Bonum Certa Men Certa

Links 1/8/2017: PiCluster 2.0, Qubes OS 4.0 RC1, and New RHEL

GNOME bluefish



Free Software/Open Source

  • Open source mapping project preserves cultural heritage
    I am from the Philippines. I've been an advocate of free and open culture since college, and I occasionally also contribute to the Wikimedia projects, particularly Wikimedia Commons.

    In 2014, I worked on a government project where I digitally documented some of the largest heritage artworks in the country, like the ceiling paintings of some of the colonial Catholic churches in central Philippines. You can see them at Wikimedia Commons under Creative Commons licenses.

  • We don't make software for free, we make it for freedom
    The debate about whether vendors can thrive and scale if their primary outputs are freely licensed continues to brew nearly two years since I wrote about the topic. Basing a business on an open source strategy is undoubtedly challenging, because no matter how many times you quote Richard Stallman that software freedom means "free speech," not "free beer," there is a persistent expectation that open source means free: free software, free updates, free knowledge, free support.

  • Sharing "The Faces of Open Source"
    A few weeks ago we learned about some great work underway by Shane Martin Coughlan: putting a face to the vibrant open source community, and the fascinating discussions happening within it, through a series of interviews—we thought we'd share them here in a new series.

  • Who's doing what with NFV orchestration platforms?
    It might come as little surprise, but the two primary options for NFV orchestration platforms are open source or vendor-supplied options. See who's doing what in these areas.

  • LunchBadger Announces Open Source Express.js API Gateway
    LunchBadger; API lifecycle, orchestration and optimization solution provider; has announced its new open source API gateway: Express Gateway. Express Gateway is one of the first open source gateways to utilize Express.js. The gateway delivers a solution to developers and businesses who desire to build their own Express.js-based micro services instead of utilizing an out-of-the-box solution.

  • Bitrise raises $3.2M A led by OpenOcean to attack the complexity of building apps
    Bitrise is the most open platform in the space. It’s completely extensible and lets developers use all the third party services they know and love in one beautiful interface.”

  • Turning to Open Source Apache Cassandra Gave Our Data a Highly-Available Home
    A growing cross-network advertising platform, we continue to be drawn to solutions that free up our internal resources from being bogged down by infrastructure management. While it’s a strategy that has been critical to our success, it hasn’t come without key infrastructure changes to make it work. Our challenge from day one has been balancing the fact that the strength of our database capabilities is absolutely essential to our product, but devoting all possible resources toward product development would give us the competitive differentiators we need to be successful.

  • All your streaming data are belong to Kafka
    Apache Kafka is on a roll. Last year it registered a 260 percent jump in developer popularity, as Redmonk’s Fintan Ryan highlights, a number that has only ballooned since then as IoT and other enterprise demands for real-time, streaming data become common. Hatched at LinkedIn, Kafka’s founding engineering team spun out to form Confluent, which has been a primary developer of the Apache project ever since.

    But not the only one. Indeed, given the rising importance of Kafka, more companies than ever are committing code, including Eventador, started by Kenny Gorman and Erik Beebe, both co-founders of ObjectRocket (acquired by Rackspace). Whereas ObjectRocket provides the MongoDB database as a service, Eventador offers a fully managed Kafka service, further lowering the barriers to streaming data.

  • Heroic Labs launches open-source backend game servers to help small studios with online services

    Game developers are turning to outside vendors for backend services, but there is always a danger they could get locked into one with bad results. So Heroic Labs is announcing the formal launch of its Nakama 1.0 open-source real-time game servers to help with this.

    The San Francisco-based company has developed server that provides typical backend services such as live events, leaderboards, and other features that game developers would rather not have to code themselves, said Heroic Labs vice president of product Alim Jaffer in an interview with GamesBeat.

  • Comcast Joins ONAP
    The news was announced today by the Open Network Automation Platform (ONAP) , which also welcomed four more vendors -- Fujitsu Ltd. (Tokyo: 6702; London: FUJ; OTC: FJTSY), Infosys Technologies Ltd. (Nasdaq: INFY), Netcracker Technology Corp. and Samsung Corp. -- to the fold for a total of 50 members. The organization, sponsored by the Linux Foundation , has only been in formal operation since March.

  • Who's doing what with NFV orchestration platforms?
    The deployment of network functions virtualization, or NFV, can bring significant benefits to service providers. These benefits include agility, lower costs and promises of operational efficiency. But service providers must choose from leading open source options and a variety of vendor-supplied offerings for their NFV orchestration platforms.

  • Leveraging the Best of Open Source [Ed: He says we are now "treating open source solutions as fundamentally the same as commercial offerings," but it's ill-posed because "commercial" does not or should not mean proprietary.]
    Open source technologies are everywhere and in almost everything we leverage today across the IT enterprise. That is not a new observation, but something we just accept. My experience in leveraging open source technologies reaches back to the mid 90's where I spent the better part of a year setting up both a rural phone company's ISP and a university’s computing lab leveraging Linux 0.99. In those days, the cost of commercial enterprise operating systems was too high for lean startup activities. Therefore, we were willing to trade time for money. Getting a Linux kernel working with a specific network card was not fun in the early days and often required a bit of trial and error cycled over many kernel builds. However, these types of projects gave us a real appreciation for what the open source community was contributing and what was expected from the user community to benefit. Unfortunately, this support gap kept open source technologies on the fringe for many years. Eventually this provided an opportunity for the creation of new vendor ecosystems that work closely with the technical innovators while delivering the functionality and support required of enterprise customers. Companies like RedHat have been filling some of these gaps for more than a decade.

  • Kite Dev Tool Drops Atom Bomb
    There's trouble in open source land, revolving around a text editor that's popular with developers and a proprietary toolset, Kite, that wants some of that open source business. Their way of getting it, however, seems to have backfired.

    Atom is a text editor developed by GitHub and released under the MIT license. It's been around for about three-and-a-half years, during which time it's built a sizable user base. Developers like it because it runs on most operating systems -- Linux, Windows and Mac -- and comes with a lot of dev-friendly features built-in. They also like its modular design, which has spawned a community of devs creating plugins that further expand its capabilities.

  • Nasdaq Corporate Solutions' open-source webhosting ensures innovation and best practice
    Innovation in the open-source community allows Nasdaq to rapidly embrace new features that benefit the exchange’s 3,000 webhosting clients around the globe, Ball notes, pointing to a new media library component that allows streamlined management of different media as one example. Drupal’s modular architecture translates into great flexibility for adding new functionality. For IROs, that means that critical must-have characteristics are an integral part of the Nasdaq Corporate Solutions platform. For example, ‘mobile is a first-class citizen,’ Ball says, pointing out that there is no separate process for administering content for mobile environments, so any new IR content is automatically promulgated across a multi-platform architecture.

  • Bitnami to Open Source its Mobile Kubernetes Dashboard
    Bitnami announced plans to open source its Cabin platform, which is billed as a mobile application for controlling Kubernetes.

    Cabin is a mobile dashboard, allowing for the remote management of Kubernetes clusters. Users can scale deployments, execute commands in containers, access logs, manage labels, and integrate with Google Container Engine for cluster provisioning.

  • Web Browsers

    • Mozilla

      • Mozilla releases research results: Zero rating is not serving as an on-ramp to the internet
        Today, 4 billion people live without the internet. There’s a global debate about how to connect the unconnected, but it’s often dominated by assumptions and not a lot of data or talking to actual users on the ground.

        To better inform this issue, Mozilla recently supported a series of focus groups to investigate how and why people use subsidized services in India, Myanmar, Peru, Kenya, Nigeria, Rwanda and South Africa. Today, we’re releasing the results of this research carried out by Research ICT Africa, LIRNEasia and IEP.

      • New Test Pilot Experiments Available Today
        Last month, we delivered the first in a series of groundbreaking updates to the browser. This week, the Test Pilot team is continuing to evolve Firefox features with three new experiences that will make for a simpler, faster and safer experience.

