Bonum Certa Men Certa

Links 2/4/2018: Linux 4.16, Latte Dock 0.7.79, MAAS 2.4.0 Beta, OpenBSD 6.3





GNOME bluefish

Contents





GNU/Linux





  • Kernel Space



    • Linux 4.16
      So the take from final week of the 4.16 release looks a lot like rc7, in that about half of it is networking. If it wasn't for that, it would all be very small and calm.

      We had a number of fixes and cleanups elsewhere, but none of it made me go "uhhuh, better let this soak for another week". And davem didn't think the networking was a reason to delay the release, so I'm not.

      End result: 4.16 is out, and the merge window for 4.17 is open and I'll start doing pull requests tomorrow.

      Outside of networking, most of the last week was various arch fixlets (powerpc, arm, x86, arm64), some driver fixes (mainly scsi and rdma) and misc other noise (documentation, vm, perf).

      The appended shortlog gives an overview of the details (again, this is only the small stuff in the last week, if you want the full 4.16 changelog you'd better get the git tree and filter by your area of interest).


    • Linux 4.16 Kernel Officially Released With Many Driver Improvements, Performance Tuning
      Linus Torvalds has gone ahead and released Linux 4.16 as an Easter and April Fool's Day kernel update.

      Linux 4.16 has many exciting additions and you can get a complete look at the new features for this big kernel upgrade via our Linux 4.16 feature overview.


    • The 4.16 kernel is out


    • Red Hat Developer Posts Patches As A Baby Step To Converting Linux Kernel To C++
      Either as an elaborate April Fool's Day prank or the start of something more, longtime kernel developer David Howells of Red Hat has posted 45 patches that begin the work on porting the Linux kernel to build under a C++ compiler rather than C.

      David Howells posted the set of 45 patches to "convert the kernel to C++", with these patches fixing real coding issues and targeting the GCC 8.0 C++ compiler. At this stage though the C++ compiler gets as far as compiling init/main.c to a file... Obviously just the tip of the iceberg. These 45 patches have various fixes for the code to clean up arguments, ensuring the code would be happy under a C++ compiler, etc and amount to around one thousand lines of code shifted.


    • Linus Torvalds Releases Linux Kernel 4.16
      I guess Linus Torvalds doesn’t like to make tons of jokes. That’s why after shipping seven release candidates for Linux kernel 4.16, he decided to released the final kernel on April Fools’ Day. He might have shipped RC8 just for the heck of it, with no changes, but that’s not his style.

      At the time of RC7 release, he called it a bigger release than usual. About half of the code update was networking. The final release looks a lot like RC7. There are many usual driver updates as well. “If it wasn’t for networking, it would all be very small and calm,” Torvalds said in his announcement.


    • Linux Kernel 4.16 Now Available for Linux Lite Users, Here's How to Install It
      The Linux 4.16 kernel is officially here, so we believe that Linux OS vendors would want to offer the new and improved version to their users. Linux Lite developer Jerry Bezencon is again the first to provide the most recent kernel version to his users.

      Linux kernel 4.16 comes with several new features, numerous updated drivers, and various other performance improvements, so if you're using the Ubuntu-based Linux Lite operating system on your personal computer, and you need a newer kernel, you can now install it on Linux Lite series 2.x (Beryl) or series 3.x (Citrine) 64-bit or 32-bit operating systems.
    • Linux 4.17 Sees Port To Andes NDS32 CPU Architecture
      While Linux 4.17 is set to drop support for some older/unmaintained CPU architectures, it looks like it will land at least one new port for Linux 4.17 for the Andes NDS32 CPU architecture.

      Andes Technology AndesCore 32-bit NDS32 is a RISC-like architecture, intended for high power efficiency, and some of their AndesCore processors feature clock rates above 1GHz. AndesCore processors appear primarily intended for IoT, wearables, medical devices, and other low-power/small-frootprint scenarios.


    • Linux Kernel Memory Consistency Model Going Into The 4.17 Kernel
      A new "subsystem" going into the Linux 4.17 kernel is LKMM, the Linux Kernel Memory Consistency Model.

      The Linux Kernel Memory Consistency Model is a set of tools to describe the Linux memory coherency model and in effect litmus tests for the kernel code. The Linux Kernel Memory Consistency Model has come about to overcome shortcomings of the memory barriers documentation.


    • Linux Set To Shed Nearly 500k Lines Of Code By Dropping Old CPUs
      As expected, the Linux 4.17 kernel will move ahead with dropping support for older/unmaintained CPU architectures.

      The architectures on the chopping block for Linux 4.17 are Blackfin, CRIS, FRV, M32R, Metag, MN10300, Score, and Tile. Besides the CPU architecture code, the device drivers exclusive to those ports are also being removed. These ports are being removed because they are obsolete and with no active users of this latest kernel code.


    • GNU Linux-libre 4.16-gnu: -ESTRBNYX
      GNU Linux-libre 4.16-gnu sources and tarballs are now available at http://www.fsfla.org/selibre/linux-libre/download/releases/4.16-gnu/. It didn't require any deblobbing changes since -rc6-gnu. Binaries are expected to show up over the next few days; Jason Self's Freesh build should be done very shortly, probably even before you read this. Thanks, jxself!

      The major piece of news in this release is that the request_firmware machinery was slightly reworked, so that (i) the reject_firmware variants return the expected -ENOENT, instead of -EINVAL; and (ii) reject_firmware_nowait now calls the named callback. With this, drivers that could proceed without firmware, but that failed because of -EINVAL, or because they did so in the nowait callback, should now work more seamlessly. Some radeon-controlled video cards for which we hadn't put in work-arounds might start working now (no promises, but if you find out such a card starts working again, that's why). Another example that is likely to start working due to this change is rtl8821ae cards: I got a report that at least some such cards would work even when the firmware loading failed, and these used _nowait. That's what prompted me to make this chnage. Thanks to temy on FreeNode for the report.

