officials to track the movement of everyone using these modes of transport.

        Once the system is up and running, the government says users will not be able, for example, to remove a registration plate from a vehicle without alerting the authorities.

      • Creepy feelings as tech advances: Will Alexa listen in & tell the CIA?

        Then the other technological advances I resent, all scientifically triumphant, are the ones that offer you baubles in exchange for intruding on your life. I bought this device called Alexa, because a pretty young salesgirl in a bookshop in Mumbai told me I could have endless Nusrat and Hindi film songs if I bought it. I did. Now people tell me that this innocent-looking cylindrical speaker is listening to every conversation I have and will try to sell me things or even report me to the CIA. Eeek!

      • Filmmaker Ken Burns calls Facebook CEO “enemy of the state”

        Describing the businessman as an “enemy of the state”, Burns commented: “He doesn’t give a shit about us, the United States…He knows he can transcend it. He can get away to any place. And so it’s just about filthy lucre, that’s it”.

        Elaborating on his bitter dislike of the Facebook founder, Burns went on to go after the current chief operating officer, Sheryl Sandberg, regarding her “complicit” in the wrongdoings of the company.

        “These people — and Sheryl is a complicit — the Nuremberg of this, is if it ever happens, which it won’t, will be pretty interesting,” Burns commented, “The way that we’ve been able to temporise and say, oh, it’s okay, we’ll just go a little bit further”.

      • Is Ken Burns Taking Up Too Much Space? He Doesn’t Think So.

        Burns also explains why he considers Mark Zuckerberg an “enemy of the state.”

      • US SEC chair calls for crypto regulation

        US Securities and Exchange Commission (SEC) chairman Gary Gensler has described cryptocurrency as “rife with fraud, scams, and abuse in certain applications” and called for more government regulation to protect investors in the assets.

        Speaking at the Aspen Security Forum, an annual three-day conference in Aspen, Colorado, Gensler accepted that cryptocurrency “has been and could continue to be a catalyst for change in the fields of finance and money,” but warned it remains “highly speculative” and used as a medium of exchange mostly in situations when users wish to launder money, evade sanctions and/or tax, or enable extortion.

Defence/Aggression

• Israel Lashes Out at Ben & Jerry’s for Boycott in Occupied Palestinian Territory

• The UK Is Embarking on Largest Military Spending Hike Since the Cold War

• How QAnon convinced a Parkland shooting survivor’s dad that the tragedy was a hoax

  As numerous psychologists previously told Salon, some people are prone to conspiratorial thinking. These types are unlikely to recovery from their QAnon beliefs, and, if not QAnon, would likely have been drawn to other conspiracy theories.

• Amnesty International reports hundred plus Nigeria deaths

  The report cited eyewitness accounts of “excessive use of force, physical abuse, secret detentions, extortion and extrajudicial executions of suspects” in response to attacks and killings government blames on banned separatist group the Indigenous People of Biafra (IPOB) and its armed wing, the Eastern Security Network.

• Don’t lose Afghanistan

  Given the Taliban’s behavior lately, US President Joe Biden’s decision to rapidly withdraw US forces from Afghanistan appears increasingly questionable. While it’s not certain the Afghan resistance to the Taliban will crumble, a catastrophic outcome is still possible. Abandoning a courageous people as they attempt to fight back could leave millions of Afghans vulnerable to Taliban repression.

  That’s why we recommend a course correction involving redoubled efforts to support the Afghan security forces—particularly through airpower, which is immediately critical—as well as the vigorous implementation of US promises of continued security, economic, humanitarian, and diplomatic support.

• Chibok Schoolgirl Freed in Nigeria Seven Years After Abduction, Governor Says

  Some 270 girls were originally abducted by the Islamist group but 82 were freed in 2017 after mediation, adding to 24 who were released or found. A few others have escaped or been rescued, but about 113 of the girls are believed to be held still by the militant group.

• Die Hard Trump Supporters Increasingly Demand Violence If He Isn’t Reinstated, Homeland Security Warns

  The drunk-on-Trump crowd has been triggered so much that Homeland Security says they are concerned about the calls for violence increasing further.

  “As public visibility of the narratives increases, we are concerned about more calls to violence… Past circumstances have illustrated that calls for violence could expand rapidly in the public domain and may be occurring outside of publicly available channels. As such, lone offenders and small groups of individuals could mobilize to violence with little-to-no warning,” the bulletin said.

• Homeland Security warns of ‘increasing but modest’ threat of violence from Trump conspiracy

  “Past circumstances have illustrated that calls for violence could expand rapidly in the public domain and may be occurring outside of publicly available channels. As such, lone offenders and small groups of individuals could mobilize to violence with little-to-no warning,” the bulletin says.