  • Oracle/Java/LibreOffice

    • LibreOffice 5.4 Released With New Features
      ​The Document Foundation announces LibreOffice 5.4, the latest major release of the best open source office suite software available. LibreOffice 5.4 is the last major release of the 5.x family. LibreOffice 5.4 comes with new features for Writer, Calc and Impress and it is immediately available for Linux, macOS and Windows, and for the cloud. The latest iteration comes with significant features in every module, including the usual large number of incremental improvements to Microsoft Office file compatibility. So let’s see what’s new in LibreOffice 5.4.

    • How to Install/Upgrade to LibreOffice 5.4 on Ubuntu

    • LibreOffice 5.4: The best office suite gets better
      My first "office" program was WordStar in 1982. Since then, I've used more than I can ever remember, including all the Microsoft Office programs beginning with 1.0 in 1991. I make my living from office software. If there's something good out there, I want to know about it. And that's why I've been using LibreOffice ever since it forked from OpenOffice. It's the best office suite out there, and with the release of LibreOffice 5.4, it's only gotten better.

      Why? There are many reasons. Let's start with the basics: It's free. Yes, it's also open source, but I mean "free" as in "free beer". It doesn't cost you a red cent.

  • Education

    • Study: ‘Dutch education system needs thoughtful ICT vision’
      The Dutch education system, together with teachers and school authorities, needs to develop a vision on the relationship between ICT and education, the Education Council of the Netherlands writes in a report published in May. Recommendations include emphasising sharing and reuse of ICT solutions.

      An ICT vision should encompass digital educational goals, the use of digital educational resources, and the use of digital applications in the organisation of education, the Council writes.

  • Pseudo-Open Source (Openwashing)

  • BSD

    • OPNsense 17.7 released
      For more than two and a half years now, OPNsense is driving innovation through modularising and hardening the open source firewall, with simple and reliable firmware upgrades, multi-language support, HardenedBSD security, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing.

      We are writing to you today to announce the final release of version 17.7 “Free Fox”, which, over the course of the last 6 months, includes highlights such as SafeStack application hardening, the Realtek re(4) driver for better network stability, a Quagga plugin with broad routing protocol support and the Unbound resolver as the new default. Additionally, translations for Czech, Chinese, Japanese, Portuguese and German have been completed for the first time during this development cycle.

    • OPNsense 17.7 Released For FreeBSD 11 Powered Firewall
    • OpenBSD Switches To Clang Compiler For i386/AMD64
      OpenBSD is now the latest BSD switching from GCC to LLVM's Clang C/C++ compiler by default.

      With the OpenBSD switch-over that happened last week in CVS, Clang is now the default compiler for i386 and x86_64 architectures.

  • Licensing/Legal

    • SPDX Could Help Organizations Better Manage Their Thickets of Open Source Licenses [Ed: Linux Foundation should stop propping up Black Duck, a Microsoft-connected anti-FOSS firm that's paying the Foundation for self promotion. The Linux Foundation is thorough compromised by proprietary software firms that essentially pay the Foundation for marketing and openwashing.]
      As open source becomes more pervasive, companies are consuming products that have open source components. Today you literally can’t use any piece of software that doesn’t have any open source code in it, making it very complicated for companies to keep a tab on what they are consuming and stay compliant with open source licenses.

      To help simplify matters is a new Linux Foundation project called Software Package Data Exchange. With SPDX, the Foundation hosts the project and owns the copyright on the specification and trademark assets. It’s an open community of volunteers and as such has people participating across a broad spectrum of companies, academia and other foundations.

    • A Field Guide to Open Source Software Licensing [Ed: More like a FUD guide, not "A Field Guide"; selling services by FUDing FOSS.]

  • Openness/Sharing/Collaboration

    • Open Hardware/Modding

      • Federico Musto is out as Arduino CEO
        Last week Arduino AG, the holding company for the open source Arduino project, announced that CEO Federico Musto stepped down, to be replaced with Massimo Banzi as new Chairman and CTO of Arduino and Dr. Fabio Violante as CEO.

        The move comes after the maker community found troubling discrepancies in Musto’s educational claims.

      • Inexpensive Robot with Open Source, 3D Printed Components Cracks a Safe in 30 Minutes at Hacker Convention
        While the 3D printed, PIN-protected door lock by HPI looks cool, I’m pretty sure that a determined thief would find a way to get past it. The 3D printed, heavy duty Stealth Key system looks to be much more difficult to get around, but what’s even more high-tech than a lock or a key? A safe. But a team from Colorado-based SparkFun Electronics, an online retail store that sells pieces for electronics projects, recently used an inexpensive, homemade robot, which features some 3D printed components, to crack open a SentrySafe safe in front of hundreds of excited onlookers at a convention for hackers in Las Vegas.

      • Pedro Petit Open Source 3D Printed Robotic Arm (video)
        If you are looking to learn more about robotics you may be interested in a new project which is being posted to the Hackaday website, detailing how to build a 3D printed open source robotic arm complete with built in control panel.

        Watch the demonstration video below to learn more about the Pedro Petit open source DIY robotic arm which is being created by Hackaday user saandial.

  • Programming/Development

    • Support Driven Development: Listen now so you don’t hear it later
      As you can see, none of these support requests were true bugs. But they were stumbling blocks for many users, and added up to a major source of customer dissatisfaction – and a major contributor to support time. By resolving them we’ve made our existing customers happier, and made our new customers blissfully unaware of their predecessors’ struggles.

    • What is Node.js? The JavaScript runtime explained
      Scalability, latency, and throughput are key performance indicators for web servers. Keeping the latency low and the throughput high while scaling up and out is not easy. Node.js is a JavaScript runtime environment that achieves low latency and high throughput by taking a “non-blocking” approach to serving requests. In other words, Node.js wastes no time or resources on waiting for I/O requests to return.

      Let me explain…

      In the traditional approach to creating web servers, for each incoming request or connection the server spawns a new thread of execution or even forks a new process to handle the request and send a response. Conceptually, this makes perfect sense, but in practice it incurs a great deal of overhead.

    • Use case benchmarking drives open-source Node.js forward
      The success of open-source communities like Node.js — a JavaScript runtime based on Chrome’s V8 engine — is completely dependent on contributions from a rich pool of organizations working toward the common goal of building a robust development framework.

      Michael Dawson (pictured), digital transformation leader at IBM, is responsible for Big Blue’s contributions to the Node.JS source code. He explained his level of involvement within the community, including his role leading a Node benchmarking workgroup.

    • Intel helps open-source developers discover the power of Node.js
      Node.js, however, compared with other scripting languages brings the whole platform into the mix. Beyond the CPU, it also requires networking power and a degree of storage. Intel has been investing a lot into making the whole platform shine with optimized Node.js, Ene-Pietrosanu stated. It has also made its efforts available to the open-source community.

    • Qt 5.10 schedule etc
      Kindly reminder: According to schedule we should have Qt 5.10 feature freeze after a week, see So it is time to do remaining finalizations to 5.10 new features now and focus to bug fixing after that. Please fill new features page now as well (; it seems to be quite empty at the moment.

    • Qt 5.10 Will Be Going Into Feature Freeze Soon
      Feature development on the Qt 5.10 tool-kit will soon be coming to an end.

      Qt developers are planning to issue the feature freeze in about one week's time at which point they will be getting out a binary snapshot out, starting the soft branching, and then getting a hard branch of the code after that. If all goes according to plan, the Qt 5.10 Alpha should be out on 31 August while a beta release is expected for 10 October. If all goes well and it's not like past Qt5 releases with delays, Qt 5.10 would then be officially released on 30 November.

    • Big day in poppler-land
      Thanks to C++11 now we have an implementation with move semantics that greatly simplifies the use of Object and will hopefully make for less memory management mistakes.

    • Learning Rust
      I'm obviously not spending much time writing here. It's been a rather busy month at work, and I've been doing other things on the weekend that aren't particularly interesting to write about.

      This past week, though, I took advantage of our semi-annual Hack Week to finally learn Rust. I have several co-workers who love the language and have been wanting to stretch my programming language knowledge a bit. I was also profoundly disappointed by Go, which has been touted as the new C-style systems language but which I think is awful. All the reasons why is a topic for another post, but the obnoxiously verbose error handling is probably my biggest complaint. (This is the worst property of C; why would you copy it?) Rust was a favorite of a few people who felt the same way I did about Go, which seemed promising.