      Another significant change in this release is that it was pointed out that there were error messages in Linux suggesting users to update x86 CPU microcode. Since such microcode is non-Free Software, such messages don't belong in GNU Linux-libre. We now have patterns to detect and clean up this sort of message. A number of them were introduced recently, relying on microcode changes to mitigate Spectre and Meltdown problems, but there might be others that go farther back. I haven't yet made my mind on whether to go back, check and possibly respin such earlier releases.

      Aside from the usual assortment of false positives and updated blob names, there's one new driver requesting proprietary firmware (mt76x2e) that had the requests deactivated. The lirc_zilog driver was removed, so its deblobbing directives were taken out, and some leftover Kconfig directives, that used to enable keyspan non-Free firmware before 4.15, were removed in 4.16, so the deblobbing directives that disabled them could be dropped from 4.16-gnu too.

      Finally, to celebrate Easter on this date, I couldn't help mentioning in this release announcement the Easter Eggs I put in. Let me know if you enjoy the surprises.

      Earlier today, I joked that this would be the first time we'd release a -libre tarball before Mr Torvalds' upstream release. His git repo is tagged and the tarball is available from the server, but as I finish writing this, the front page *still* says their mainline is 4.16-rc7, so I thank them all for their involuntary cooperation ;-)

      For up-to-the-minute news, join us on #linux-libre of irc.gnu.org (Freenode), or follow me (@lxoliva) on Twister http://twister.net.co/, Secure Scuttlebutt, GNU social at social.libreplanet.org, Diaspora* at pod.libreplanetbr.org or pump.io at identi.ca. Check my web page (link in the signature) for direct links.

      Be Free! with GNU Linux-libre.
    • GNU Linux-Libre 4.16 Kernel Officially Released for Those Who Seek 100% Freedom
      If you're looking a 100% free kernel for your GNU/Linux operating system, you can now download the latest GNU Linux-Libre 4.16 kernel, which is based on the recently released Linux 4.16 kernel, but without any proprietary blobs.

      The GNU Linux-Libre 4.16 kernel is here for all those who seek 100% freedom for their personal computer and don't want to use any proprietary drivers. It brings all the goodies from the Linux 4.16 kernel, which was released over the weekend by Linus Torvalds himself, though it brings the usual deblobbing changes, as well as a slightly revamped request_firmware mechanism.
    • GNU Linux-Libre 4.16 Released, Won't Warn You About Spectre/Meltdown Microcode Updates
      The folks maintaining the GNU Linux-Libre downstream of the Linux kernel have released their kernel 4.16 release that pulls in yesterday's Linux 4.16 kernel but strips out parts that aren't entirely free software and eliminates support for loading binary-only modules, etc.

      One of their new changes on top of this deblobbed kernel is dropping error messages that suggest users update their CPU micrcode. These messages came in the wake of the Spectre and Meltdown CPU vulnerabilities and needing the microcode updates for fending off the branch target injection attacks effectively. But GNU Linux-Libre 4.16 is dropping these warning/error messages since they encourage the user to update the microcode, which is non-free software to their standards. So it sounds like they are more for allowing users to unknowingly run a potentially vulnerable system to Spectre rather than having to use binary-only CPU microcode.


    • Eight Collabora Developers Have Contributed 33 Patches to the Linux 4.16 Kernel
      With the release of the Linux 4.16 kernel series out the door, it's time to take a look at the contributions made by Collabora's developers during this development cycle.

      Linux kernel 4.16 was released over the weekend none other than Linus Torvalds, and it's the most advanced kernel branch for Linux-based operating systems. It comes with numerous updated drivers for an extra layer of performance improvements, but also to support newer hardware, as well as various other goodies.


    • Linux Kernel 4.16
      This time round Collabora contributed 33 patches to the 4.16 release of the Linux Kernel, that is a bit lower than usual, probably because our developers decided to enjoy some time off for the end of year holidays instead sending patches upstream :). Our contributions were made by 8 different developers. At the same time we added our Reviewed-by tag to 34 patches and Signed-off-by tag to 74 patches. Last, but not least we stamped 4 patches with a Tested-by tag.

      Sebastian Reichel led the way by adding/improving display support on Nokia N950, N9 and Motorola Droid 4 devices, adding support for internal switch of GE's Bx50v3 devices and reviewed a lot of OMAP related changes, not to count his work as power-supply maintainer.

      Enric Balletbò i Serra add usb3 and extcon support for Rockchip RK3399 devices, including the Samsung Chromebook Plus device. He also fixed a suspend issue on the same platform. Gabriel Krisman Bertazi fixed i915 to reject modifiers for pipe C on Geminilake.



    • The New ACPI TAD Driver & CPUFreq Improvements Ready For Linux 4.17 Kernel
      Rafael Wysocki of Intel has already submitted the power management and ACPI updates for the newly-opened Linux 4.17 kernel merge window.

      Arguably most interesting about the PM/ACPI changes this cycle is the new ACPI Time and Alarm driver for Linux. For systems supporting this ACPI specification, users can manage wake-up timers of the Time and Alarm Device with setting new timers for system wake-up and modifying existing timers, all via sysfs. TAD information spans reboots and power states and is much more featureful than the basic real-time clock wake-up function you might find within your BIOS.


    • Linux Foundation



      • Linux Foundation Adds More Blockchain Companies to Its Ranks
        The Linux Foundation, a nonprofit enabling mass innovation through open source software, has officially announced the addition of 35 silver members and three associate members. That list includes the likes of Bank of America as well as blockchain based services providers MATRIX and Xage Security.




