Bonum Certa Men Certa

Links 13/7/2017: Systemd 234, Fedora 27 Plans





GNOME bluefish

Contents





GNU/Linux



  • Desktop



  • Server



    • Why Is Docker So Popular? Explaining the Rise of Containers and Docker
      By now, you've almost certainly heard of Docker containers. You know Docker is massively popular. But do you know why? Here's a look at the factors driving tremendous interest in Docker today.

      Before delving into a discussion of the factors behind Docker's popularity, it's worth noting that Docker is not the only container platform out there. Nor was it the first to come along.

      Other frameworks, like OpenVZ and LXC, were available starting in the mid-2000s. Other container-like technologies, such as FreeBSD jails, go back even further. Docker was released only in 2013, making it a very young technology compared to most of today's mainstream enterprise technologies.

      Curiously, however, it was Docker, not a more mature container platform, that has risen to massive prominence over the past few years. That's an outcome worth pondering -- for the purposes both of understanding what makes containers in general so popular, as well as why Docker in particular has succeeded so spectacularly, whereas alternative container frameworks have seen little adoption.






  • Kernel Space



    • Three new stable kernels
      Stable kernels 4.12.1, 4.11.10, and 4.9.37 have been released. They all contain important fixes and users should upgrade.


    • Linux 4.12.1


    • Linux 4.11.10


    • Linux 4.9.37


    • What is Linux – A Beginners Guide
      Linux is best known as the most used open source computer operating system in the world. You can think of Linux as the the software that is under all the other software on your computer, making requests on behalf of those programs and forwarding the requests onto the computer’s hardware.


    • Oye! Earth Still Uses Linux in the 23rd Century
      What operating system will be in use in the 23rd century? For fictional inhabitants of The Expanse, a critically acclaimed sci-fi series, it's Linux.


    • Look at this photo booth in Chicago running linux


    • This exercise bike runs Linux and supports telnet


    • Zero-copy networking
      In many performance-oriented settings, the number of times that data is copied puts an upper limit on how fast things can go. As a result, zero-copy algorithms have long been of interest, even though the benefits achieved in practice tend to be disappointing. Networking is often performance-sensitive and is definitely dominated by the copying of data, so an interest in zero-copy algorithms in networking comes naturally. A set of patches under review makes that capability available, in some settings at least.

      When a process transmits a buffer of data, the kernel must format that data into a packet with all of the necessary headers and checksums. Once upon a time, this formatting required copying the data into a single kernel-space buffer. Network hardware has long since gained the ability to do scatter/gather I/O and, with techniques like TCP segmentation offloading, the ability to generate packets from a buffer of data. So support for zero-copy operations has been available at the hardware level for some time.


    • FD.io: Breaking the Terabit Barrier!


      Since its launch in February of last year, FD.io has been delivering complex routing/switching at the multi-million FIB scale at higher performance than any other software vswitch/vrouter. This is analogous to a shift from something that needs to be delivered via truck (say, an early version of a “computer”) that can now be transferred via carry-on bag (today’s thin and lightweight laptops).

      At launch, FD.io’s VPP technology could route/switch at half a Terabit per second at multimillion fib entry scales. Close examination of the bottlenecks revealed that it was being limited by the ability of the PCI bus to deliver packets from the NIC to the CPU. VPP had headroom to do more, but the PCI bus bandwidth imposed limitations.


    • Linux Foundat's Hyperledger Fabric 1.0 Ready For Production


    • [Older but no more paywall] Network acceleration with DPDK
      Network acceleration has always been a subject that naturally attracts the interest of network device vendors and developers. Kernel network acceleration techniques that require, for example, the caching of kernel networking data structures inside the network driver (or maintaining a private modified kernel for a specific device) are naturally frowned upon and bound to be rejected by the kernel networking community. There are also user-space kernel-bypass solutions, including the Data Plane Development Kit (DPDK).

      Among the most popular open-source projects providing user-space network acceleration are Snabb, netmap, and DPDK. With the recent announcement by Jim Zemlin this April that DPDK project has moved to the Linux Foundation, it seems that this is a good time to get an overview of the current status of this project and its roadmap.


    • [Older but no more paywall] Namespaced file capabilities
      The kernel's file capabilities mechanism is a bit of an awkward fit with user namespaces, in that all namespaces have the same view of the capabilities associated with a given executable file. There is a patch set under consideration that adds awareness of user namespaces to file capabilities, but it has brought forth some disagreement on how such a mechanism should work. The question is, in brief: how should a set of file capabilities be picked for any given user namespace?


    • [Older but no more paywall] Some 4.12 development statistics
      Linus Torvalds released the 4.12 kernel on July 2, marking the end of one of the busiest development cycles in the kernel project's history. Tradition requires that LWN publish a look at this kernel release and who contributed to it. 4.12 was, in many ways, a fairly normal cycle, but it shows the development community's continued growth.

      The 4.12 kernel includes 14,821 non-merge changesets contributed by 1,825 developers. That is not the highest changeset count we've ever seen — 4.9 is likely to hold that record for some time — but it comes in at a solid #2. The 4.12 kernel did set a new record for the number of developers participating and for the number of first-time contributors (334), though. This was also a significant release for the growth of the kernel code base: 4.12 has just over one million lines of code more than its predecessor.


    • Graphics Stack



    • Benchmarks



      • Mesa GL Thread Testing With Pentium + Core i7 & RX 580 + R9 Fury
        With Mesa's GL threading support ready for wider testing and the developers pursuing per-application enabling of this driver-agnostic Mesa OpenGL multi-threading work, here are some benchmarks of mesa_glthread when using a Pentium and Core i7 CPUs as well as a Radeon RX 580 and R9 Fury.

        AMD developer Marek has reported that BioShock Infinite can be around 76% faster, Civilization VI around 20% faster, Alien Isolation by around 60%, among other improvements when explicitly turning on mesa_glthread for games benefiting from this CPU multi-threading behavior. But for other games it can regress the performance, which is why this feature isn't turned on unconditionally.


      • Benchmarking The Potato & Firefly: New ARM Linux Boards
        When receiving the long-awaited AMD ARM board yesterday I also received Le Potato Libre Computer Board and the Firefly RK3399.

        Le Potato is the recently talked about ARM SBC that is the New Libre-Focused ARM Board Aims To Compete With Raspberry Pi 3, Offers 4K.