  • Standards/Consortia

    • Technical Standards: The Hard Part of Making Everyone Happy
      A recent controversy involving the group that sets the rules of the road for the web is a great reminder of how challenging standards-making really is, even if your standards are the ones everyone is using.

      Standards have a way of bleeding into parts of life that you might not give a second thought to, as a consumer.

      Case in point: Watching a show on Netflix is a pretty satisfying ritual, isn’t it? Lots of people do it. Tens of millions in fact, many of them on their computers, in their web browsers.


  • Apple can’t end lawsuit over “breaking” FaceTime on iPhone 4, judge rules
    Back in February 2017, two Californians sued Apple in a proposed class-action lawsuit over the fact that the company disabled an older version of iOS. Disabling the outdated iOS had the effect of making FaceTime stop working on the customers' iPhone 4 devices.


    "Apple broke FaceTime in order to gain a financial advantage and reduce relay fees," Judge Koh also wrote. "Further, although Apple knew that it had intentionally disabled FaceTime, Apple told consumers that FaceTime had stopped working because of a 'bug resulting from a device certificate that expired.' Apple did not tell users that Apple had intentionally caused the digital certificate to expire prematurely."

  • The complete history of the IBM PC, part two: The DOS empire strikes

    The ethicality or lack thereof of what Paterson did has been debated for years. Gary Kildall stridently claimed many times that he ripped off the actual CP/M source code, but this is a very problematic assertion. There is no evidence that he even had access to the source, which Digital, like most companies then and now, guarded carefully.


    The real victor was Microsoft, which built an empire on the back of a shadily acquired MS-DOS.

  • Fact Checking Snopes On Its Own Claims Of Being 'Held Hostage' By 'A Vendor': Well, It's Complicated
    Last week, I (like probably many of you) saw the news that the famous (or infamous, depending on your viewpoint) fact checking website "Snopes" was crowdfunding on GoFundMe, saying that it needed to raise money as soon as possible, because "a vendor" refused to recognize that Snopes had terminated a contract and was holding the site "hostage."

  • Science

    • The Space Junk Problem Is About to Get a Whole Lot Gnarlier

    • Russian official on new US sanctions and NASA: “Nothing lasts forever”
      Last Thursday, the United States overwhelmingly passed a new round of sanctions against Russia, taking the executive actions made by then president Barack Obama in December 2016 and putting them into law. Congress also wrote its legislation such that the White House must get Congressional approval prior to any easing of sanctions against Russia. Despite some concerns about the law, President Donald Trump has said he will sign the bill.

      Obama leveled these sanctions, including the dismissal of many Russian diplomats in the United States, following credible reports that the foreign adversary had meddled in the US presidential election. Russian President Vladimir Putin took no action at the time, believing he could work with President Trump to ease the restrictions. But after the Congressional action, Putin acted this weekend to remove hundreds of US diplomats from Russia. The number of US diplomats and Russian nationals employed as staff by the US government must now be 455, the same number Russia has in the United States.

    • Open-source species location data supports global biodiversity analyses [Ed: Not actually open source, but a commendable initiative nonetheless]

      How many species are living on Earth at this moment in time? Ask a few different scientists and you may get drastically different answers. Most estimates range from 3-10 million distinct species of multicellular organisms; however, when microbial diversity is factored in, the upper bound jumps to nearly a trillion.

      Having a clear understanding of what species are present on Earth, where they are, and to what extent they are threatened is essential to making informed conservation decisions at both a local and global scale.

    • Kitchen sponges are festering germ dens—and sanitizing them doesn’t help
      Scientists have long thrown shade at the unassuming kitchen sponge. The household staple skulks in sinks amid dirty dishes and soggy food scraps, sopping up and amplifying microbial forces capable of invading clean food spaces. The savvy kitchen-goer may think they have this situation locked down—a simple toss through a sanitizing dishwasher cycle or a sizzling swirl in the microwave... and done. Sudsy germsplosion averted.

      Nice try, says science.

      In a comprehensive study of 14 household sponges and their microbial inhabitants published in Scientific Reports, researchers confirmed that kitchen sponges are indeed domestic abominations. Moreover, any sterilizing attempts only seem to temporarily free up sponge-space for potential pathogens, which rapidly recolonize the festering scrubber.

  • Health/Nutrition

    • Pot removed from controlled substance list under proposed legislation
      A Democratic senator from New Jersey proposed legislation (PDF) Tuesday that would remove marijuana from the federal list of controlled substances. The proposal, if adopted, would also financially punish states that fail to decriminalize marijuana if they have racial disparities in their arrest and incarceration rates connected to marijuana.

  • Security

    • Security updates for Monday

    • Ransomware: Claim that 22% SMBs shutting shop after attacks [iophk: "Windows TCO"]

      Ransomware attacks caused 22% of small and medium-sized businesses in seven countries, including Australia, to pack up for good, a report from the security firm Malwarebytes claims.

    • Swedish Cabinet reshuffled in wake of IT security row
      It’s not often that an IT security breach leads to the departure of two government ministers. But that is just what has happened in Sweden in the aftermath of a series of disclosures about a data breach and an outsourced IT contract.

    • Active Management of Open Source Components Delivers Measurable Improvements Claims Sonatype Report
      In July, Sonatype released their third annual State of the Software Supply Chain report concluding that when organisations actively manage the quality of open source components in software applications they see a 28% improvement in developer productivity (through reduction in manual governance), a 30% reduction in overall development costs, and a 48% increase in application quality (as application vulnerabilities are removed early reducing their incidence in production). Analysis also showed that applications built by teams utilising automated governance tools reduced the percentage of defective components by 63%.

    • The CIA’s Aeris Malware Can Exfiltrate Data From Linux Systems
      Not a week goes by without WikiLeaks unveiling some more condemning evidence of the CIA’s malware tools. The latest reveal is Aeris, an automated implement which affects many different distributions of the Linux operating system. This particular tool packs quite a lot of features under the hood in an effort to gather as much intelligence as possible. This is surely not the last tool of its kind we will meet.

    • Firejail A Namespace Separation Security Sandbox
      ​Linux distro is mostly loved for its security features. When we people want more security we use TOR and VPN. Today I am going to tell you about an application called Firejail that helps to protect your personal files via sandbox technique.

      ​Firejail is a sandbox application built for Linux distros which uses the capabilities of Linux kernel to use namespace separation. In the simplest sense, apps launched through Firejail cannot access your personal files on your hard drive. Isn’t that cool? Cool and safe!

    • Defcon vote-hacking village shows that "secure" voting machines can be broken in minutes

      Nearly 20 years later, the country's voting security debt has mounted to incredible heights, and finally, just maybe, the security researchers are getting the hearing they deserve.

    • Def Con hackers showed how easily voting machines can be hacked [Ed: Windows powered]
      At Def Con’s hacker voting machine village, where 30 pieces of election equipment sat waiting, hackers were given a deliciously wicked goal. John Hopkins computer scientist Matt Blaze said, “We encourage you to do stuff that if you did on election day they would probably arrest you.”

      And they did. Most of the voting machines were purchased via eBay, but some did come from government auctions. Despite the various different manufacturers of the voting equipment boxes, there was a common theme—they are “horribly insecure.”

      Granted, come election day, officials would likely notice if hackers were physically taking apart the machines. Tinkering with an external USB port on a computerized voting box and using it to upload malicious software may or may not get noticed. Yet those are not the only ways hackers could potentially influence votes and an election’s outcome; there’s the sneaky way of remotely accessing the machine from a laptop.

    • How DEF CON Securely Streams Video to Hackers [Author: "Linux Powered!"]
      The DEF CON 25 security conference is famous for its wide variety and number of security sessions and events. Not everyone can be in every session and some even choose to watch remotely, which is where DEF CON TV (DCTV) comes into play.

      DCTV streamed several sessions from the event, both to local hotels as well as the outside internet. Securely setting up and managing the DCTV streaming is no easy task, but it's one that DEF CON hackers put together rapidly.