    • Graphics Stack



      • NVIDIA Vulkan Ray-Tracing Extensions Coming Soon, OptiX API Unveiled
        Back during GDC when everyone was talking about ray-tracing and Microsoft's DirectX Ray-Tracing API for DX12, but NVIDIA has now confirmed they will be soon releasing ray-tracing extensions for Vulkan. Additionally, the company has now thoroughly gone over their new OptiX API for CUDA-based ray-tracing.


      • Canonical's Snappy Now Supports Latest Nvidia Drivers on Ubuntu 18.04 LTS
        Canonical published a new maintenance release of Snapd, the main component of its Snappy technologies that enable Linux-based operating systems to support universal Snap apps, over the weekend, bringing support for latest proprietary Nvidia drivers.

        Snapd 2.32.2 is now available to download and should be coming soon to the stable software repositories of your favorite, Snappy-enabled GNU/Linux distribution. What's exciting about this release is that it enables Snappy the use Nvidia's most recent proprietary graphics drivers in Snap apps on Ubuntu 18.04 LTS (Bionic Beaver) and similar operating systems.


      • AMD Radeon Vega20 references spotted in Linux driver
        Vega20 was originally thought to move the architecture from 14nm to 12nm but it could well jump straight to 7nm. Supporting this idea, a next-gen Vega accelerator, as AMD officially stated at CES 2018, is being built specifically for machine learning applications on the 7nm node.


      • AMD Vega 20 Listed In Linux Patch, Hints Of RX 600 Series Graphics Cards
        AMD Vega 20 is something that we have been looking out for since AMD announced that the company will continue the AMD Vega series cards in 2018. We have also heard that in order to provide better performance, these cards will be based on the 7nm node instead. While a smaller node means more power and better efficiency, keeping in mind how well AMD Vega performs, it is hard to see how much of an improvement is possible.


      • AMD Vega 20 Spotted in Linux Patch, Hints Arrival of Radeon RX 600 Series Graphics Cards
        AMD Vega 20 GPU has been spotted in Linux driver code. It is expected that Vega 20 will be a die shrink of the original Vega GPU. According to the previously leaked roadmaps, AMD Vega 20 will appear in the Q3 or Q4 of this year.


      • Radeon Vega20 Gets Spotted in Linux AMDGPU driver
        Interesting, some Vega20 Linux patches have been listed, and have been posted by somebody froMA MD, likely a driver developer. We mentioned Vega20 a few times in the past already, and that would be a die shrunk Vega, much like what Ryzen 2000 will be towards the original Ryzen procs.






  • Applications



  • Desktop Environments/WMs



    • Safespaces: An Open Source VR Desktop
      In this post, I will go through the current stages of work on a 3D and (optionally) VR desktop for the Arcan display server. It is tentatively called safespaces (Github link) as an ironic remark on the ‘anything but safe’ state of what is waiting inside. F


    • “Safespaces” Is The First Open Source VR Desktop Environment For Linux
      When it comes to VR, we are mostly familiar with Google Daydream and other popularized names. But VR has made its way into the Linux as well. Although, people’s experience of things like SteamVR hasn’t been that great.

      But how about getting your hands on a Linux desktop environment in virtual reality? The minds who developed the Arcan display server are now up to something new: Safespaces.


    • K Desktop Environment/KDE SC/Qt



      • Latte Dock v0.7.79 - a step before the last turn...
        Hello everyone Latte Dock v0.7.79 may be the last version before a beta release scheduled for the next month. This is a call for testers and enthusiasts to play with that version and try to find bugs or inconveniences that can be improved. Latte v0.8 is going to be a huge release (scheduled for June 2018) and one of its main goals is to make the user feel with it very natural and comfortable.


      • Latte Dock 0.7.79 Released With Wayland Improvements, New Features
        For fans of Latte Dock, the KDE Plasma aligned desktop "dock", is out with a big development release ahead of the Latte Dock 0.8 release that will be coming up soon.


      • [Krita] Interview with Christopher


        A friend of mine back East who is really into Open Source does digital painting from time to time. He knew I was dissatisfied with Painter X and CS so he recommended Krita. Painter wasn’t particularly intuitive and CS, while OK, I wanted something different. Just because something is popular doesn’t mean it’s the right fit for everyone. So then I asked him where I could get Krita. He said to me “Open Source. Just download it. From their site”. I was like “it couldn’t be that simple”. But it was. I installed it and I was hooked.


      • CMake 3.11 (P)reparations
        CMake 3.11 is here — it went through four rc’s — which means that preparatory work is underway in KDE FreeBSD land (and has been since -rc1). KDE, as the main early consumer of CMake, is the package maintainer on FreeBSD. That means that it falls to us to signal things that break due to CMake updates, and often to fix them as well. Generally the KDE ports (even the KDE4-era onces) are not a problem; modern-ish CMake was basically develop-tested in KDE. Sometimes updates in C++ bite us — recent FreeBSD releases keep updating Clang, which keeps getting more picky about C++ code (and may default to newer C++ standards than expected). But generally, KDE stuff is ok.

        To test a CMake update, I build about 2000 packages on my own desktop workstation. It takes about 20 hours with all the supporting libraries and other bits — rebuilding Qt Webengine, three WebKits, five llvm’s and gcc6 kinda takes its time. Then there’s maybe two dozen packages that don’t build, and it comes down to figuring out whether they don’t build because of a change in CMake, or a change in something else, or simply because they’re already broken. But it means I end up diving into all kinds of codebases, for instance:




    • GNOME Desktop/GTK



      • Zeeshan Ali: Joining Collabora
        While I do not yet know which specific projects I will be involved in at Collabora, I'm most likely going to be working on/with GStreamer again and I'm especially excited about that. Also exciting for me is the fact that people at Collabora share my appreciation for the Rust programming language.