  • Applications



  • Desktop Environments/WMs



    • K Desktop Environment/KDE SC/Qt



      • [Krita] Hooray! Watercolor is paintop now! But…
        From the very beginning, watercolor was conceived as brush engine. I think it is the best place for it. But it brings some troubles. The most important problem is how to make undo engine.

        During a new stroke, the system can have previous strokes that continue to change. And it’s not clear how watercolor should behave with the rest of the engines. And I would like to ask your help. If you have any idea about it, please leave it in comments =)


      • Trip report: Google Code-In 2016 Summit at Google headquarter
        Heya fellow KDE people,

        just a couple of weeks ago I got the opportunity to attend the Google Code-In Summit held in several locations scattered around the San Francisco Bay area. I can tell you first hand: It's been an awesome trip and I encourage anyone else to participate if the opportunity arises.


      • Akademy 2017
        There will be a workshop titled "Playing with the amalgam of QML and JavaScript" conducted by me.




    • GNOME Desktop/GTK



      • An update on cloud providers integration
        A quick update on my work for GNOME during GSoC. The initial work from Carlos has been split into a library handling the cloud provider management called libcloudproviders and a patch for GTK+ to add cloud providers to the GtkPlacesSidebar.


      • Nautilus Devs Working on a New Way to Integrate Cloud Providers
        Work is underway on a new way to integrate cloud storage providers with Nautilus, delivering a more consistent and uniform experience.
      • Indexing multiple languages source code in GNOME Builder
        In previous post, Code Search for GNOME Builder: Indexing, I wrote about how indexing of source code is implemented to support searching symbols in GNOME Builder. After discussing with Christian Hergert, we changed the design of indexing to make it easier to support indexing of source code in languages other than C/C++.

        This is the new design, An interface IdeCodeIndexer is created. This interface will take a source file of a particular language and returns a list of info of symbols present in that file. Returned list of symbols are in form of GListModel. Any class that implements this interface can provide indexing support for a language.






  • Distributions



    • OpenSUSE/SUSE



      • Explanation of what BlackSuse is for me
        BlackSuse OS is an opensuse-based system. Focused on security penetration testing and other small things Our repository is ready. The system is 80% functional.




    • Slackware Family



      • Adobe Flash security update July ’17
        This month’s security update for the Flash Player plugin has arrived. The new version is 26.0.0.137 for both the PPAPI (Google Chrome and friends) and the NPAPI (Mozilla Firefox and friends) based plugins.

        I know… Flash is a monster and should be killed. But as long as people need it on Slackware, and as long as Adobe keeps releasing Linux plugin updates, I will package them and add them to my repository.




    • Red Hat Family



      • Innovation fuels open source, but focus gets it to the finish line
        When open source works, like Linux, it becomes a powerful platform that drives innovation across multiple areas, from applications to hardware and even security, where the open source community becomes an asset rather than a liability because they help identify vulnerabilities and fixing them as a community, according to Wright. Further, the emergence of mid-stream organisations like OPNFV now brings together different open source projects, making them accessible by users, and creating environments no only for collaborations, but solutions integration and testing, he adds.


      • The convergence of open source, 5G and service providers
        The open source community, 5G standardisation and service providers are converging towards a singular goal. As Red Hat CTO Chris Wright explains, open source networking projects are now developing the core technologies necessarily for 5G, which has articulated the same requirements for an agile infrastructure capable of support multiple application types.

        And while there is still a gap between open source developed technologies and formal standardisation for 5G, the solutions themselves are rapidly becoming mainstream within service provider environments.


      • Enterprise Mobility Survey Commissioned by Red Hat Reveals Growing Demand for Mobile Applications in ASEAN Countries


      • Finance



      • Fedora



        • Fedora Developers Begin Talking About Their 28 & 29 Releases For 2018
          While Fedora 26 just shipped yesterday, developers are already talking about their very early release estimates for Fedora 28 and Fedora 29 in 2018.

          The Fedora 27 schedule has been firmed up for a while now and puts the change checkpoint completion deadline on 1 August, beta freeze on 5 September, beta release on 26 September, and the estimated release date for Fedora 27 at 24~31 October.

          Fedora Project Leader Matthew Miller has now laid out "super drafty" release schedules for F28 and F29 based on the fact they like early May and late October releases. The May/October cadence allows them to avoid major public holidays while also being timed nicely around GNOME releases, GCC updates in the spring, etc. They try to hit these targets, but release delays often interfere.


        • super-drafty F28 and F29 schedules
        • Download of The Day: Fedora Linux 26


        • Raspberry Pi: Hands-on with Fedora 26
          I previously mentioned that the Fedora 26 release was imminent, and it was released as planned: the release announcement is a bit thin, but the release notes are, as always, very complete. It is worth reading through both of them before starting to install or upgrade Fedora.

          For new installations, the standard Workstation version, which has the Gnome 3 desktop, can be downloaded from the Get Fedora page. Other desktops, and other targets, can be downloaded from the Fedora Spins page.


        • Latest Fedora Project OS Tips its Hat to Container Upgrades
          The Red Hat-backed Fedora Project released the latest version of its open source operating system that powers container management, data center operations, and developer workstations.

          The Linux-based Fedora OS was initially released in 2003 and is the basis for a number of distribution platforms, including Red Hat’s Enterprise Linux platform and the One Laptop Per Child XO project.


        • Fedora 27 Is Hoping For A Unified Database For DNF
          While the DNF 2.0 package manager is found with this week's Fedora 26 release, DNF developers aren't done with changes to the package manager for Fedora.

          With the Fedora 27 cycle they are hoping to accomplish a unified database for DNF in handling package management. Currently, DNF makes use of obsolete Yum databases and related to that PackageKit is also using the Yum databases in a "very hacky way" while the goal is to provide a new, unified package database.






    • Debian Family



      • Debian 9 Stretch - Not by a long stretch
        Debian 9 Stretch is a horrible disappointment. It's a completely unusable product in my scenario, and I see no real reason why I should bother using it. Ubuntu and friends offer a superior experience. Perhaps Debian serves a purposes somewhere, but I fail to see it. What really irks me is that in six or so years since I've last tried it, it's as if nothing at all has changed. Exactly the same kind of issues, only different hardware and kernel modules.