    • Windows 10 default user profile is potentially writable by everyone

      Microsoft refuses to fix the issue properly because there is a "simple command everyone can execute" but has not (to my knowledge) told anyone about this command because everyone assumes the issue has been fixed by KB4022715 and KB4022725

    • [Older] The Internet of Things : A disaster for no good reason

      The reason I'm frustrated is because if these things were designed this way, I would WANT them. I really wish my washing machine would tell me when the wash is done because I am EXTREMELY bad at remembering to go check on it. But I can't buy that, I can't buy something that just has a $5 microprocessor with just enough intelligence to connect to the internet and send me an email or a push notification if the buzzer on the washer goes off. The only thing I can buy is a washing machine that's had a horrible, unreliable PC full of quarter-baked software crammed into it which will stop working when some godforsaken cloud service is "sunset", and which is so dependant on the reliability and trustworthiness of the software on the computer that if someone hacks it or the software has a bug, the washer can start spraying water at me when I have the loading door open.

    • 'Most dangerous' banking trojan gets update

      Svpeng, designed to steal banking information through different means, now embeds itself in Android's accessibility services — the software that helps users with disabilities navigate devices and apps, the cybersecurity firm said. So Svpeng is now able to steal any data in a text box and log all keystrokes.

    • Enterprise Network Monitoring Needs Could Hamper the Adoption of TLS 1.3
      The upcoming version of the Transport Layer Security (TLS) protocol promises to be a game changer for web encryption. It will deliver increased performance, better security and less complexity. Yet many website operators could shun it for years to come.

      TLS version 1.3 is in the final stages of development and is expected to become a standard soon. Some browsers, including Google Chrome and Mozilla Firefox, already support this new version of the protocol on an opt-in basis and Cloudflare enables it by default for all websites that use its content delivery network.

    • Security updates for Tuesday

    • Reproducible Builds: Weekly report #118

    • Episode 57 - We may never see amazing security research ever again
      Josh and Kurt talk about Black Hat and Defcon, safes, banks, voting machines, SMBv1 DoS attack, Flash, liability, and password masking.

    • Q&A: Former RSA CEO's new venture takes on Linux container security
      The historical, reactive model of security was a bunch of perimeter controls. With intelligence-driven security, the controls have to be much more agile and react to circumstances in real time. To create a defense in depth strategy, you need to anticipate attacks, to stop attacks before they start, and if you can't stop them, you have to detect an attack when it's in progress. If you can't detect an attack, then you need to be able to prevent a wholesale breach. If you can't prevent a breach, then you have to be able to detect that a breach has occurred, and respond quickly enough to prevent loss or disruption.

    • How a hacked Amazon Echo could secretly capture your most intimate moments
      It's a fact of modern life that many of us forget—the phones, computers, and other connected devices we depend on can often be used against us as secret listening devices. On Tuesday, attention turned to the Amazon Echo, with a demonstration that showed how hackers can convert some models into devices that can surreptitiously record our most intimate moments.

      To be clear, the hack works only against older models of Amazon Echoes. It also requires physical access to the device by a hacker with above-average skills in Linux and embedded hardware systems. That means people aren't likely to be exposed to such attacks unless they own a 2015 or 2016 device and are a target of interest to the Central Intelligence Agency, a similar nation-sponsored spy group, an advanced corporate espionage operation, or a highly determined stalker.

  • Defence/Aggression

  • Transparency/Investigative Reporting

    • Macron email leak: British military ties to France 'more important' than flawed Germany-EU plan

      Emmanuel Macron was told before his election that maintaining defence ties with Britain was crucial and “more important” than flawed plans for EU military integration, according to leaked emails from the French president’s campaign team.

      A trove of tens of thousands of emails released by Wikileaks on Monday showed senior Macron advisers arguing for continued British involvement in European defence projects while highlighting the bitter divisions between Paris and Berlin on EU defence co-operation.

    • Assange threatened by entire American Establishment

      And here is the slice of it they used in a news feature they did with Assange...

    • ACLU Asks Court To Force Government To Fight Fairly In FOIA Lawsuit Over Drone Strike Docs
      The ACLU is headed to the Second Circuit Appeals Court, hoping to force the DOJ to be more... realistic about the government's drone strike operations in Pakistan. It's an FOIA lawsuit, with the ACLU seeking drone documents and being told -- in so many black bars -- that this publicly-acknowledged program is too secret to disclose.

    • Behind Fox News' Baseless Seth Rich Story: The Untold Tale
      Mary Rich, the mother of slain Democratic National Committee staffer Seth Rich, speaks at a press conference on Aug. 1, 2016. A lawsuit alleges Fox News and a wealthy Trump supporter intended to deflect public attention from growing concern about the administration's ties to the Russian government by concocting a story about Seth Rich's death.

    • Secrecy in Court; Takings; and A Proposal for Redaction with Replacement

      In-court secrecy continues to thrive – at least in regards to protecting business interests. Almost all patent infringement lawsuits include secrecy orders negotiated by the parties without much court participation. Courts often view themselves as arbiters of disputes between the parties – and if the parties agree on a particular issue then there is no dispute.

      The right to secrecy in federal courts was upped a bit further with the Defend Trade Secrets Act of 2016 in situations where the parties don’t agree. The DTSA includes a requirement that a court “may not authorize or direct the disclosure of any information the owner asserts to be a trade secret” without first allowing an under-seal submission of a description of the confidential interest. 18 U.S.C. 1835. Although not stated, the implication is that the court must then review the submission before requiring disclosure.

  • Environment/Energy/Wildlife/Nature

    • Climate change will almost certainly heat the world so much it can never recover, major study finds

      It's at that point that scientists think the world will fall into disastrous effects like widespread drought, extreme weather and dangerous increases in sea level. Experts have suggested that 2C of warming is the "tipping point" at which that change becomes unstoppable.

    • Suicides of nearly 60,000 Indian farmers linked to climate change, study claims
      Climate change may have contributed to the suicides of nearly 60,000 Indian farmers and farm workers over the past three decades, according to new research that examines the toll rising temperatures are already taking on vulnerable societies.

      Illustrating the extreme sensitivity of the Indian agricultural industry to spikes in temperature, the study from the University of California, Berkeley, found an increase of just 1C on an average day during the growing season was associated with 67 more suicides.

  • Finance

    • 500 Workers Staffing Facebook’s Cafeteria Just Voted to Unionize

      Five hundred workers just voted to unionize at Facebook’s cafeteria contractor, Flagship, which represents some 10 percent of the total food-service workforce in Silicon Valley. The victory builds on other recent union wins at Intel and Google for cafeteria and custodial staff—vibrant organizing campaigns, led by UNITE HERE and the Teamsters, that combined with grassroots community outreach to establish solid union contracts in the bottom tiers of the freewheeling tech sector. Activists are demanding fair hours and wages, as well as secure benefits, union rights, and other basic entitlements for the front-line workers of the world’s leading tech brands.

    • EU to allow freezes of bank deposit withdrawals?

      This leaves the average citizen powerless. Your money is no longer yours – but the governments to be used as a financial tool. (Or to be confiscated.)

    • Amid Brexit squabbling, PM May's spokesman says EU free movement to end in 2019
      The automatic right of European Union citizens to live and work in Britain will end in March 2019 with Brexit, Prime Minister Theresa May's spokesman said on Monday, after her ministers publicly differed over the shape of the divorce with the EU.

      Since May's failed gamble on a snap election last month, the future of Brexit has been thrown into question with squabbling between her ministers over the pace, tone and terms of Britain's departure from the club it joined in 1973.

      May, who on Monday interrupted a three-week holiday to attend a World War One commemoration ceremony, has faced public pressure to temper her plans for a clean break from the EU.

    • A mandate can be either democratic or irreversible, but it cannot be both – an argument
      (As a side note, no Brexiteer – rightly – seems to believe that the UK was bound for all time by the 1975 referendum result.)

    • Go fork yourself: Bitcoin has split in two – and yes, it's all forked up
      Bitcoin split into two separate currencies on Tuesday because part of the Bitcoin community isn't happy with recent and planned changes to the code that controls the cryptocurrency. last month warned of a potential split if consensus couldn't be reached on efforts to help Bitcoin scale better.