Transparency/Investigative Reporting

• Open-source intelligence challenges state monopolies on information

  Geo4Nonpro was run by the James Martin Centre for Nonproliferation Studies (CNS), a part of the Middlebury Institute for International Studies at Monterey, California. The CNS is a leader in gathering and analysing open-source intelligence (OSINT). It has pulled off some dramatic coups with satellite pictures, including on one occasion actually catching the launch of a North Korean missile in an image (pictured above) provided by Planet, a company in San Francisco.

  Satellite data, though, is only one of the resources feeding a veritable boom in non-state OSINT. There are websites which track all sorts of useful goings-on, including the routes taken by aircraft and ships. There are vast searchable databases. Terabytes of footage from phones are uploaded to social-media sites every day, much of it handily tagged. “On their phone people have the same quality information I used to have to go into a secure facility for,” says Bruce Klingner, who worked as an analyst for the CIA and the Pentagon’s Defence Intelligence Agency for 20 years. “It’s just really kind of mind-boggling.”

Environment

• How ‘Space Environmentalism’ Could Prevent a Disaster In Orbit

  It’s been more than 60 years since humans launched the world’s first satellite, Sputnik, into outer space. While we’ve accomplished a lot of amazing feats off Earth since then, we’ve also discarded tons of trash, leading to an orbital environment that has become contaminated with 26,000 junk objects—and that’s just the debris that’s large enough to track.

  As a leading astrodynamicist and expert on space debris, Moriba Jah is dedicated to finding new strategies to track the ever-growing volume of orbital trash and mitigate the substantial threats it poses to off-Earth infrastructure.

• As ‘Stripped Down’ Infrastructure Bill Clears Key Senate Hurdle, Progressives Demand More Climate, Social Funding

  As the United States Senate on Saturday voted to advance a $1.2 trillion bipartisan infrastructure package, progressive lawmakers warned that they will not vote for the proposed legislation if it does not adequately fund human needs such as healthcare, housing, and climate action.

  “If the bipartisan bill isn’t passed with a reconciliation package that has our popular priorities, we’re not voting for it.”—Rep. Pramila Jayapal

• Energy

  • 234 scientists read 14,000+ research papers to write the upcoming IPCC climate report – here’s what you need to know and why it’s a big deal

  • Western Electric

    Charge time · 17:42 driving, 6:24 charging (including one evening charge after the day’s drive was finished). Not that great on the face of it. Now, it clearly could have been less; since my confidence that any given charger would Just Work started out weak, I was carefully allowing for failures and not running the battery very low. Later on in the trip as I gained confidence (specifically in the Petro-Canada network) I was willing to take on things like the Calgary-to-Medicine Hat leg, 2:43 and 285.9km, running the battery from 90% down to 11%.

• Wildlife/Nature

  • ‘We Lost Everything’: Greenville Residents Reel as California’s Dixie Fire Grows to Historic Proportions

    As Greenville, California residents reel from the incineration of their town by the Dixie Fire earlier this week, the massive conflagration continued to grow Saturday into the largest single-source wildfire in recorded state history.

    “This tears at my heartstrings because that’s our beginning, that has all of our historical documents… and now it doesn’t even stand.”—Tribal Chair Angela Martin, Greenville Rancheria

• Overpopulation

  • Reports: Kenya, Facing Fish Shortage, Will Not Ban Chinese Imports

    The site also reported that local markets, facing a shortage of locally caught fish, had been selling imported Chinese fish and that the imported fish cost less.

AstroTurf/Lobbying/Politics

• Biden Promised a Workplace Safety Rule. Industry Got Him to Issue a Narrow One.

• Manchin Bailed Out a Power Plant That Helps His Family Profit From Coal Waste

• Opinion | What Nina Turner’s Loss Can Teach Future Progressive Candidates

  Last July, in the midst of the 2020 presidential election and the burgeoning coronavirus pandemic, The Atlantic asked Bernie Sanders’ former top campaign surrogate Nina Turner how she’d feel about endorsing Joe Biden over Donald Trump. “It’s like saying to somebody, ‘you have a bowl of shit in front of you, and all you’ve got to do is eat half of it instead of the whole thing.’ It’s still shit,” she quipped. 

• Corporate Media Obscures Role of PAC Money in Driving Nina Turner’s Defeat

• Opinion | The Fallacies of Political Labelism

  Alexander Burns is a leading political affairs analyst for the New York Times. Unfortunately, even he has accepted the ill-defined political labelism swallowed wholesale by his journalistic colleagues.