  • Distributions



    • PCLinuxOS/Mageia/Mandriva Family



      • Mageia Blog (English) : Weekly Roundup 2018 – Weeks 12 & 13
        Apologies for the wait between roundups – life has a way of taking over, sometimes; anyway, here’s the latest.

        Since the last Roundup there have been quite a few updates coming through. You’ll see there are still a few security updates still coming in for Mga5, and that some kernel and microcode updates have also come through for Mageia 6.

        QA tests of the upgrade from KDE4 to Plasma are getting better and better, but there are still some bugs remaining. Martin’s qarepo package has been updated to v1.3 only a couple of days ago, making testers’ lives a little easier; hopefully this will help with huge meta-packages like Plasma. Once Plasma is sorted, and any fallout bugs are fixed, the path to both Mageia 5 to Mageia 6, and Mageia 6.1 will be a lot clearer.




    • Red Hat Family



    • Debian Family



      • APT for DPL Candidates
        Today is a special day for apt: 20 years ago after much discussion in the team as well as in the Debian project at large "APT" was born.

        What happened in all these years? A lot! But if there is one common theme then it is that many useful APT features, tricks and changes are not as known to the general public or even most Debian Developers as they should be.


      • Debian GNU/Linux port for RISC-V 64-bit (riscv64) in Debian infrastructure (debian-ports)
        tl;dr: We have a new port for RISC-V, flavour riscv64 (64-bits little-endian) in Debian Ports.


      • DebConf20 in a cruise
        The last editions of DebConf, the annual Debian conference, have been in unalike places like Heidelberg (Germany), Cape Town (South Africa) and Montreal (Canada). Next summer DebConf18 will happen in Hsinchu (Taiwan) and the location for DebConf19 is already decided: Curitiba (Brazil). During all these years an idea has been floating in the air (aka the Debian IRC channels) about organising a DebConf in a cruise. Today, the Debian Project is happy to announce that a group of Debian contributors have teamed-up to propose an actual bid for DebConf20 in a cruise.


      • Derivatives



        • Canonical/Ubuntu



          • MAAS 2.4.0 beta 1 released!
            I’m happy to announce that MAAS 2.4.0 beta 1 and python-libmaas 0.6.0 have now been released and are available for Ubuntu Bionic.


          • Flavours and Variants



            • Linux Mint Monthly News – March 2018
              We’d like to send a huge thank you to all the people who donate to us. Many thanks also to all of you for your feedback, ideas, and contributions to our project.


            • Review: Gatter Linux 0.8
              Gatter Linux is an Ubuntu-based distribution which features the Openbox window manager as the default user interface. The project claims to be developing a desktop operating system which is user friendly: "For people who want switch from Windows to [the] Linux world and for people who want [a] lightweight operation system and also fully functional." I could find very little other information on the distribution on its website.

              The latest release of Gatter Linux is version 0.8 and it is based on Ubuntu 16.04 LTS. The distribution is available in one edition for 64-bit x86 computers. The ISO the project provides is approximately 830MB in size. Booting from this disc brings up a menu asking if we would like to boot into a live desktop environment, boot a live desktop displayed in safe graphics mode, or launch the project's system installer. Taking the live desktop option brings us to a graphical login screen where we can sign into the default account if we have the right password. I did not find any reference to a password on the project's website, but quickly got signed in by guessing the password "gatter".

              The live disc features the Openbox window manager. Openbox has been set up with a fairly sparse layout. There is a panel placed at the top of the screen which shows four unlabeled buttons and a system tray. I soon found the four blank buttons are actually a virtual desktop switcher that lets us switch between workspaces. The theme is dark and minimal.

              When we sign in a welcome window appears. This welcome screen features launchers which can open configuration tools. One button launches an application which will switch our keyboard's layout, another button opens a third-party driver manager, a third tool helps us set our time zone. One button marked Gatter Settings opens up a panel with options for changing the appearance of the Openbox environment. Another button is labelled Gatter Software. This button opens a terminal window and displays a menu of possible package-related actions such as updating the system, cleaning the package cache or performing a "dist upgrade".


            • Linux Mint 19 "Tara" Cinnamon to Let Users Raise the Volume over the 100% Limit
              Linux Mint project leader Clement Lefebvre published March 2018's newsletter to let the community know about some of the exciting features coming to the Linux Mint operating system this summer.

              As you're probably aware, the Linux Mint 19 "Tara" release is currently in development, and it's coming in June based on Canonical's upcoming Ubuntu 18.04 LTS (Bionic Beaver) operating system with the latest Cinnamon and MATE desktop environments, as well as up-to-date applications and GNU/Linux technologies.

              One of the new features included in the Cinnamon edition of Linux Mint 19 "Tara" is the ability to configure the maximum volume. In other words, you'll be able to raise the volume over the 100 percent limit. This is possible thanks to a new setting in Cinnamon's Sound panel, allowing volume amplification to up to 150 percent.













  • Devices/Embedded





Free Software/Open Source



  • Leadership Is The Secret To An Open Source Business Model
    The freedom to do so is the fundamental tenet of permissively licensed open source software, and while it sounds self-defeating to be this generous, we've proven that leadership, not licensing, is the true secret to a successful open source business...


  • Kaspersky Lab Researchers Put Their Advanced Threat Hunting Tool, Klara, Into Open Source Domain
    Kaspersky Lab’s security researchers have placed KLara, a tool created internally to accelerate the search for related malware samples, into the open source domain for everyone to use. KLara is a distributed, rule-based malware scanner able to run multiple rules through multiple databases at the same time, allowing researchers to hunt advanced threats more effectively.


  • Web Browsers



    • Chrome



    • Mozilla



      • Extensions in Firefox 60
        Many people read this blog because they’ve written extensions for Firefox in the past. Others, though, know some HTML, CSS, and JavaScript and have been thinking about writing their first extension. Either way, now is the perfect time to jump into the WebExtensions ecosystem.