        Perhaps without Debian we wouldn't have Ubuntu and such. For that matter, we also wouldn't have pyramids without slaves. But that does not mean we should be grateful for slavery in giving us big stony architecture. Similarly, Debian may be a baseline for many other distributions. But on its own, without a thick layer of customization and changes, it fails horribly on the desktop. This test makes me sad and angry. Because I know an end when I see one. It's still a few years away, but it will inevitably come. Anyway, completely not recommended. My last venture into Debian this way. We're done.


      • Derivatives



        • Parrot Linux 3.7 Review Featured with Kernel 4.11 , Debian GNU/Linux 10 Buster, Debian 10 Testing
          A rumor went out in the Linux world that Parrot developer team is trying to switch from Debian GNU / Linux to Devuan GNU/Linux. After the release , they wiped out this rumor via a tweet “Our release team is evaluating a possible migration of our project from Debian to Devuan,”.

          It seems that Parrot developer team is not ready yet to work with Devuan. They mentioned this in a Facebook Status —“It is not an easy migration and we have still to decide what to do.”


        • Canonical/Ubuntu



          • Industrial Kaby Lake module runs Ubuntu
            Arbor’s “EmETXe-i90M0” COM Express Basic Type 6 features 7th Gen Core EQ SoCs, -40 to 85€°C support, triple displays, and an optional carrier.


          • Debian vs. Ubuntu: What's the Difference?
            For the last four years, Debian and Ubuntu have been in the top three Linux distributions on Distrowatch. Since 2005, neither has been out of the top six. Together, they form one of the greatest influences on Linux development, and that influence seems likely to continue for the foreseeable future. They remain closely related, although if you look closely subtle differences in direction and orientation start to emerge

            You may have heard that Debian is a distribution for experts, and Ubuntu for beginners. That is true, so far as it goes. However, that distinction is more historic than contemporary.

            After Ubuntu burst on to the scene in late 2004, it spent several years making the desktop easier to use, especially for non-English speakers. However, thanks to free licenses, Ubuntu's improvements have spread to most desktop environments.

            Moreover, Ubuntu's days of interface innovations are largely in the past. Under the direction of the parent company Canonical, Ubuntu development has been focused elsewhere. For over six years, the emphasis was on the development of the Unity desktop into a common interface for phones, tablets, and desktops. Meanwhile, Canonical seems more concerned with OpenStack, embedded systems and servers. Although the recent abandonment of Unity in favor of GNOME could mean a return to innovation on the Ubuntu desktop, it is still too early to tell. For now, Ubuntu seems no more innovative than Debian.


          • [Older but no more paywall] A little surprise in the Ubuntu motd
            At the end of June, Zachary Fouts noticed something on his Ubuntu system that surprised him a bit: an entry in the "message of the day" (motd) that looked, at least to some, like an advertisement. That is, of course, not what anyone expects from their free-software system; it turns out that it wasn't an ad at all, though it was worded ambiguously and could be (and was) interpreted that way. As the discussion in the bug Fouts filed shows, the "ad" came about from a useful feature that may or not have been somewhat abused—that determination depends on the observer.

            It is a longstanding Unix tradition to print a message of the day when users log in; in ages past, administrators would often note upcoming software upgrades and/or maintenance downtime that way. Typically that message has come from the /etc/motd file, but Ubuntu has long had a way to dynamically generate messages from local system information (e.g. number of package updates or reboot needed) using scripts in the /etc/update-motd.d/ directory. In Ubuntu 17.04, a new script was added that reaches out to a URL and grabs what it finds there to display as the motd.

            [...]

            Ubuntu Product Manager Dustin Kirkland, who is the author of the original dynamic motd as well as the new motd-news feature, soon arrived in the bug thread (after commenting in a related Hacker News thread). In a lengthy comment, he explained how motd-news works along with some history and functioning of the dynamic motd feature he developed back in 2009. He described how Ubuntu is using the feed and how it can be configured to consult a local URL to get news items that would be displayed instead of (or in addition to) the official feed. There are several categories of messages that will be added, including internet-wide problems (such as Heartbleed) or important information about Ubuntu itself (like an EOL date reminder).


          • Yunit packages for ubuntu 16.04 LTS
            The release of Yunit packages for ubuntu 16.04 LTS marks or first milestone, regarding the availability of Yunit for all the supported platforms. Our next steps is to setup a CI infrastructure which will give us the ability to actually start working with the code and start improving Yunit by either fixing existing unity 8 bugs in launchpad or developing new features.


          • Flavours and Variants



            • Ubuntu-Based ExTiX Linux Distro Now Ships with the Budgie Desktop Environment
              ExTiX developer Arne Exton is informing us today about the availability of a new update to his Ubuntu- and Debian-based ExTiX Linux distribution, versioned 17.7.

              ExTiX 17.7 comes as an update for the previous release, ExTiX 17.5, which the developer launched in early May as the first of the GNU/Linux operating system to be powered by a kernel from the Linux 4.11 series, and it introduces the first ever flavor that's built around the Budgie desktop environment from the Solus Project.












  • Devices/Embedded





Free Software/Open Source



  • Open Source GIS Tools Helping Save Mangrove Forests
    Ecologists Without Borders and Pronatura México are two nongovernmental organizations that have been trying to quantify and, ultimately, help reverse the decline of mangrove forests in the Marismas Nacionales. In the summer of 2015, EcoWB approached the University of Washington looking for students with GIS experience to recommend a solution. EcoWB needed a cost-effective option that was documented in enough detail for their partner organizations in Mexico to implement it themselves. The UW graduate student team recommended that EcoWB use a free and open source GIS toolkit from the Natural Capital Project’s Integrated Valuation of Ecosystem Services and Tradeoffs. The lessons learned from the team’s work, described below, suggest that, in some situations, a free and open source GIS solution is a better option than a proprietary one.


  • GitHub: It's time to open source open source Terms of Service
    GitHub is asking for feedback and collaboration from its user community in updating its Terms of Service and other site policies.

    The web-based version control and data hosting organisation is effectively saying then that open source Terms of Service, should indeed be open source.


  • Intel's goals for open source - governance, acceleration and commercialisation
    Intel is an active contributor to multiple open source projects, but there are unifying goals and strategies for the company's engagement with the open source community. According to Intel's John Healy, the company's involvement with open source is to first ensure a democratic environment to foster ideas, technical contributions to accelerate development, and market driven to ensure technologies and solutions reach commercialisation - to ensure the loop is closed.