      Part of the effort, known as Bitcoin Improvement Proposal 91 (BIP91), was accepted last month, and a split was averted.

  • AstroTurf/Lobbying/Politics

    • “E-mail prankster” phishes White House officials; hilarity ensues
      Over the past few weeks, a self-described "e-mail prankster" has posed as members of President Donald Trump's administration in a series of e-mails to White House officials, publishing responses to Twitter for comedic effect. Among the targets were Trump's top homeland security advisor Tom Bossert—who volunteered his personal e-mail address to the prankster because Bossert believed he was interacting with Jared Kushner. In the e-mail, the faux Kushner invited Bossert for a "soirée" with food better than the two had eaten together on their Iraq visit.

    • Democracy is dying – and it’s startling how few people are worried

      There is a concerted and combined effort by the likes of Putin, ErdoÄŸan and Trump to hollow out democracy. To stop them, we must change how we view the world

    • Anthony Scaramucci out as communications director

    • Portuguese politics cripples EU agency bid
      The Portuguese government defended its decision to make a last-minute switch from Lisbon to Porto as its choice as the new host of the European Medicines Agency.

      For months, Lisbon was the country’s nominee to take the agency, which must leave London after Brexit. But an outcry from the authorities in Porto led Portugal to make an 11th-hour shift in its proposal: The government dropped Lisbon barely two weeks ahead of the July 31 application deadline and announced the northern city would be the country’s candidate instead.

      Until then, Portugal had pushed its capital city hard, with some success: Lisbon was the preferred choice of EMA staff forced to move out of London because of Brexit, ahead of rivals such as Copenhagen, Milan and Bucharest, according to local media reports. Colorful government pamphlets and brochures boasted that “Lisbon welcomes the EMA.”

    • Trump ousts Scaramucci as communications director
      President Donald Trump has removed Anthony Scaramucci as communications director, a little more than a week after the former financier was named to the post, the White House said on Monday.

      The change came at the request of new chief of staff John Kelly, who started Monday, two White House officials said. It was not clear whether Scaramucci would take on a new role after leaving the communications job, nor was it immediately apparent who would take over the position.

    • The Spectacular Self-Destruction of Anthony Scaramucci
      Anthony Scaramucci’s reign as White House communications director—a reign of terror and vulgarity, marked by two outlandish interviews and the departures of two top West Wing officials—has ended, just 10 days after it began.

      The New York Times broke the news Monday afternoon, just hours after Trump tweeted that there was “No W[hite] H[ouse] chaos!” It was not clear whether Scaramucci would take another post in the administration or exit altogether. His firing reportedly came at the behest of John Kelly, who was installed as chief of staff on Monday, three days after Scaramucci forced out Kelly’s predecessor.

    • Trump's Worst Week Yet
      There hasn’t been a single smooth week in the Trump presidency, but last week was, by popular consensus, the worst of them so far. Given the struggles of this president, that’s no small statement. What was remarkable was the breadth of Trump’s troubles. His top legislative priority was, once again, knocked flat. He had to replace Reince Priebus, making Priebus the shortest-tenured chief of staff to serve in the heart of a term. He publicly feuded with Republican senators, saw his new messaging guru call a colleague a “fucking paranoid schizophrenic,” and went to war with his attorney general.

    • RNC tells staff not to delete or alter any documents related to 2016 campaign

      The memo says employees should not “delete, destroy, modify, or remove from your paper files, laptop computer, desktop computer, tablet, mobile device, e-mail, or any storage system or device, any documents, records, or other materials that relate to the 2016 presidential election or that may relate to any investigation concerning the election.”

    • Watchdog group asks Congress to probe Rep. Wasserman Schultz over fired IT aide
      A conservative anti-corruption watchdog group is asking for an ethics investigation of Rep. Debbie Wasserman Schultz (D-Fla.) after former House IT aide Imran Awan was apprehended trying the flee the country. In a complaint that will be filed Monday, the Foundation for Accountability and Civic Trust (FACT) asks if Wasserman Schultz violated the House’s rules by continuing to pay Awan after he was cut off from the House computer system.

      “It appears that Representative Wasserman Schultz permitted an employee to remain on the House payroll in violation of House Ethics Rules,” FACT’s Matthew Whitaker writes in the letter to the Office of Congressional Ethics. “After Awan was barred from accessing the House computer system, Wasserman Schultz continued to pay Awan with taxpayer funds for IT consulting — a position that he could not reasonably be able to perform.”

  • Censorship/Free Speech

    • Senate's Latest Attack On Backpage Will Be Massively Counterproductive, Create Tremendous Harm

      It's no secret that there are a bunch of folks in the Senate who really, really, really dislike the fact that the site Backpage has been abused by some users for sex trafficking. They should be happy that through a lot of public pressure, Backpage has shut down its adult section.

      For reasons that are not entirely clear, many people seem to blame Section 230 of the CDA for the fact that sex traffickers have used This is... weird and doesn't make much sense. After all, Section 230 doesn't apply to federal crimes around sex trafficking. So, if the platform itself is violating the law, the DOJ has the power and every right to go after the platform. Furthermore, as we've noted time and time again, these platforms have actually been tremendously helpful in allowing law enforcement to track down those responsible for trafficking and to help victims of trafficking. Still, because of this misplaced focus on CDA 230, earlier today, a bunch of Senators released a counterproductive and dangerous bill that would blow a massive hole through CDA 230, and it's clearly written 100% to focus on Backpage. Nearly all of the quotes about the bill from the Senate co-sponsors mention Backpage.

    • Adult Chat Site's In-House DMCA Takedown Service Targets Tons Of Legit Sites, Including Its Own URLs [UPDATE]
      Portmanteau words are great. It's a highly-efficient way to forcibly join two (possibly unrelated) actions and create a brand new activity. Add to this a decently-fast internet connection and you have Chaturbate, a service that puts people together to do things to themselves separately.

      Granted, much of this could be done with other services, including the portmaneau'ed ChatRoulette, but targeted markets are more profitable than floating from chat to chat hoping to escape the "turbate" part of this internet concoction. Chatting is fun. So is masturbation. But not many people enjoy being masturbated at, especially when they're looking to just chat a little. Chaturbate, however, gives people what they want, in as many varieties as they want it.

    • Brazil's Johnny Hooker Was 'Stunned' by YouTube Censorship: Interview
      Brazilian singer Johnny Hooker recently released his sophomore album, Coração, which is being distributed digitally in the U.S. by CD Baby.

      Before that, he released the first single from the album, "Flutua," featuring Liniker, and faced some problems with YouTube and Facebook.

      When the single's audio was released on YouTube, Hooker received good reactions from the public. The single cover showed the two artists kissing. The morning after, he discovered it had been censored for anyone under 18.

    • Poll: 'Scary' Number of Republicans Support Court-Ordered Press Censorship
      As the Trump administration continues to make headlines for its attacks on the press and its attempts to prevent journalists from adequately covering White House press briefings, a recent YouGov/Economist poll (pdf) found that 45 percent of Republicans support giving courts the power to shut down "biased" media outlets—a result commentators argued should be "scary for anyone concerned about the future of American democracy."

    • War Propaganda, Media Censorship and the “Conspiracy Theory” Meme. Project Censored 2016
      In recent years, as documented on this site and on the Global Research News Hour radio program, we have seen an acceleration in the level of propaganda and its ability to shape common narratives around war.

      The Assad government is blamed for virtually all the blood being spilt in Syria in recent years, in spite of evidence to the contrary. Russia, not NATO, is being blamed for an imperialist agenda for Ukraine and Eastern Europe. And a McCarthyist narrative accusing President Putin of interference in the 2016 US Presidential elections has taken hold in spite of an almost complete lack of evidence upholding that narrative.

      More to the point, reporters risk being tagged ‘conspiracy theorists’ or ‘Russian agents’ if they dare to challenge these and other official narratives.

      Billions of dollars of investment, not to mention political careers are dependent on maintaining these narratives, so it is understandable that dissident perspectives will sooner or later come under attack if the body politic begins to be influenced by them.