        That’s because we’re having a contest! Develop an extension for Firefox and enter it into the Firefox Quantum Extensions Challenge by April 15, 2018. Your extension could win you a brand-new Apple iPad Pro or a $250 gift card to Amazon.


      • Announcing $280,000 for Creative Gigabit Projects Across the U.S.
        Today, Mozilla is awarding $280,000 to community technologists who are leveraging gigabit internet for good.

        We’re providing grants to 14 projects in five American cities: Lafayette, LA; Eugene, OR; Chattanooga, TN; Austin, TX; and Kansas City. Grants range from $10,000 to $30,000.

        The projects are diverse: they include a virtual reality experience that shows first-hand the drastic effects of climate change; an interactive Python curriculum for students in low-income school districts; and a program that empowers high school students as environmental watchdogs with the help of advanced mapping software.


      • Foxkeh Dance 2.0
        Well, since Mozilla is currently celebrating its 20th anniversary, it felt right to release an update… Foxkeh Dance 2.0!






  • Pseudo-Open Source (Openwashing)



  • BSD



    • OpenBSD 6.3
      This is a partial list of new features and systems included in OpenBSD 6.3. For a comprehensive list, see the changelog leading to 6.3.


    • OpenBSD 6.3 Released With Spectre/Meltdown Mitigation, ARM64 SMP Support
      OpenBSD 6.3 hadn't been due until the middle of the month, but the official release of this popular BSD operating system is available today.

      OpenBSD 6.3 is the project's first release with mitigation for the Meltdown CPU vulnerability as well as Spectre. Kernel Page Table Isolation (KPTI) is used for mitigating Meltdown, similar to on Linux. For Spectre V2 they are flushing the branch target buffer on ARM processors. Intel CPUs also now have their microcode updates automatically applied by fw_update with OpenBSD 6.3.


    • Book Review: Ed Mastery
    • ed(1) mastery is a must for a real Unix person




  • FSF/FSFE/GNU/SFLC



    • OER figures with license meta-data in emacs-reveal
      As described last year, I created an infrastructure called emacs-reveal to produce HTML presentations as Open Educational Resources (OER) from Org Mode text files in GNU Emacs for my own teaching. If you believe in the values of free software, I’m sure that you will find the values of OER appealing as well (despite the choice of “open” as main characteristic), whose licenses are supposed to permit 5 Rs, namely Retain, Reuse, Revise, Remix, Redistribute.


    • sed-4.5 released
      This is to announce sed-4.5, a stable release.

      There have been 110 commits by 8 people in the 60 weeks since 4.4. Thanks especially to Assaf Gordon for so much fine work.

      See the NEWS below for a brief summary.




  • Openness/Sharing/Collaboration



    • Open Access/Content



      • The textbook market exploits students. We shouldn't accept that.


        A logical option to make higher education affordable and accessible is to transition to Open Educational Resources. OERs are free, peer-reviewed and available for any professor to adopt. They have an open copyright, meaning any professor can use them for free and personalize the textbook to best fit their needs, which is a luxury traditional textbooks do not offer due to copyright.

        Many people are wary of open source textbooks because they are free, but textbooks found on popular open libraries like Openstax, a non-profit based out of Rice University, and Open Textbooks Network, a network that University of Maryland Libraries recently joined, are all peer reviewed and offer exceptional pedagogical value. Many professors and courses, such as an introductory Human Anatomy course at this university, currently use open source materials. Yet not enough professors have adopted this technology to help all of us save money and ensure an affordable education.






  • Programming/Development



    • 5 Best Open Source Frameworks For Developers and Programmers
      A framework provides you the best solution for developing well structured, maintainable and up-gradable software. It saves a lot of time by re-using generic modules and libraries in order to focus on the other areas. Applications developed using a framework are inter-operable with market standards.

      But, there’s always been a confusion for many beginners to select a right framework. There are many frameworks for developing a same type of application. Without proper knowledge and research, you may end up learning a framework which is no longer useful or required for modern applications. That is the main reason behind this article. Here, I’m going to mention 5 best open source frameworks for developing modern applications.


    • What Attracts Devs To Open Source
      In an era in which we are becoming more an more reliant on open source software, it is important to know how to recruit and retain core developers - the ones that are key to a project's survival, sustainability and success. An attempt to do this comes from Brazil to be presented in Sweden.

      Jailton Coelho, Marco Tulio Valente, Luciana L. Silva, Andre Hora wanted to understand what motivates developers to assume a key role in Free/Libre Open source Software (FLOSS) projects. Their paper reporting the results of a survey of 52 developers who were core contributors of GitHub projects has been accepted for CHASE 2018: 11th International Workshop on Cooperative and Human Aspects of Software Engineering which is part of the 40th International Conference on Software Engineering taking place May 27 - 3 June 2018 in Gothenburg, Sweden.


    • An introduction to the Flask Python web app framework
    • March 2018 ISO C++ Meeting Trip Report (Core Language)
    • Fedora 28 Rust Test Day 2018-04-04






Leftovers



  • Science



    • China’s “Heavenly Palace” returns to Earth and burns up
      In recent weeks space agencies and satellite trackers have refined estimates for when the station, which Chinese engineers had lost control of, would lose enough altitude to begin plummeting rapidly toward Earth, and break apart in the atmosphere. It posed virtually no threat to anyone on the ground—and indeed it did break apart over the vast Pacific Ocean—but that didn't some pretty wild speculation in recent days.

      Due to the track of the station it seems unlikely that anyone on land had much of a view of the reentry event. Also, there appear to have been few airplanes in the vicinity of the reentry. The best bet for any kind of imagery or video, therefore, is probably someone on board a ship. But the odds of even this seem fairly low.