  • Lyft to open-source some of its AI algorithm testing tools
    Lyft has spent a lot of time building tools that help it simulate the results of machine learning algorithms, and the company plans to make them available more broadly in the near future.


  • LexPredict Goes [Partly] Open Source, Hopes Others Will Follow
    The company will make the core of its ContraxSuite analytics system free and open source while offering retrofitting services at a cost.


  • Yahoo's Bullet looks ahead in querying streaming data
    A few months back, we posed the question of whether the world needs another streaming engine. Now we'll extend that question to querying. Virtually each streaming engine has a way to submit queries - otherwise, why would you need a streaming engine? Although streaming engines offer the promise of fresh real-time data, the ugly truth is that they must cache data first. That means that most streaming query engines must look back at data that has already been collected.

    [...]

    The result is the Bullet project, which Yahoo just open sourced on GitHub.


  • Cannonlake Enablement Continues In Coreboot; Still No Sign Of Ryzen For Coreboot
    Intel developers continue working on Cannonlake support for Coreboot while sadly we've seen no activity yet for getting Ryzen/Epyc CPUs working with Coreboot.

    Back in June I wrote about Intel prepping Cannonlake Coreboot support and since then that work has continued on getting Coreboot ready to this next-gen successor to Kabylake.


  • Events



  • CMS



    • Recognizing The Human Touch To Open Source Learning Development, The CLAMP Way
      During the recently-held Hack/Doc Fest, the US Collaborative Liberal Arts Moodle Project (CLAMP) took the time to acknowledge some of the people who have helped make this growing alliance what it is and what the alliance has meant for the development of Moodle. But beyond that, the Recognition Awards, given to people chosen by CLAMP’s Steering Committee, are a nod to the human element in the future development of open technologies for the development of critical thinking skills everywhere.




  • Pseudo-Open Source (Openwashing)



  • Funding



    • Startup Buoyant, Owner of Linkerd Project, Banks $10.5 million in VC
      Buoyant, the year-old startup behind the popular open source Linkerd project and creator of the new service mesh category of cloud infrastructure software, has banked $10.5 million in Series A funding.

      The round, announced July 11, was led by Benchmark Capital, with additional participation from #Angels, a female-led investment group of current and former Twitter executives.




  • FSF/FSFE/GNU/SFLC



    • The Many Loves of Richard M. Stallman


      Have you ever met a man you didn’t see why women would cozy up to, but they did? Or, in the interests of non-sexism, a woman you wondered why men liked, but they did?

      That is RMS.

      I suspect women are attracted to him because he is steadfast, moral, and more than a bit of a hero in his own way. He is also a genius, for real, in the sense that he is the only person I have ever known personally who won a MacArthur Foundation “Genius Grant.”

      Wow. If there is ever an all-star team for Mental Sportsball, RMS is sure to be on it. I’d vote for him. Wouldn’t you? And I’m sure a whole lot of attractive women — not necessarily all Free Software devotees — would, too.




  • Openness/Sharing/Collaboration



    • What determines how collaborative you'll be?
      In the first part of this series, I presented a list of factors that can influence someone's decision to approach a project or problem with either a cooperative or competitive mindset. In this follow-up article, I'll present a few scenarios that illustrate the ways these factors can interact to shape specific instances of collaboration or competition.




  • Programming/Development



    • Do you prefer tabs or spaces?
      Tabs versus spaces: What seems like an age-old debate in the development community has seen renewed interested in the past several weeks as a report came out from Stack Overflow revealing that developers who use spaces may make more money than those who use tabs. Who knew that indentation style could have such a big impact on you, personally?


    • Dangerous Logic - De Morgan & Programming
      Programmers are master logicians - well they sometimes are. Most of the time they are as useless at it as the average joe. The difference is that the average joe can avoid logic and hence the mistakes. How good are you at logical expressions and why exactly is Augustus De Morgan your best friend, logically speaking?


    • Fundamentals of graph databases with Neo4j


    • Is every build system using Ninja just as fast as every other?
      One of the most common arguments against Meson is that "it is only fast because it uses Ninja rather than Make, using any other Ninja build generator would be just as fast". This is always stated as fact without any supporting evidence or measurements. But is this really the case? Let's find out.

      For testing one needs a project that has both CMake and Meson build definitions. I'm not aware of any so I created one myself. I took the source code of the Mediascanner 2 project, which is using CMake and converted it to use Meson. This project was chosen solely based on the fact that I wrote the original CMake definitions ages ago so I should have a fairly good understanding of the code base. The project itself is a fairly typical small-to-medium project written in C++ with a handful of system dependencies.


    • JavaScript spec gets strung out on padding


      ECMAScript 2017, the latest edition of the specification upon which JavaScript is based, plugs a gap left by awkward extinction of some Node.js code last year.

      In March, 2016, as a result of a naming conflict with instant messaging app Kik, developer Azer Koçulu withdrew more than 250 of his modules from NPM, the service Node.js developers use to install dependencies.


    • 9 cutting-edge programming languages worth learning now
      The big languages are popular for a reason: They offer a huge foundation of open source code, libraries, and frameworks that make finishing the job easier. This is the result of years of momentum in which they are chosen time and again for new projects, and expertise in their nuances grow worthwhile and plentiful.

      Sometimes the vast resources of the popular, mainstream programming languages aren’t enough to solve your particular problem. Sometimes you have to look beyond the obvious to find the right language, where the right structure makes the difference while offering that extra feature to help your code run significantly faster without endless tweaking and optimizing. This language produces vastly more stable and accurate code because it prevents you from programming sloppy or wrong code.






Leftovers



  • Half of the world’s languages are dying. Should we save them?
    There are currently around 7,000 languages being used today, with one language dying every two weeks. UNESCO says that half of the world's languages may vanish in a century's time. And, in my home country of India, 220 languages have died in the last 50 years and 197 languages are endangered.


  • Science

    • Students are Better Off without a Laptop in the Classroom

      First, participants spent almost 40 minutes out of every 100-minute class period using the internet for nonacademic purposes, including social media, checking email, shopping, reading the news, chatting, watching videos, and playing games.



    • Lithium/graphene “foil” makes for a great battery electrode
      Lithium ion batteries, as the name implies, work by shuffling lithium atoms between a battery's two electrodes. So, increasing a battery's capacity is largely about finding ways to put more lithium into those electrodes. These efforts, however, have run into significant problems. If lithium is a large fraction of your electrode material, then moving it out can cause the electrode to shrink. Moving it back in can lead to lithium deposits in the wrong places, shorting out the battery.