    • Apple 'pulls 60 VPNs from China App Store'
      The creators of several Virtual Private Networks (VPNs) have criticised Apple's decision to remove their products from its App Store in China.

      The BBC understands that as many as 60 VPNs were pulled over the weekend.

      Apple said it was legally required to remove them because they did not comply with new regulations.

    • Apple Bows To Chinese Regulators, Removes Internet Censorship-Defying Apps

    • Russia follows China in tightening internet restrictions, raising fresh censorship concerns

    • Russian censorship law bans proxies, VPNs

    • VPNs are a vital defence against censorship - but they're under attack

    • Russia: VPN ban is a major blow to internet freedom

    • Russia: VPN ban is a major blow to internet freedom

      “With the Russian authorities increasingly intolerant of dissent, technologies that help internet users evade censorship and protect their privacy are crucial for freedom of expression online. Today the authorities have given themselves an instrument to ban the use of VPNs and other technologies that help people to freely access information online,” said Denis Krivosheev, Deputy Director for Europe and Central Asia at Amnesty International.

    • Russia Bans ‘Uncensored’ VPNs, Proxies and Tor

      A new bill, just signed into law by President Putin, requires proxies, VPNs, Tor and other anonymizing services to prohibit access to blocked domains. If these services fail to comply, they will be blocked themselves. Search engines also face sanctions for linking to banned sites.

    • Russia bans anonymous web surfing tools

      President Vladimir Putin has signed a law that prohibits forms of technology that grant access to banned websites in Russia, effective November 1st. The ban covers services that allow people to use the internet anonymously, such as virtual private networks and proxies, and internet providers will have to block websites that host these services.

    • Russia bans VPNs to stop users from looking at censored sites

      President Vladimir Putin has signed a bill that prohibits services, including virtual private networks (VPNs), that enable users to skirt government censorship efforts.

      The law will take effect on November 1.

    • Russia Has Banned VPNs
      We've noted for some time that Russia has been engaged in a slow but steady assault on privacy tools like VPNs. As with most countries that have an adversarial relationship with the truth, the entire effort has been couched as necessary to protect national security and cultural morality, though the real agenda is to help prop up the country's domestic surveillance efforts and Putin's ham-fisted internet filters. This push accelerated with a new surveillance bill last year that not only mandated new encryption backdoors, but also imposed harsh new data-retention requirements on ISPs and VPN providers.

    • Lawsuit challenges Gov. Bevin's social media censorship

      The American Civil Liberties Union of Kentucky filed a federal lawsuit Monday regarding Gov. Matt Bevin banning or blocking users from his official social media accounts.

      The suit seeks a declaration that Bevin's practices are a violation of individuals' First Amendment rights. The ACLU asked for an injunction to prevent the governor from permanently blocking users on Facebook and Twitter.

    • Court Rules Temporary Ban Of Facebook Commenter By Gov't Official Violates The First Amendment

      A federal judge has ruled public officials can't ban the public from interacting with official social media accounts, something that obviously has implications for the recently-filed suit by Twitter users blocked by the president's account.

      Brian Davison filed a pro se lawsuit against Phyllis Randall, the Chair of the Loudon County Board of Supervisors, after she banned him from her Facebook page and deleted his critical comments. The decision wasn't an easy one for the court, as Venkat Balasubramani points out. The court had to take into account several determining factors before arriving at its First Amendment violation conclusion.

    • App developers try to stay 1 step ahead of government censors in 'intelligence game'

    • Joining Apple, Amazon’s China Cloud Service Bows to Censors

    • China’s Censorship Powers Are Bigger And More Dangerous Than You Know

    • ACLU sues Maryland, Kentucky governors over social media censorship

    • ACLU Suing Gov. Hogan Over Alleged Facebook Censorship

    • ACLU suing Governor Larry Hogan over Facebook censorship

  • Privacy/Surveillance

    • Privacy advocates hit back after Amber Rudd claims “real people” don’t care about encryption

    • Another Federal Court Says No Warrants Needed To Obtain Historic Cell Site Location Info
      The Supreme Court has yet to examine the issue of historical cell site location info(CSLI). It finally picked a case from the Sixth Circuit to review, years after the warrantless gathering of historic CSLI became a thing. So far, there's not a single court in the nation that's found historic CSLI to have an expectation of privacy. The Fourth Circuit Appeals Court briefly did, before reversing its own decision. The original decision had problems with the amount of CSLI gathered: 221 days worth. Upon further review, the court sided with the government and its Third Party Doctrine arguments.

      This federal court decision from the Southern District of New York name-checks the pending SCOTUS review, but falls in line with every other decision in the federal court system. The defendant sought to suppress historic CSLI obtained without a warrant, arguing the collection of location data by cell companies is not the same thing as "voluntarily" turning these records over to a third party.


      As everything stands now, it's exactly that: cellphone users are generating tons of third party records that can be obtained without a warrant. This includes real-time and near-real time tracking of people's location through tower pings or cell site simulators. For the most part, courts have been extremely hesitant to erect warrant requirements for so-called Third Party records.

      This needs to change. Privacy expectations have changed. While most people are aware certain records must be generated to ensure cell service, very few agree the government should be able to track their movements without a warrant, especially over a long period of time. In this case, thirteen MONTHS of cell site location info was obtained by law enforcement, putting the 221 days in the Graham case to shame. When the courts ask themselves what is "reasonable" in terms of expectations of privacy, they need to spend more time considering how much has changed in the world of communications since 1979.

    • Google’s new scheme to connect online to offline shopping scrutinized
      A privacy advocacy group has filed a formal legal complaint with the US Federal Trade Commission, asking the agency to begin an investigation "into Google’s in-store tracking algorithm to determine whether it adequately protects the privacy of millions of American consumers."

      In the Monday filing, the Electronic Privacy Information Center (EPIC) said it is concerned with Google’s new Store Sales Management program, which debuted in May. The system allows the company to extend its online tracking capabilities into the physical world. The idea is to combine credit card and other financial data acquired from data brokers to create a singular profile as a way to illustrate to companies what goods and services are being searched for online, which result in actual in-person sales.

    • Australian Prosecutors Want To Make It Illegal To Refuse To Turn Over Passwords To Law Enforcement

      The question is still unsettled here in the United States: is refusing to turn over your password protected by the Fifth Amendment? The argument hasn't found many judicial supporters but at least there's a Constitutional basis for claiming the relinquishment of passwords is possibly self-incriminating. Over in Australia, the rights aren't so clearly defined. But the picture is getting clearer, thanks to legislators seeking to make it a criminal offense to withhold passwords.

    • Ex-NSA boss questions encrypted message access laws proposed by Malcolm Turnbull
      The Federal Government's bid to force tech companies to reveal terrorists' secret conversations could be unachievable, according to the former deputy director of the US National Security Agency (NSA).

      Chris Inglis had a 28-year career with the NSA and now advises private companies on how to detect Edward Snowden-style leakers within their ranks.

    • Ex-NSA chief Chris Inglis backs government's encryption push against Apple, Facebook
      The deputy director of the United States' National Security Agency (NSA) during the Edward Snowden leaks has backed the Australian government's push to force tech giants to assist in revealing the content of some encrypted messages, saying the likes of Facebook and Apple could do more to help track terrorists and criminals.

    • ShadowBrokers leak probe looking at NSA insiders: report [Ed: All of this is based on anonymous "source" from site known for its NSA puff pieces/propaganda. See below.]

    • Shadow Brokers investigation is focusing on former NSA insider
      Sources tell CyberScoop that former NSA employees have been contacted by investigators in the probe to discover how a bevy of elite computer hacking tools fell into the Shadow Brokers' possession.


      One set of files leaked by the group contained tools to hack into the Windows operating system. Those tools were eventually used in the devastating international ransomware attacks known as WannaCry and NotPetya.

    • 'Anonymous' browsing data can be easily exposed, German researchers reveal

      A judge’s porn preferences and the medication used by a German MP were among the personal data uncovered by two German researchers who acquired the “anonymous” browsing habits of more than three million German citizens.