  • Health/Nutrition



    • As Trump Targets Immigrants, Elderly Brace To Lose Caregivers
      After back-to-back, eight-hour shifts at a chiropractor’s office and a rehab center, Nirva arrived outside an elderly woman’s house just in time to help her up the front steps.

      Nirva took the woman’s arm as she hoisted herself up, one step at a time, taking breaks to ease the pain in her hip. At the top, they stopped for a hug.

      “Hello, bella,” Nirva said, using the word for “beautiful” in Italian.

      “Hi, baby,” replied Isolina Dicenso, the 96-year-old woman she has helped care for for seven years.


    • Sen. Bernie Sanders: Shulkin's Ouster Is Really All About Koch Brothers' Privatization Push


      Echoing comments he made to the Washington Post last week, Sanders said, "Let us be clear...you have the Koch brothers—the third wealthiest family in this country who are going to spend some $400,000,000 on with their billionaire friends on the coming elections—having enormous power over the Trump administration."

      "And what the Koch brothers believe," he said, "is not just that we have to privatize the Veterans Administration. They want to privatize Medicare ... they want to privatize Medicaid... they're beginning to go after Social Security."

      "We have a Secretary of Education who does not believe in public education, a Secretary of the ...EPA who does not believe in environmental protection. So what you're looking at under the leadership of the Koch brothers is a massive effort to privatize agencies of the United States government and give them over to private corporations. That is what the removal of Shulkin is all about," Sanders said.


    • Ousted Veterans Affairs Head Warns of Privatization Push
      In a New York Times op-ed published on March 28, Shulkin said that he was fired after losing a “brutal power struggle” by balking at proposals for privatizing VA care. The effort is being pushed by Trump appointees and a group called Concerned Veterans of America that’s backed by billionaire right-wing Republican donors Charles and David Koch.




  • Security



    • Further securing devices running CopperheadOS by using separate Encryption/Lockscreen passphrases
      If you value “vendor-based” security more than freedom, you may consider CopperheadOS an viable alternative to the free but rather insecure Replicant (it requires an unlocked bootloader and is way behind in terms of security patches atm). Personally, I find both neither Replicant nor CopperheadOS perfectly satisfying options, but they are the very best you can have at the moment. In the future, I hope that (1) more devices will be supported by non-Android-based alternatives like postmarketOS and (2) devices which require less blobs such as the Librem 5 (I highly doubt that it will run completely without blobs) will become available.


    • remctl 3.14


      remctl is a client/server protocol supporting remote execution of specific configured commands using GSS-API or ssh for authentication and encryption.

      This is a minimal release that fixes a security bug introduced in 3.12, discovered by Santosh Ananthakrishnan. A remctl client with the ability to run a server command with the sudo configuration option may be able to corrupt the configuration of remctld to run arbitrary commands, although I believe this would be moderately difficult to do. Only remctld (not remctl-shel) is vulnerable, and only if there are commands using the sudo configuration option.


    • Open Source Security Podcast: Episode 90 - Humans and misinformation
    • Security updates for Monday
    • ‘Highly critical’ CMS bug has left over 1 million sites open to attack [Ed: Scary headline. But having spent hours dealing with this (two of my sites, also some stuff at work), I have heard of nobody that actually got cracked (so far). Nobody.]


      Drupal has marked the security risk as “highly critical” and warns that any visitor to the site could theoretically hack it through remote code execution due to a missing input validation.


    • SD Times news digest: Cloudflare 1.1.1.1, Drupal security vulnerability, and Linux 4.16


      Drupal reveals a security vulnerability within Drupal 7 and 8

      Drupal has announced that there is a vulnerability within Drupal 7.x and 8.x that could allow attackers to exploit attack vectors on Drupal sites, which would leave those sites vulnerable. Drupal is an open source solution for building websites and solutions.

      The company has issued a fix, which can be obtained by installing the most recent version of Drupal 7 or 8 core.

      In addition, the company releasing updates for Drupal 8.3.x and 8.4.x, even though those releases are no longer supported. The company has also stated that the vulnerability affects Drupal 6, which is at End of Life anyway.

      Linux 4.16 is released

      Linus Torvalds has announced the release of Linux 4.16. He claims that this release looks very similar to rc7 due to the fact that half of it is networking. Other new additions in this release are arch fixlets, driver fixes, and updates to documentation. A complete list of new features can be found here.




  • Defence/Aggression



    • Bolton Appointment as NSA Sees US Call Time on China’s Free Ride
      The passage of the Taiwan Travel Act (TTA) sent a signal to Beijing that the era of self-imposed restrictions on visits by high-level diplomatic and military officials to Taiwan is over.

      Ten days later, Ed Randall Royce, the head of the U.S. House Foreign Affairs Committee that unanimously passed the (TTA), was on the ground in Taipei affirming the strength of U.S.-Taiwan relations, ahead of meetings with Taiwan President Tsai Ing-wen (蔡英文).

      Royce followed in the still warm footsteps of Alex Wong, Deputy Assistant Secretary in the Bureau of East Asian and Pacific Affairs at the State Department, who had delivered some choice remarks on U.S.-China relations at the American Chamber of Commerce in Taipei’s Hsieh Nien Fan banquet on March 21.


    • Weapons for Anyone: Donald Trump and the Art of the Arms Deal
      It’s one of those stories of the century that somehow never gets treated that way. For an astounding 25 of the past 26 years, the United States has been theleading arms dealer on the planet, at some moments in near monopolistic fashion. Its major weapons-producers, including Boeing, Raytheon, and Lockheed Martin, regularly pour the latest in high-tech arms and munitions into the most explosive areas of the planet with ampleassistance from the Pentagon. In recent years, the bulk of those arms have gone to the Greater Middle East. Donald Trump is only the latest American president to preside over a global arms sales bonanza. With remarkable enthusiasm, he’s appointed himself America’s number one weapons salesman and he couldn’t be prouder of the job he’s doing.