• Families of 9/11 Victims Tell Biden to Release Info or Stay Away From Memorials

• Nigeria’s Twitter ban is proving costlier than just a regular [Internet] shutdown

  Nigeria’s shutdown of Twitter, which came into effect on June 5, has become a multimillion dollar economic headache for the country, impacting businesses of all sizes, from banks to startups, who use social media for activities like customer service and dispute resolution. The ban has also hit entrepreneurs and vendors who are able to gain visibility through social media campaigns and viral tweets, and the content creators, and marketers who have built a career out of running those campaigns.

• Supreme Court decision could set off gerrymandering ‘arms race’

  Federal judges will no longer play the role of referee when the intensely partisan, once-per-decade fight over congressional mapmaking gets underway this year.

  As a result of decisions by the Roberts Court, federal courthouses will be forced to turn away even the most egregious cases of partisan gerrymandering, which could make it easier for state lawmakers to lock in politically manipulated voting maps for the next decade.

  “Now that the Supreme Court has officially retreated from the area, they’ve set off what will likely be an arms race between the parties to gerrymander to the fullest extent they can in the states where they hold control,” said G. Michael Parsons, a scholar at New York University School of Law.

Misinformation/Disinformation

• “People do not trust that Facebook is a healthy ecosystem”

  New York University researcher Laura Edelson is at the center of the latest major Facebook controversy over the misinformation that’s eroding our democracy and encouraging Covid-19 vaccine hesitancy.

  Earlier this week, Facebook abruptly shut down the personal Facebook accounts and research tools of Edelson and two of her colleagues at the NYU Ad Observatory, which studies political advertisements and misinformation on the platform.

• Facebook’s official disinformation research portal is a bad joke

  This is inexcusable, but that doesn’t stop Facebook from trying to excuse it. That defense has two prongs. The first is a false claim that Ad Observer compromises Facebook user privacy.

  This is a lie that can be trivially disproved simply by looking at the source-code for the Ad Oberver plugin. Facebook is just privacywashing, using privacy as a pretext to cover up bad corporate behavior.

Censorship/Free Speech

• Belarus Bans Sports Website As ‘Extremist’

  The Interior Ministry said on August 6 that Tribuna.com and all its social media channels were banned because its administrators posted “materials calling for extremist activity.”

  Sharing content from the sports website could be met with fines or jail time, the Interior Ministry said.

Freedom of Information/Freedom of the Press

• Free Press Coalition Highlights Risks for Photojournalists

  Their cases highlight the dangers for video journalists and photographers reporting from regions experiencing violence and instability, analysts say.

  Twenty-five years ago, “people would wear a ‘press’ jacket and assume that that would afford you some sort of security – that if everybody knew you were press, they would avoid hurting you,” said Clothilde Redfern, director of the Rory Peck Trust, a London-based organization that supports freelance journalists. “If anything, now being press means there’s a target on your back.”

• Taliban Assassinate Head of Afghan Government Media Department

  The Taliban shot to death the head of the Afghan government’s media information center Friday at a mosque in the capital, the Interior Ministry said, days after warning they would target senior administration officials in retaliation for increased airstrikes.

• Taliban fighters shoot at car carrying Afghan journalists, briefly abduct them

  On August 1, 2021, Taliban fighters in the outskirts of Herat city, in western Afghanistan, fired shots at a car carrying Shakib Shams, a correspondent with the national radio service Salam Wantadar, and Storai Karimi, a reporter for the independent news agency Pajhwok Afghan News, and abducted them for approximately 25 minutes, according to Shams, who spoke with CPJ via messaging app, a report by Salam Wantadar, and a tweet by the Afghanistan Journalists Safety Committee, a local press freedom watchdog group. Najib Sharifi, director of the Afghan Journalists Safety Committee, confirmed the shooting incident and abduction of Shams and Karimi to CPJ via messaging app.

• Journalism organizations denounce attack on Halk TV by government supporters

  Journalism organizations have denounced the attack on Halk TV journalists during a live broadcast near a wildfire zone in İçmeler, Muğla.

  In the early hours of today (August 6), a group of five people attacked the journalists and threatened further attacks if they “do anything wrong.” The mayor of Muğla’s Marmaris was also a guest in the program.

• China: journalist sentenced to three and half years in prison

  On 29th of July, Zhou Weilin, 56, a journalist working for Chinese-language human rights news website Weiquanwang, was sentenced to three and half years in prison by a court in Feidong county in Anhui province (Eastern China) on the charge of “picking quarrels and provoking trouble”. Zhou was secretly arrested in March 2020, and kept in one of China’s black prisons until his trial which began in November.