    • It is easy to expose users' secret web habits, say researchers

      The pair obtained huge amounts of information about the browsing habits of three million German citizens from companies that gather "clickstreams".

      These are detailed records of everywhere that people go online.

      The researchers argue such data - which some firms scoop up and use to target ads - should be protected.

      The data is supposed to be anonymised, but analysis showed it could easily be tied to individuals.

    • Without privacy, a society cannot advance

      What advancements are we making impossible today, at the society level, by creating a mass surveillance society where all laws, rules, and expectations are increasingly expected to be followed, and where the celebration of misfits are emptier words than ever before? Where privacy is no longer guaranteed, but rather prevented, by those governments which are supposed to uphold it?

    • Transatlantic data flows under renewed threat following top EU court’s ruling

      Last week, Europe’s highest court issued what might seem a fairly obscure ruling on an agreement between the EU and Canada on the transfer of passenger data between the two regions. In fact, the implications of the judgment by the Court of Justice of the European Union (CJEU) are far reaching, and are likely to have a major impact on the flow of all personal data across the Atlantic.

    • FBI, tech company help cops hack iPhone in Miami reality TV star’s ‘sextortion’ case

      On Uncle Sam’s dime, an outside tech company helped state investigators finally hack into the iPhone of a Miami reality TV star accused of extorting a Miami socialite over stolen sex videos.

    • Governor angrily tweets about local TV station flying drone over his house
      Kentucky Governor Matt Bevin has publicly accused a local television executive of "personally" flying a drone over his stately private home in a Louisville suburb on Tuesday morning. Gov. Bevin made this accusation after seemingly accusing other local media of "flying directly over and around my home, filming my children." The entire incident appears to be related to a local property dispute.

    • Another Appeals Court Denies Suppression Of Evidence Obtained With An Invalid FBI Warrant
      A second appeals court has handed down a ruling on the constitutionality of the Network Investigative Technique (NIT) deployed by the FBI during its Playpen child porn investigation. The Tenth Circuit Appeals Court overturned the suppression of evidence granted by the lower court, ruling that the FBI's NIT warrant was invalid but that the agent's "good faith" reliance on the warrant prevented exclusion of the evidence.

      Multiple courts have found the NIT warrant invalid. The warrant was obtained in Virginia but the search the FBI's malware performed accessed computers all over the world. Prior to the recent Rule 41 changes, warrant execution was limited to the jurisdiction it was obtained in. The Appeals Court worked around the jurisdictional limit by reasoning the NIT was sent from Virginia and returned info gathered in the same jurisdiction. It just kind of glossed over the part where computers located all over the nation were briefly infected by the NIT to obtain the information needed to pursue suspects.

  • Civil Rights/Policing

    • Second body cam video of Baltimore cops manufacturing evidence discovered

      More get-out-of-jail-free cards are being issued by Baltimore prosecutors—and more are likely, after Monday's disclosure of a second police body cam video that defense attorneys say shows cops manufacturing evidence.

    • Asset Forfeiture: Killing Criminal Organizations With $16 Seizures
      Sounds impressive until you start digging into how that $2.7 million was amassed. It wasn't a few large seizures with definite ties to criminal activity. It was a bunch of petty, nickel-and-dime seizures where the amounts taken could easily have earned by the property's owners through completely legal means.

    • Norwegian anti-immigrant Facebook groups confuses empty bus seats with 'terrorists'
      A Facebook group for Norwegians opposed to immigration was widely mocked after members apparently could not tell the difference between empty bus seats and burka-clad women. A user posted a photo of empty bus seats to the Facebook group Fedrelandet viktigst (roughly translated as ‘Fatherland first’) with the question “what do people think about this?”

      What they thought is apparently that they were seeing a bus full of burka-clad women and proof of the ‘Islamification’ of Norway.

      Member after member sounded off on how “frightening”, “tragic” and “scary” the scene was. Others decried that such a thing could happen in Norway (it didn’t) and worried that the phantom passengers could have “weapons and bombs” under their garments (they didn't because, well, there were no passengers).

  • Internet Policy/Net Neutrality

    • Internet History Timeline: ARPANET to the World Wide Web

    • Canada Appoints Lobbyist To Top Telecom Regulator, Follows US Down The Regulatory Capture Rabbit Hole
      The last few years have seen a boon in consumer and small-business-friendly policies coming out of Canada's telecom regulator the CRTC. Under outgoing agency head Jean-Pierre Blais, the agency bumped the definition of broadband to 50 Mbps, required that phones must now be sold unlocked in Canada, shored up the country's net neutrality rules, and took aim at the anti-competitive use of usage caps and overage fees. Not everything Blais did was a success (like their attempt to force cable TV providers to offer cheaper plans, then failing to follow through) but by and large the CRTC has been an improvement over years past.

    • Sprint still seeks merger partner after being rejected by Charter
      Cable company Charter Communications said it has no interest in buying Sprint. After reports that Sprint owner SoftBank proposed a merger with Charter, the cable company said it will move forward in its plan to offer wireless service without buying the carrier.

    • FCC says its specific plan to stop DDoS attacks must remain secret
      The Federal Communications Commission has told members of Congress that it won't reveal exactly how it plans to prevent future attacks on the public comment system.

      FCC Chairman Ajit Pai and Democratic lawmakers have been exchanging letters about a May 8 incident in which the public comments website was disrupted while many people were trying to file comments on Pai's plan to dismantle net neutrality rules. The FCC says it was hit by DDoS attacks. The commission hasn't revealed much about what it's doing to prevent future attacks, but it said in a letter last month that it was researching "additional solutions" to protect the comment system.

    • UK WiFi Company Uses Overlong TOS To Trick Hotspot Users Into Cleaning Toilets, Hugging Stray Cats[Ed: There is no "free" in this market. If they tell you it's free, you are the product/community (e.g. spying).]
      So we've talked for years about how overlong terms of service contracts that nobody reads are used to eliminate your rights in numerous ways. That includes stripping away your legal rights and forcing you to engage in binding arbitration, which results in the company-employed arbitrator ruling in their employer's favor a vast majority of the time. In fact Tim Berners-Lee, the creator of the World Wide Web, recently cited these overlong and misleading contracts as one of the biggest threats to the health and utility of his invention.

      Every so often we'll see a company conduct an experiment to demonstrate the stupidity of long-normalized behavior, like the company in 2010 that got users to sign off on selling their soul. Taking a cue out of that playbook, UK WiFi hotspot operator Purple recently did something similar, burying a provision in their terms of service requiring that customers engage in 1,000 hours of menial labor if they wanted to access the internet.

    • Republicans try to take cheap phones and broadband away from poor people
      Nineteen Republican lawmakers are trying to eliminate subsidies that help poor people purchase cell phone service and broadband.

      The legislation filed on Friday targets Lifeline, which is a Universal Service Fund program paid for by surcharges on phone bills. If the bill passes, low-income Americans would no longer be able to use $9.25 monthly subsidies toward cellular phone service or mobile broadband. The subsidies would still be available for landline phone service.

  • Intellectual Monopolies

    • Trademarks

      • MLB Comes To Its Senses And Declines To Oppose Overwatch League Trademark
        We recently discussed how Major League Baseball had asked for an extension with the USPTO so its legal staff could decide whether it wanted to oppose a trademark application for eSport organization Overwatch League's new logo. The request was more than a little head-scratching for a variety of reasons. As we pointed out in that post, the two logos aren't particularly similar and certainty don't appear to give ground to any confusion among the public about any affiliation between the leagues.

      • Supreme Court Ruling Allows Patent And Trademark Requests For Racial Slurs, Swastika [Ed: Misleading, dramatic, sensationalist headline]
        A group of companies and individuals are attempting to register racial slurs and offensive symbols, including the N-word and the Nazi swastika, in response to a June U.S. Supreme Court decision on trademarks.

        Applicants filed nine trademark requests with the U.S. Patent and Trademark Office (PTO) since the June 19 decision to negate a federal law barring discriminatory trademarks. The court ruled that the law violated free speech rights in the Constitution.