    • Alex Jones Brainwashed His Own Son, Mother Claims
      The video echoed similar sentiments from a separate video which featured his father earlier this week, one in which Alex Jones interposed video clips of Marjory Stoneman Douglas High School students and shooting survivors that also equated them with Nazis.




  • Transparency/Investigative Reporting



    • Ecuador Explains Restriction of Julian Assange Communications
      The Ecuadorean government restricted Assange's access to communications on March 28 after he breached an agreement not to publicly discuss the domestic affairs of other nations.

      Using social media, Assange had criticized Germany's decision to arrest Catalan pro-independence leader Carles Puigdemont on behalf of the Spanish government.

      He also offered to testify in the Cambridge Analytica case, after evidence surfaced about the firm's involvement in Donald Trump's presidential campaign and the U.K.'s Brexit referendum.

      He then attacked Americas Minister Alan Duncan, who had called Assange a "miserable little worm" who should walk out of the embassy and give himself up to British justice.




  • Environment/Energy/Wildlife/Nature



    • Ecuador Grants Open-Pit Mining Permits in One of the World's Most Biodiverse Areas


      Mindo is a small village in the lush, tropical cloud forest that descends from the Andes to the coast just outside of Quito, Ecuador. The cloud forest is home to an abundance of wildlife, such as brightly colored lizards, wild cats, spectacled bear, and over 600 species of birds. Mindo was recently named one of the top 10 places to birdwatch in the world by National Geographic, and those who live there are known for their conservationist stances and fights against oil corporations. The area is so rich in biodiversity that it has won the Audubon Christmas bird count competition seven times with the highest number of species.

      Last week, Mindo residents were among the thousands who took to the streets all across Ecuador in a march to the presidential palace in Quito, to demand an end to mining. Mining has existed since pre-Incan times in the metal-rich landscapes of these tropical forests, but until the 1980s, the projects were small-scale and much lower impact. Over the past year, however, the government has been distancing itself from its conservationist stance and has opened huge portions of land to corporations interested in running large-scale open-pit mining projects.


    • Japan whalers return from Antarctic hunt after killing over 300 whales
      Japanese whaling vessels returned to port on Saturday after catching more than 300 of the mammals in the Antarctic Ocean without facing any protests by anti-whaling groups, officials said.

      A fleet of five whalers set sail for the Southern Ocean in November, as Tokyo pursues its “research whaling” in defiance of global criticism.

      Three of the vessels, including the fleet’s main ship, the Nisshin Maru, arrived in the morning at Shimonoseki port in western Japan, a port official said.


    • Arctic Drilling Lease Sale Proposed for 2019 in Beaufort Sea, Once Off-Limits
      Just over two years after President Obama "permanently" withdrew areas of Alaska's Beaufort Sea to oil drilling, the Trump administration has proposed to resume leasing there in 2019.

      The Bureau of Ocean Energy Management submitted an announcement to be published Friday in the Federal Register and asked for information about where companies might want to drill and which areas might be too environmentally sensitive.

      Shortly after taking office, President Trump overturned Obama's drilling ban and rescinded his five-year leasing plan for offshore drilling in federal waters. In January, the Trump administration began the process of re-doing the five-year leasing plan. That will take years to complete, and environmental groups said the latest move amounts to jumping the gun.



    • Smartphones Are Destroying Our Planet Faster Than We Think
      The entire world knows that we are marching towards the brink of destruction while we enjoy our comfortable lives and fancy gadgets. But do you know that the end could be much nearer than we thought?

      A recent study has confirmed that the massive amount of carbon footprint released due to smartphones could kill our planet at an alarming rate.


    • Assessing ICT global emissions footprint: Trends to 2040 & recommendations
      In light of the concerted efforts to reduce global greenhouse gas emissions (GHGE) per the so-called Paris Agreement, the Information and Communication Industry (ICT) has received little attention as a significant contributor to GHGE and if anything is often highly praised for enabling efficiencies that help reduce other industry sectors footprint. In this paper, we aim at assessing the global carbon footprint of the overall ICT industry, including the contribution from the main consumer devices, the data centers and communication networks, and compare it with the to the total worldwide GHGE. We conduct a detailed and rigorous analysis of the ICT global carbon footprint, including both the production and the operational energy of ICT devices, as well as the operational energy for the supporting ICT infrastructure. We then compare this contribution to the global 2016-level GHGE. We have found that, if unchecked, ICT GHGE relative contribution could grow from roughly 1–1.6% in 2007 to exceed 14% of the 2016-level worldwide GHGE by 2040, accounting for more than half of the current relative contribution of the whole transportation sector. Our study also highlights the contribution of smart phones and shows that by 2020, the footprint of smart phones alone would surpass the individual contribution of desktops, laptops and displays. Finally, we offer some actionable recommendations on how to mitigate and curb the ICT explosive GHGE footprint, through a combination of renewable energy use, tax policies, managerial actions and alternative business models.


    • EPA to its employees: Ignore science when talking about climate change
      On Wednesday, an internal Environmental Protection Agency memo was leaked to the Huffington Post. Under the guise of developing "consistent messages about EPA's climate adaptation efforts," the memo suggests a number of talking points the agency's employees can use if asked about adaptation. Most of them are general statements about how the EPA would like to help citizens and local governments manage adaptation. But there are two that directly address what we know about our changing climate, and both of them do a pretty awful job with the subject.

      The memo, which has been confirmed as authentic by the EPA, is from Joel Scheraga, a senior advisor on climate adaptation. In it, Scheraga says that the EPA's Office of Public Affairs has developed a set of talking points on climate issues. While he's pleased that many of them focus on adaptation, it's striking that they describe nothing but adaptation. Scheraga describes them as general "talking points about climate change," yet they don't contain a single mention of greenhouse gasses or any action by the EPA that might limit greenhouse gas emissions.