  • Health/Nutrition



    • Access To Medicines For All By 2030: New WHO Strategic Framework Sets Vision
      Access to affordable and quality medicines for all is one of the major commitments of the World Health Organization, and its new medicines and health products strategic framework for the next 15 years calls for new research and development (R&D) models, including delinkage of the R&D costs from the price of products, and fair pricing.




  • Security



    • Open Source Security Podcast: Good docs ruin my story
      Josh and Kurt talk about Let's Encrypt, certificates, Kaspersky, A/V, code signing, Not Petya, self driving cars, and failures that become security problems.


    • Reproducible Builds: week 115 in Stretch cycle


    • Security updates for Wednesday


    • Cracking The Data Safety Code
      Keeping our data safe online is something that we get told about a lot. That is because as members of the information generation, it's all too easy for our most valuable assets our identity and privacy to be compromised. But how can we keep our data safer? Read on to find out.


    • Fighting Cyber Threats with an Open Data Model
      From ABTA, to election hacking to WannaCry, it seems not a day goes by without a cyber-attack dominating the headlines. Cybercrime doesn’t discriminate; it affects organizations of all shapes and sizes. Added to this is the mounting pressure caused by the EU General Data Protection Regulation (GDPR) which will penalize organizations that do not comply with laws that aim to keep customer data safe. It’s imperative for organizations to re-evaluate their security posture and plan for the future.


    • Windows 7 and 8.1 receive Patch Tuesday Updates [Ed: Mind last paragraph. Microsoft breaks Vista 7 again with a security update.]
      If an iSCSI target becomes unavailable, attempts to reconnect will cause a leak. Initiating a new connection to an available target will work as expected. Microsoft is working on a resolution and will provide an update in an upcoming release.



    • Hacker Ethic and Free Software Movement
      Why the word hacking go along with computers? The computer gives us a vast area to explore our creativity. It’s huge code base, and their intricacies and the complicated machines offer us opportunities to HACK.
    • Become a Certified Pentester with Super-Sized Ethical Hacking Course


    • 27 000 errors in the Tizen operating system [Ed: PVS Studio 'article' (marketing) that's made by liars. They extrapolate number of POTENTIAL bugs, based on 3.3% of code, then come up with this scary headline.]


    • Highrise
      Today, July 13th 2017, WikiLeaks publishes documents from the Highrise project of the CIA. HighRise is an Android application designed for mobile devices running Android 4.0 to 4.3. It provides a redirector function for SMS messaging that could be used by a number of IOC tools that use SMS messages for communication between implants and listening posts. HighRise acts as a SMS proxy that provides greater separation between devices in the field ("targets") and the listening post (LP) by proxying "incoming" and "outgoing" SMS messages to an internet LP. Highrise provides a communications channel between the HighRise field operator and the LP with a TLS/SSL secured internet communication.


    • How CIA Agents Covertly Steal Data From Hacked Smartphones (Without Internet)
      WikiLeaks has today published the 16th batch of its ongoing Vault 7 leak, this time instead of revealing new malware or hacking tool, the whistleblower organisation has unveiled how CIA operatives stealthy collect and forward stolen data from compromised smartphones.

      Previously we have reported about several CIA hacking tools, malware and implants used by the agency to remotely infiltrate and steal data from the targeted systems or smartphones.


    • Trump administration has removed Kaspersky from approved suppliers list

      Kaspersky Lab, a private company, seems to be caught in the middle of a geopolitical fight where each side is attempting to use the company as a pawn in their political game.



    • [Older but no more paywall] Breaking Libgcrypt RSA via a side channel
      A recent paper [PDF] by a group of eight cryptography researchers shows, once again, how cryptographic breakthroughs are made. They often start small, with just a reduction in the strength of a cipher or key search space, say, but then grow over time to reach the point of a full-on breaking of a cipher or the implementation of one. In this case, the RSA implementation in Libgcrypt for 1024-bit keys has been fully broken using a side-channel attack against the operation of the library—2048-bit keys are also susceptible, but not with the same reliability, at least using this exact technique.

      The RSA cryptosystem involves lots of exponentiation and modular math on large numbers with sizable exponents. For efficiency reasons, these operations are usually implemented by a square-and-multiply algorithm. Libgcrypt is part of the GNU Privacy Guard (GnuPG or GPG) project and underlies the cryptography in GPG 2.x; it uses a sliding window mechanism as part of its square-and-multiply implementation. It is this sliding window technique that was susceptible to analysis of the side channel and, thus, allowed for the break.


    • All Your Accounts Are Belong to Us
      It turns out someone called in to Verizon claiming to be me. The individual claimed his phone (my phone) had been stolen, and he wanted to transfer service to another device. He had enough information about me to pass whatever verification Verizon required, and if he'd been a little smoother on the phone, he'd have likely gotten my number. It turned out that the Verizon employee felt the call was suspicious and disabled the account instead of transferring service. (I know that only because the employee made a note on the account.) After a stressful day of back and forth, the company I work for was able to get my phone turned back on, and I still have the same phone number I've always had—thank goodness.




  • Defence/Aggression



    • Bay Area: Join us 7/19 to discuss technical troubles with drone warfare
      Drone strikes and surveillance are a major component of modern warfare, but few people outside the military understand how these programs work. That's why former military technician Lisa Ling became a whistleblower after 14 years in the National Guard. She wanted policymakers to know that drones are not reliable, and they can create more problems than they solve.

      Lisa Ling joined the military in 1991, serving as an army medic and nurse before transferring to the Air National Guard (ANG). In the ANG, she became a communications technician working on various types of electronic equipment, including the Distributed Common Ground System (DCGS). Besides her overseas deployments, Lisa was mobilized during a partial unit mobilization of the 234th intelligence Squadron to the 48th Intelligence Squadron at Beale Air Force Base from October 2007 to September 2009. The 48th Intelligence Squadron provides in-garrison and deployed communications, as well as logistics maintenance for the DCGS.




  • Environment/Energy/Wildlife/Nature



    • A truly enormous iceberg just broke loose from Antarctica
      Concluding a months-long deathwatch, one of the largest icebergs ever seen finally separated from Antarctica’s Larsen C Ice Shelf sometime in the last couple days. The 5,800-square-kilometer iceberg contains over a trillion tons of ice. For years, researchers have been keeping an eye on a growing rift in the floating ice shelf that raced toward completion in recent months.