Civil Rights/Policing

• Communications Alliance throws support behind Government’s new [cracking] powers plans

  In the report of its inquiry, the Parliamentary Joint Committee on Intelligence and Security (PJCIS) has recommended 34 amendments to the controversial legislation, which CA says would allow agencies to covertly [crack] and disrupt the networks, accounts and devices of Australians where there is suspicion of a crime being committed.

  The PJCIS recommendations include changes to strengthen the oversight of the activity of agencies, allow for review of how the proposed powers are used and to better protect the privacy of Australians whose devices could be [cracked] and/or confiscated under the planned new laws.

Monopolies

• Amazon’s Power Will Only Keep Expanding in the Near Future

  In a recent episode of Primer, Alex N. Press spoke to Alec MacGillis, author of Fulfillment: Winning and Losing in One-Click America, a new book about Amazon, about how the company shapes not only our physical but also our political landscape: how it influences elected officials’ actions, takes advantage of US laws, and acts on people as almost a force of nature, moving them from one place to another, injecting prosperity in one city or even one building, only to suck the life out of another. The transcript has been edited for length and clarity.

• Patents

  • EU Unitary Patent and Unified Patent Court Finally Coming in 2022? [Ed: Posting or publishing lies as questions is a longstanding tactic of Team UPC, hoping that endless repetition of a lie will somehow make it come true]

    After many years of delays, a Unitary EU Patent and EU Patent Court may finally come into existence in 2022.

    According to the European Patent Office (EPO), the new system will offer users of the patent system a “cost-effective option for patent protection and dispute settlement across Europe.”

  • InterDigital signs licensing agreement with Xiaomi [Ed: InterDigital is little but a patent parasite, disputing claims about patents promoting innovation]

    Earlier this week, InterDigital and Xiaomi announced the signing of a global licensing agreement. The Chinese mobile phone manufacturer accepted the licence to InterDigital’s portfolio of standard essential patents after a months-long patent dispute.

    The licence grants Xiaomi access to InterDigital’s SEPs concerning cellular wireless (including 3G, 4G and 5G), WiFi and HEVC video technology for its cellular-enabled mobile devices.

    The licence is non-exclusive. Furthermore, the two companies did not disclose financial details of the agreement. In addition, Xiaomi recently struck a deal with SEP holder Sisvel that also ended patent litigation with the NPE.

  • Germany’s Second Bill To Simplify And Modernise Patent Law [Ed: "Modernise" as in "do what lobbyists tell us", including litigation profiteers and plutophiles like Taylor Wessing in this case]

    The Federal Government’s draft bill to simplify and modernise patent law (as amended by the Legal Affairs Committee) was adopted by the Bundestag on 10 June 2021 and passed the second Bundesrat examination on 25 June 2021. The Bundesrat decided not to request that the Mediation Committee convene to address the bill. The bill now remains to be signed, approved and promulgated. With a few exceptions, the new legal provisions will enter into force on the day after the law was promulgated.

    The legislative reform focuses on three areas: First, the new law codifies that in exceptional cases, the right to obtain injunctive relief for patent infringement may be limited for reasons of proportionality. Second, invalidity proceedings before the Federal Patent Court are streamlined to become more synchronised with the infringement proceedings heard by the civil courts. Third, the Trade Secrets Act (Gesetz zum Schutz von Geschäftsgeheimnissen, GeschGehG) is applied in patent litigation.

  • In a world first, South Africa grants patent to an artificial intelligence system [Ed: But the patent system was created and justified as rewarding inventors, not bots. Well, now that litigation lawyers and monopoly fanatics have hijacked the system they don't care anymore.]

    At first glance, a recently granted South African patent relating to a “food container based on fractal geometry” seems fairly mundane. The innovation in question involves interlocking food containers that are easy for robots to grasp and stack.

    On closer inspection, the patent is anything but mundane. That’s because the inventor is not a human being – it is an artificial intelligence (AI) system called DABUS.

  • AI as an Inventor! [Ed: You know the patent systems have totally and entirely jumped the shark when patent monopolies are being granted even to bots]

  • Australian federal court rules that AI can be a patent inventor [Ed: They've completely quit pretending that patents are beneficial to society the moment they said bots can have patent monopolies as well]

    In a possible world-first decision, an Australian court has ruled that artificial intelligence can be named as the inventor of a patent. Federal Court Justice Jonathan Beach ruled in Thaler v. Commissioner of Patents that under Australian patent law, inventors don’t necessarily have to be human.