    • Copyrights

      • Streisand Effect Helps Sci-Hub To Acquire Almost All Scholarly Literature, Dooms Traditional Academic Publishing

        Techdirt has been covering the story of Sci-Hub, which provides unrestricted access to a massive (unauthorized) database of academic papers, for a while now. As several posts have emphasized, the decision by the publishing giant Elsevier to pursue the site through the courts is a classic example of the Streisand Effect: it has simply served to spread the word about a hitherto obscure service. There's a new paper exploring this and other aspects of Sci-Hub, currently available as a PeerJ preprint.

      • State attorneys general team up to scare you from “content theft sites”
        Fifteen state attorneys general have teamed up with a pro-Hollywood group to launch a campaign aimed at dissuading the public from visiting file sharing sites.

      • GCSB 'had no idea' spy gear was still targeting Kim Dotcom
        THE GCSB lost control of its surveillance technology and wasn't aware its systems continued spying on Kim Dotcom, according to new documents from the spy bureau.

        It claimed that it turned off all surveillance systems targeting Dotcom and others but found out more than a year later that surveillance continued without its knowledge.

        The details in the documents have led Dotcom to state that there is now evidence the United States' National Security Agency was carrying out surveillance on him.

      • NSA unlawfully surveiled Kim Dotcom in New Zealand: report
        The National Security Agency (NSA) illegally used technology to spy on Megaupload founder Kim Dotcom, according to new documents from New Zealand's Government Communications Security Bureau (GCSB).

        The New Zealand Herald first reported that the GCSB told the nation's high court that it ceased all surveillance of Dotcom in early 2012, but that "limited" amounts of communications from Dotcom were later intercepted by its technology without the bureau's knowledge.

      • Report: NSA Illegally Surveilled Kim Dotcom in New Zealand

      • GCSB spy technology 'went rogue' & kept surveilling Kim Dotcom – court documents
        New Zealand’s surveillance agency says it had no idea it was still spying on Kim Dotcom for months after officially ending its operation, according to new court documents.

        The internet entrepreneur says the claim is evidence of NSA involvement in illegal spying against him and his family.

      • LinkedIn: It’s illegal to scrape our website without permission
        A small company called hiQ is locked in a high-stakes battle over Web scraping with LinkedIn. It's a fight that could determine whether an anti-hacking law can be used to curtail the use of scraping tools across the Web.

        HiQ scrapes data about thousands of employees from public LinkedIn profiles, then packages the data for sale to employers worried about their employees quitting. LinkedIn, which was acquired by Microsoft last year, sent hiQ a cease-and-desist letter warning that this scraping violated the Computer Fraud and Abuse Act, the controversial 1986 law that makes computer hacking a crime. HiQ sued, asking courts to rule that its activities did not, in fact, violate the CFAA.

        James Grimmelmann, a professor at Cornell Law School, told Ars that the stakes here go well beyond the fate of one little-known company.

        "Lots of businesses are built on connecting data from a lot of sources," Grimmelmann said. He argued that scraping is a key way that companies bootstrap themselves into "having the scale to do something interesting with that data." If scraping without consent becomes illegal, startups like hiQ will have a harder time getting off the ground.

      • BitTorrent Users Form The World’s Largest Criminal Enterprise, Lawyer Says

        When someone uses a BitTorrent client to download content, it might seem like a small and insignificant act. However, according to a law firm trying to extract payment from five alleged infringers, every single one is engaged in the largest criminal enterprise ever witnessed on planet earth, one that threatens to tear down intellectual property itself.

Recent Techrights' Posts

Girlfriends, Sex, Prostitution & Debian at DebConf22, Prizren, Kosovo
Reprinted with permission from
Martina Ferrari & Debian, DebConf room list: who sleeps with who?
Reprinted with permission from Daniel Pocock
Europe Won't be Safe From Russia Until the Last Windows PC is Turned Off (or Switched to BSDs and GNU/Linux)
Lives are at stake
[Video] IBM's Poor Results Reinforce the Idea of Mass Layoffs on the Way (Just Like at Microsoft)
it seems likely Red Hat layoffs are in the making
Ulrike Uhlig & Debian, the $200,000 woman who quit
Reprinted with permission from
IRC Proceedings: Wednesday, April 24, 2024
IRC logs for Wednesday, April 24, 2024
Over at Tux Machines...
GNU/Linux news for the past day
Links 24/04/2024: Layoffs and Shutdowns at Microsoft, Apple Sales in China Have Collapsed
Links for the day
Sexism processing travel reimbursement
Reprinted with permission from
Microsoft is Shutting Down Offices and Studios (Microsoft Layoffs Every Month This Year, Media Barely Mentions These)
Microsoft shutting down more offices (there have been layoffs every month this year)
Balkan women & Debian sexism, WeBoob leaks
Reprinted with permission from
Links 24/04/2024: Advances in TikTok Ban, Microsoft Lacks Security Incentives (It Profits From Breaches)
Links for the day
Gemini Links 24/04/2024: People Returning to Gemlogs, Stateless Workstations
Links for the day
Meike Reichle & Debian Dating
Reprinted with permission from
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, April 23, 2024
IRC logs for Tuesday, April 23, 2024
[Meme] EPO: Breaking the Law as a Business Model
Total disregard for the EPO to sell more monopolies in Europe (to companies that are seldom European and in need of monopoly)
The EPO's Central Staff Committee (CSC) on New Ways of Working (NWoW) and “Bringing Teams Together” (BTT)
The latest publication from the Central Staff Committee (CSC)
Volunteers wanted: Unknown Suspects team
Reprinted with permission from Daniel Pocock
Debian trademark: where does the value come from?
Reprinted with permission from Daniel Pocock
Detecting suspicious transactions in the Wikimedia grants process
Reprinted with permission from Daniel Pocock
Links 23/04/2024: US Doubles Down on Patent Obviousness, North Korea Practices Nuclear Conflict
Links for the day
Stardust Nightclub Tragedy, Unlawful killing, Censorship & Debian Scapegoating
Reprinted with permission from Daniel Pocock
Gunnar Wolf & Debian Modern Slavery punishments
Reprinted with permission from Daniel Pocock
On DebConf and Debian 'Bedroom Nepotism' (Connected to Canonical, Red Hat, and Google)
Why the public must know suppressed facts (which women themselves are voicing concerns about; some men muzzle them to save face)
Several Years After Vista 11 Came Out Few People in Africa Use It, Its Relative Share Declines (People Delete It and Move to BSD/GNU/Linux?)
These trends are worth discussing
Canonical, Ubuntu & Debian DebConf19 Diversity Girls email
Reprinted with permission from
Links 23/04/2024: Escalations Around Poland, Microsoft Shares Dumped
Links for the day
Gemini Links 23/04/2024: Offline PSP Media Player and OpenBSD on ThinkPad
Links for the day
Amaya Rodrigo Sastre, Holger Levsen & Debian DebConf6 fight
Reprinted with permission from
DebConf8: who slept with who? Rooming list leaked
Reprinted with permission from
Bruce Perens & Debian: swiping the Open Source trademark
Reprinted with permission from
Ean Schuessler & Debian SPI OSI trademark disputes
Reprinted with permission from
Windows in Sudan: From 99.15% to 2.12%
With conflict in Sudan, plus the occasional escalation/s, buying a laptop with Vista 11 isn't a high priority
Anatomy of a Cancel Mob Campaign
how they go about
[Meme] The 'Cancel Culture' and Its 'Hit List'
organisers are being contacted by the 'cancel mob'
Richard Stallman's Next Public Talk is on Friday, 17:30 in Córdoba (Spain), FSF Cannot Mention It
Any attempt to marginalise founders isn't unprecedented as a strategy
IRC Proceedings: Monday, April 22, 2024
IRC logs for Monday, April 22, 2024
Over at Tux Machines...
GNU/Linux news for the past day
Don't trust me. Trust the voters.
Reprinted with permission from Daniel Pocock
Chris Lamb & Debian demanded Ubuntu censor my blog
Reprinted with permission from
Ean Schuessler, Branden Robinson & Debian SPI accounting crisis
Reprinted with permission from
William Lee Irwin III, Michael Schultheiss & Debian, Oracle, Russian kernel scandal
Reprinted with permission from