    • Climate scientists push back against catastrophic scenarios
      One of the challenges of discussing climate change is that it really is that bad. Completely realistic projections of things like sea-level rise, loss of agricultural productivity, and so on can sometimes sound like a disaster movie.

      This is a bit of a problem in two ways. The first is that people naturally tend to dismiss possible future outcomes that they don't want to believe will happen. The second is that, since its predictions are for very negative changes, all of climate science has been branded "alarmist." In fact, if you do a Web search for "alarmist," the first results that aren't basic definitions or the Alarmist Brewery are all about climate change.






  • Finance



    • Uber driver, who says he was once paid under $2 per hour, advances labor lawsuit

      In 2016, Michael Hood, an Uber driver, claimed in a proposed class-action lawsuit last year that he has been misclassified as an independent contractor rather than an employee, and as such is consistently being paid below minimum wage after expenses. At one point in 2015, after expenses, Hood alleges he made under $2 per hour—well below North Carolina’s minimum wage at the time, which was $7.25 per hour.

    • Let us be clear
      I do not share some journalists’ affection for political chaos. It may give us plenty to talk and write about, but its consequences will inevitably be felt more keenly the further one climbs down the socio-economic ladder from Fleet Street and broadcast studios. Nonetheless, as I first began to write this piece earlier last month, I felt confident I had the makings of a quasi-satirical survey of how an election that had looked so good for the Conservative Party when it was called in mid-April could have turned so bad so quickly. And, more pertinently, what impact it would all have on Brexit.

      [...]

      Without this majority, she explained, invariably after stating that she was about to be “very clear”, she would not be able to secure the Brexit terms and conditions most advantageous to the United Kingdom. She had not yet been remotely clear about what these terms and conditions might be, but she was very clear that if she were to lose as few as six seats then “I will lose this election and Jeremy Corbyn will be sitting down with the Presidents, Prime Ministers and Chancellors of Europe”. This was a “cold hard fact”.
    • Southern rail: unions say €£13.4m fine is ‘less than a slap on the wrist’
      The Campaign for Better Transport said the fine was “too little, too late”. Spokeswoman Lianna Etkind said: “The Southern fiasco is estimated to have cost the economy over €£300m, and the government has already covered millions of pounds in delay repayments on behalf of Southern as well as handing GTR €£20m of public money last year as part of an emergency package.”




  • AstroTurf/Lobbying/Politics



  • Censorship/Free Speech



  • Privacy/Surveillance



    • Edward Snowden's leaks has NSA in damage-control mode, spy agency official tells Lancaster audience
      A high-ranking official of the National Security Agency said in a talk here Wednesday that the electronic surveillance agency is working to improve its public relations in the wake of Edward Snowden’s damaging leaks.

      Jonathan Darby, the NSA’s deputy chief of cybersecurity operations, said the agency realized it had to “get out and talk more about what we do” after Snowden in 2013 revealed ways in which U.S. spy agencies collect phone, email and other communications.

      Darby contended that most of the Snowden-related stories in 2013 were “twisted or dead-out wrong,” and he pushed back on a movie glorifying the former NSA contractor’s actions, saying the leaks put people’s lives at risk.

      Snowden fled to Moscow in June 2013 after he was identified as the source of information several newspapers printed about previously undisclosed NSA surveillance programs. Snowden remains in Russia, where he was granted asylum until 2020.


    • Amazon may give developers your private Alexa transcripts

      According to sources reported by The Information, Amazon is currently looking at opening up this private transcript data to its developers, which could help them build better voice apps for Alexa. It would also raise serious privacy concerns for users.



    • How Trump Can Avoid Impeachment: Order NSA to Declassify All Intel On Democratic Email Leaks
      So if Trump is innocent, his best shot at avoiding impeachment is order the NSA to declassify its data on the “hacking” of the DNC’s servers and Podesta emails.


    • LAWSUIT STARTED AGAINST NEW DUTCH DATA MINING LAW
      Twelve organizations teamed up to file a lawsuit to stop the implementation of a new data mining law in the Netherlands. The new law was adopted by the Dutch Senate on Tuesday and gives the intelligence services more capabilities to spy on internet traffic on a large scale.

      "We trust that the Dutch judges will pull the brake and say: this law goes too far", human rights lawyer Jelle Klaas, who is representing the coalition of organizations in their lawsuit, said to RTL Nieuws. The coalition includes the Public Interest Litigation Project, civil rights organization Privacy First, the Dutch Association of Journalists, the Dutch Association of Criminal Law Attorneys and the Platform for the Protection of Civil Rights.



    • Bosses told to stop snooping on employees' Facebook profiles
    • Your Facebook Messenger app is about to be filled with ads

      After forcing Facebook users to switch to a separate Messenger app to continue chatting, the social network is about to start pushing adverts on those using the function.

    • Six major US airports now scan Americans’ faces when they leave country

      The Department of Homeland Security has been pushing a plan that if enacted would require all Americans submit to a facial-recognition scan when departing the country. This step would be a way to expand a 2004 biometric-tracking law meant to target foreigners.



    • Face scans for Americans flying abroad stir privacy issues

      Pilots projects are underway at six U.S. airports - Boston, Chicago, Houston, Atlanta, New York City and Washington, D.C. DHS aims to have high-volume U.S. international airports engaged beginning next year.

      During the pilots, passengers will be able to opt out. But a DHS assessment of the privacy impact indicates that won't always be the case.





  • Civil Rights/Policing



    • EFF Condemns Detentions at Turkish Digital Security Meeting
      EFF believes that everyone should be free to learn to protect themselves online and that this is information they have the right to share. Digital security trainings like this one are frequently held across the world to educate lawyers, journalists, and human rights advocates on how best to protect themselves and their communities. Teaching or learning these skills is certainly no grounds for detention. By conducting this raid, Turkey joins Iran and Ethiopia as countries where innocent citizens are intimidated and arrested simply for learning the basic principles of modern technology.


    • Trump’s FBI Pick Has a Troubling History on Digital Liberties
      During his tenure as Assistant Attorney General in the Bush Administration, Wray vocally defended a range of controversial provisions in the USA PATRIOT Act—including Section 215, which would later provide the basis for the bulk collection of Americans’ telephone metadata.