  • Guest Post: DABUS Gains Traction: South Africa Becomes First Country to Recognize AI-Invented Patent [Ed: Enough of this "Hey Hi" nonsense; this is just a computer program gaming the patent system]

    A world first – South Africa recently made headlines by granting a patent for ‘a food container based on fractal geometry’ to a non-human inventor, namely an artificial intelligence (AI) machine called DABUS.

    Over the past three years, the AI algorithm DABUS (short for Device for the Autonomous Bootstrapping of Unified Sentience) and its team of supporting humans, including Dr. Stephen Thaler and Prof. Ryan Abbott, have made headlines around the world as they sought patent protection for a fractal-inspired beverage container (shown below) that they contend was invented by DABUS.

  • AI can be an inventor on patent filings, rules Australian court

    While enthusiasts celebrated the recognition of AI inventors, critics said it risked Australian lawmakers ‘looking like chumps’.

  • Software Patents

    • EPO Opposition filed against Dolby patent

      On August 6, 2021, Unified filed an opposition proceeding against EP 3678097 B1, currently owned by Dolby International AB. EP ‘097 is related to patents owned by InterDigital and designated essential to SISVEL’s AV1 patent pool. EP ‘097 is also related to patents designated essential in the HEVC Advance list. This filing is a part of Unified’s ongoing efforts in its SEP Video Codec Zone.

    • eBay Patents a Robo Seller

      eBay thinks a robot can do your job – introducing the Robo Seller. eBay filed a patent for an “Auto posting system” that would perform much of the tedious selling chores required to list on its platform, as the patent abstract describes:

      “The disclosed technologies include a robotic selling assistant that receives an item from a seller, automatically generates a posting describing the item for sale, stores the item until it is sold, and delivers or sends the item out for delivery.”

• Trademarks

  • Does the sign “eat clan people” carry an association with cannibalism and thus produce an “adverse effect”?

    On 29 November 2017, an individual named Seng Lei (‘Seng’) filed an application (No. 27792495) in class 30 for food products to the Trade Mark Office of China (TMO). The sign consists of three Chinese characters (shown below), i.e. Hanzi: ‘食 (eat) 族 (clan) 人 (people)’.

    [...]

    (Administrative Judgment No. 3627 [2020], Final, Administrative Division, Beijing, of the Higher People’s Court of Beijing Municipality)

    The Beijing High People’s Court upheld the judgment of the Beijing IP Court. Additionally, it noted that using Article 10.1(8) as an absolute ground for refusal of trade mark registration and its use in commerce had a substantial impact on the rights and interests of trade mark applicants. As such, it should be applied prudently.

    The Beijing High People’s Court then reiterated the steps to examine similar cases: Usually, when the daily life experience of the public, or the official documents such as dictionaries and reference books, could determine that a sign or its constituent elements may have a negative effect on the public interest or public order, the sign would be deemed as carrying the ‘adverse effect’ prohibited by the TML. The subjective intentions, manners of use, or damage to the parties could be factors for reference.

    When a sign’s overall intrinsic meaning does not cause a negative impact on the public nor the public order concerning politics, economy, culture and ethnicity, etc., and the public discourse does not suggest negative impacts, the accusation of ‘adverse effect’ must be supported by corresponding evidence or sufficient reasons.

    In summary, the Beijing High People’s Court maintained the judgment made by the Beijing IP Court.

  • ‘Impossible’ versus ‘Incredible’: The sequel [Ed: Some people are so arrogant that they think they 'own' all dictionary words starting with "I"]

    As we previously covered, Nestlé was forced to rebrand its ‘Incredible Burger’ in May 2020 after the District Court in The Hague found the brand name to be too similar to its rival’s ‘Impossible Burger’. Nestlé was given four weeks to withdraw the product from the European Union or face a fine of €25,000 per day.

    Meanwhile, on 18 March 2019, Nestlé had filed a request for a declaration of invalidity against the ‘Impossible Burger’ trademark at the EUIPO. EUIPO’s Cancellation Division ruled on this invalidity request last month. Unfortunately for Nestlé, it did not fare much better in this case, after the Cancellation Division concluded last month, like The Hague Court, that ‘Impossible Burger’ is a valid trademark.

• Copyrights

  • ‘Pub Testers’ Being Recruited To Clamp Down on Football Piracy

    With the new Premier League season due to kick off in less than a week’s time, pubs across the country will be showing matches to their customers. To do that legally they’ll need an appropriate subscription package so to ensure that happens, a compliance company is looking for people to visit pubs during match times and report those breaking the rules.