      When Wray went before the Senate Judiciary Committee in 2003 to defend the PATRIOT Act, a Department of Justice document indicated that Section 215’s business records provision had never been used. Wray insisted that was a sign of restraint: “We try to use these provisions sparingly, only in those instances where we feel that this is the only tool that we can use.” In fact, as the Privacy and Civil Liberties Oversight Board (PCLOB) made clear in its report on the bulk metadata program, Section 215 was sitting fallow because the Bush Administration was already collecting much of that data—without statutory authorization.

      Granted, Wray didn’t have all of the information about that secretive wiretapping program until 2004, which we’ll get into below. Still, his insistence that Section 215 was just an effort to bring counterterrorism powers in line with ordinary criminal authorities reflected a concerning lack of skepticism about the risk of abuse. The same holds for his defense of a range of other PATRIOT Act provisions: “sneak and peek” warrants that allow law enforcement to search first and serve notice later; a reduced bar for obtaining a FISA warrant that one district court later found inconsistent with the Fourth Amendment; and a vaguely worded expansion of the kind of Internet data, some of it potentially very sensitive, that can be collected with a pen/trap order.

      Experience teaches that broad grants of surveillance authority are invariably abused, as the PATRIOT Act has been. During Wray’s confirmation process, lawmakers should press him on his insistence that the Act “helped preserve and protect liberty and freedom, not erode them.”




  • Internet Policy/Net Neutrality



    • Fight: The WIRED Guide to Net Neutrality


    • How to Keep the Fight for Net Neutrality Going

      Today's digital protest is an important effort to help preserve the net neutrality rules that help uphold a free and open internet. It's also not enough.



    • Net Neutrality is Not a Pirates’ Fight Anymore

      Under the present net neutrality rules, there’s a clear standard that prevents ISPs from blocking, throttling, and paid prioritization of “lawful” traffic. In addition, they allow Internet providers to be regulated as carriers under Title II.



    • Ajit Pai: the man who could destroy the open internet

      The FCC chairman leading net neutrality rollback is a former Verizon employee and whose views on regulation echo those of broadband companies



    • Trump's 'war on the open internet': tech firms join activists in day of protest

      Comments on the FCC’s new proposal will be open until August and an as yet unscheduled vote is expected later this year.

      [...]

      Another supporter, the Writers Guild of America, has called the move a “war on the open internet”.



    • 'Groundhog Day' Dawns for Foes of Trump’s Internet-Rule Rollback

      There are two kinds of people in this world: those who have never heard of net neutrality, and those who are deeply, deeply tired of engaging in the debate over net neutrality.



    • Today’s the Day: Let's Save Net Neutrality
      You might have noticed something unusual when you visited the EFF website today: our site was “blocked” unless you shelled out for “premium” Internet access.

      As part of the day of action to support net neutrality, we decided to imagine what might happen if FCC Chairman Ajit Pai caves to industry pressure and abandons the net neutrality rules the FCC adopted just two years ago. If you don’t want to live in that future, it’s time to take action.


    • On Wednesday, July 12, everyone can stand up for net neutrality


    • The internet is fucked (again)

      Why was it fucked? Because the free and open internet was in danger of becoming tightly controlled by giant telecom corporations that were already doing things like blocking apps and services from phones and excusing their own services from data caps. Because the lack of competition in the internet access market let these companies act like predatory monopolies. And because our government lacked the will or clarity to just say what everyone already knows: internet access is a utility.



    • How You Can Join Today’s Internet-Wide Day of Action to Save Net Neutrality

      We can win again. Below are three things you can do today to make sure we let everyone in Congress and the FCC know that we won’t let them destroy net neutrality.



    • Net Neutrality Is About Much More Than the Internet

      Will the voice of the people be drowned out by a flood of corporate cash?



    • Tech firms unite for 'net neutrality' protest
      A host of internet giants - from social networks to dating apps to porn sites - will join a protest Wednesday against plans to roll back rules protecting "net neutrality".

      The sites will display a variety of messages, or simulate the potential effects of losing the basic principle of all internet traffic being treated equally.

      The US communications regulator earlier this year voted to remove an Obama-era rule that would prevent the prioritisation - or "throttling" - of data, as well as other measures campaigners consider to be detrimental to the internet.

      Opponents to net neutrality say it stifles innovation and discourages investment in telecoms infrastructure.


    • Tech giants rally today in support of net neutrality
      Technology giants like Amazon, Spotify, Reddit, Facebook, Google, Twitter, and many others are rallying today in a so-called “day of action” in support of net neutrality, five days ahead of the first deadline for comments on the US Federal Communications Commission’s planned rollback of the rules.

      In a move that’s equal parts infuriating and exasperating, Ajit Pai, the FCC’s new chairman appointed by President Trump, wants to scrap the open internet protections installed in 2015 under the Obama administration. Those consumer protections mean providers such as AT&T, Charter, Comcast, and Verizon are prevented from blocking or slowing down access to the web.


    • Here’s how you can participate in Net Neutrality Day if you don’t run a website.


    • Support Net Neutrality
      The FCC wants to destroy net neutrality and give big cable companies control over what we see and do online. If they get their way, they’ll allow widespread throttling, blocking, censorship, and extra fees. On July 12th, the Internet will come together to stop them.




  • DRM



    • Encrypted Media Extensions on the World Wide Web
      Before I continue, I want you to fully realize that with Slackware Linux, your rights are not taken away. You are free to use – or not use – technologies that allow you to watch “protected” content like Netflix videos. Our browsers will work just as well if you choose not to use DRM technologies. The libraries which implement the DRM layer are separate from the Slackware packages containing the browsers (Firefox, Chromium) and are not distributed with the OS. It is up to you to add DRM extensions if you need them. You are and remain in control of your OS.
    • [Older] Amid Unprecedented Controversy, W3C Greenlights DRM for the Web [Ed: see "I know this isn't specifically Linux related, but I'm shocked we're not talking about this already."]


    • EFF has appealed the W3C's decision to make DRM for the web without protections
      Five days ago, the World Wide Web Consortium announced that it would go ahead with its project of making DRM for web-video, and that the Director, Tim Berners-Lee had overruled or decided not to act further on all objections about the dangers this posed to legitimate and important activities including security audits, accessibility adaptation and competition.

      The W3C has an appeals process, which has never been successfully used in W3C history. If 5 percent of the members appeal a decision by the Director, all members are entitled to vote, and if there's a majority in favor of overulling the Director, the decision is unmade.


    • Global Web standard for integrating DRM into browsers hits a snag
      Days ago, Ars reported on a controversial decision by the industry trade group that oversees the global development of Web standards. The decision by the World Wide Web Consortium (W3C) to back a standard for implementing digital rights management (DRM) for Web-based content is now under appeal, the Electronic Frontier Foundation announced Wednesday.




  • Intellectual Monopolies



    • Copyrights



      • Canada’s Federal Court upholds interim tariff in Access Copyright ruling
        York University is required to pay the interim tariff established by the Copyright Board of Canada in 2010, Canada’s Federal Court rules in Access Copyright v York University. The court said the tariff is “mandatory, not voluntary”


      • Course Packs For Education Ruled Legal In India: Triumph For Access To Educational Materials
        In 2012, three academic publishers, Oxford University Press (OUP), Cambridge University Press (CUP) and Taylor & Francis, sued the University of Delhi (DU) and Rameshwari Photocopy Service (based at the university) for copyright infringement for photocopying parts of their textbooks and distributing them in course packs – collections of assigned reading materials – exclusively to students for a fee.

        The publishers sought to compel Delhi University to enter into a licensing agreement with the Indian Reprographic Rights Organization (IRRO), that manages certain rights on behalf publishers and other rightsholders in India.


      • Battle over selfies taken by macaque monkey back to court

        The battle over now-famous selfie photographs taken by a macaque monkey will head back to federal court. The US Court of Appeals for the Ninth Circuit in San Francisco on Wednesday will hear arguments on whether an animal can own the copyright to a photograph. The proceedings will be broadcast online.









Recent Techrights' Posts

Google Has Mass Layoffs (Again), But the Problem is Vastly Larger
started as a rumour about January 2025
Electronic Frontier Foundation Defends Companies That Attack Free Speech Online (Follow the Money)
One might joke that today's EFF has basically adopted the same stance as Donald Trump and has a "warm spot" for BRICS propaganda
 
Early Retirement Age: Linus Torvalds Turns 55 Next Week
Now he's almost eligible for retirement in certain European countries
Gemini Links 22/12/2024: Solstice and IDEs
Links for the day
BetaNews: Microsoft Slop is Your "Latest Technology News"
Paid-for garbage disguised as "journalism"
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, December 21, 2024
IRC logs for Saturday, December 21, 2024
Links 21/12/2024: EU on Solidarity with Ukraine, Focus on Illegal and Unconstitutional Patent Court in the EU (UPC)
Links for the day
[Meme] Microsofters at the End of David's Leash
Hand holding the leash. Whose?
Deciphering Matt's Take on WordPress, Which is Under Attack From Microsofters-Funded Aggravator
the money sponsoring the legal attacks on WordPress and on Matt is connected very closely to Microsoft
Gemini Links 21/12/2024: Projections, Dead Web ('Webapps' Replacing Pages), and Presentation of Pi-hole
Links for the day
American Samoa One of the Sovereign States Where Windows Has Fallen Below 1% (and Stays Below It)
the latest data plotted in LibreOffice
[Meme] Brian's Ravioli
An article per minute?
Links 21/12/2024: "Hey Hi" (AI) or LLM Bubble Criticised by Mainstream Media, Oligarchs Try to Control and Shut Down US Government
Links for the day
LLM Slop is Ruining the Media and Ruining the Web, Ignoring the Problem or the Principal Culprits (or the Slop Itself) Is Not Enough
We need to encourage calling out the culprits (till they stop this poor conduct or misconduct)
Christmas FUD From Microsoft, Smearing "SSH" When the Real Issue is Microsoft Windows
And since Microsoft's software contains back doors, only a fool would allow any part of SSH on Microsoft's environments, which should be presumed compromised
Paywalls, Bots, Spam, and Spyware is "Future of the Media" According to UK Press Gazette
"managers want more LLM slop"
On BetaNews Latest Technology News: "We are moderately confident this text was [LLM Chatbot] generated"
The future of newsrooms or another site circling down the drain with spam, slop, or both?
"The Real New Year" is Now
Happy solstice
Microsoft OSI Reads Techrights Closely
Microsoft OSI has also fraudulently attempted to censor Techrights several times over the years
"Warning About IBM's Labor Practices"
IBM is not growing and its revenue is just "borrowed" from companies it is buying; a lot of this revenue gets spent paying the interest on considerable debt
[Meme] The Easier Way to Make Money
With patents...
The Curse (to Microsoft) of the Faroe Islands
The common factor there seems to be Apple
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, December 20, 2024
IRC logs for Friday, December 20, 2024
Gemini Links 21/12/2024: Death of Mike Case, Slow and Sudden End of the Web
Links for the day
Links 20/12/2024: Security Patches, Openwashing by Open Source Initiative, Prison Sentence for Bitcoin Charlatan and Fraud
Links for the day
Another Terrible Month for Microsoft in Web Servers
Consistent downward curve
LLM Slop Disguised as Journalism: The Latest Threat to the Web
A lot of it is to do with proprietary GitHub, i.e. Microsoft
Gemini Links 20/12/2024: Regulation and Implementing Graphics
Links for the day
Links 20/12/2024: Windows Breaks Itself, Mass Layoffs Coming to Google Again (Big Wave)
Links for the day
Microsoft: "Upgrade" to Vista 11 Today, We'll Brick Your Audio and You Cannot Prevent This
Windows Update is obligatory, so...
The Unspeakable National Security Threat: Plasticwares as the New Industrial Standard
Made to last or made to be as cheap as possible? Meritocracy or industrial rat races are everywhere now.
Microsoft's All-Time Lows in Macao and Hong Kong
Microsoft is having a hard time in China, not only for political reasons
[Meme] "It Was Like a Nuclear Winter"
This won't happen again, will it?
If You Know That Hey Hi (AI) is Hype, Then Stop Participating in It
bogus narrative of "Hey Hi (AI) arms race" and "era/age of Hey Hi" and "Hey Hi Revolution"
Bangladesh (Population Close to 200 Million) Sees Highest GNU/Linux Adoption Levels Ever
Microsoft barely has a grip on this country. It used to.
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, December 19, 2024
IRC logs for Thursday, December 19, 2024