    • Thanks to Climate Disruption, Earth Is Already Losing Critical Biosphere Components
      Two weeks ago, I gave a keynote presentation about anthropogenic climate disruption (ACD) at a large sustainability conference in Chico, California. During the question-and-answer session following my talk, a student asked me what I thought the world would look like by 2050. His question stopped me in my tracks. I had to pause and take a deep breath, to prepare myself emotionally for what I had to tell him.







  • Finance



    • The Oligarchs’ ‘Guaranteed Basic Income’ Scam
      A number of the reigning oligarchs—among them Mark Zuckerberg (net worth $64.1 billion), Elon Musk (net worth $20.8 billion), Richard Branson (net worth $5.1 billion) and Stewart Butterfield (net worth $1.6 billion)—are calling for a guaranteed basic income. It looks progressive. They couch their proposals in the moral language of caring for the destitute and the less fortunate. But behind this is the stark awareness, especially in Silicon Valley, that the world these oligarchs have helped create is so lopsided that future consumers, plagued by job insecurity, substandard wages, automation and crippling debt peonage, will be unable to pay for the products and services offered by the big corporations.

      The oligarchs do not propose structural change. They do not want businesses and the marketplace regulated. They do not support labor unions. They will not pay a living wage to their bonded labor in the developing world or the American workers in their warehouses and shipping centers or driving their delivery vehicles. They have no intention of establishing free college education, universal government health or adequate pensions. They seek, rather, a mechanism to continue to exploit desperate workers earning subsistence wages and whom they can hire and fire at will. The hellish factories and sweatshops in China and the developing world where workers earn less than a dollar an hour will continue to churn out the oligarchs’ products and swell their obscene wealth. America will continue to be transformed into a deindustrialized wasteland. The architects of our neofeudalism call on the government to pay a guaranteed basic income so they can continue to feed upon us like swarms of longnose lancetfish, which devour others in their own species.





  • AstroTurf/Lobbying/Politics



    • News Anchors Reciting Sinclair Propaganda Is Even More Terrifying in Unison
      Over the last week or so, local television news anchors across the the country have joined together to paradoxically warn viewers about the “troubling trend of irresponsible, one-sided news stories plaguing our country.” The identical, seemingly earnest editorial messages paid lip service to the importance of fact-checking and unbiased reporting, but they also complained about “false news” and “fake stories.” If that seems to echo the rhetoric of President Trump, it’s probably because the statement was written by one of his allies.

    • “We Know Where Your Kids Live”: How John Bolton Once Threatened an International Official
      WHO BETTER TO advise the bully-in-chief, Donald Trump, on when to make war and kill people than another bully? It’s difficult, after all, to avoid the label — that of a bully — when thinking of John Bolton, the former Bush administration official-turned-Fox News pundit who Trump recently picked as his national security adviser.

      “John Bolton is a bully,” José Bustani, the retired Brazilian diplomat and former head of the Organization for the Prohibition of Chemical Weapons, told me when I reached him by phone in Paris earlier this month.

      There are a number of people who claim to have been bullied or intimidated by Bolton — including Bustani. The latter’s criticisms of the famously mustachioed hawk have been public for many years now, but some of the details of his tense encounter with Bolton at the OPCW have never been reported before in English.
    • Whatever happened to civil society?


      At the annual meetings of the World Economic Forum in Davos, ‘civil society’ is referenced in virtually every presentation and fireside conversation. The world, it seems, no longer consists of two sectors—public and private, state and market—there is a third: NGOs and INGOs, charities and philanthropists, human rights watchdogs, aid and development agencies and global environmental campaigns to name but a few. The ‘Third Sector’ has arrived, and Its CEOs now mingle seamlessly with those from banks, energy companies, media giants and government agencies.

      [...]

      In Australia, there are 700,000 voluntarily-formed community organisations. Of these, just 35,000 or five per cent are run by professional managers; the other 95 per cent are entirely voluntary in character, with no paid staff. Should any Australian not-for-profit be invited to Davos, you can be certain that it would be one of the small minority that are run by paid managers. The rest don’t register on the radar screens of public and private sector executives. The five per cent do almost all of the public talking about civil society, and impose their own self-understanding and culture on the sector as a whole.
    • Big American Money, Not Russia, Put Trump in the White House: Reflections on a Recent Report


      What was that about? My first suspicion was that Hillary’s policy silence was about the money. It must have reflected her success in building a Wall Street-filled campaign funding war-chest so daunting that she saw little reason to raise capitalist election investor concerns by giving voice to the standard fake-progressive “hope” and “change” campaign and policy rhetoric Democratic presidential contenders typically deploy against their One Percent Republican opponents. Running against what she (wrongly) perceived (along with most election prognosticators) as a doomed and feckless opponent and as the clear preferred candidate of Wall Street and the intimately related U.S foreign policy elite, including many leading Neoconservatives put off by Trump’s isolationist and anti-interventionist rhetoric, the “lying neoliberal warmonger” Hillary Clinton arrogantly figured that she could garner enough votes to win without having to ruffle any ruling-class feathers. She would cruise into the White House with no hurt plutocrat feelings simply by playing up the ill-prepared awfulness of her Republican opponent.
    • “We Cannot Wait for Change”—Freed Whistleblower Chelsea Manning on Iraq, Prison & Running for Senate
    • Trump's census move borrowed from racial gerrymandering playbook
      The Trump administration announced this week that the 2020 census would — for the first time in over 50 years — ask everyone in the U.S. whether they are a citizen. The announcement, which comes in the midst of the administration's immigration crackdown, has provoked new fears in the immigrant community.

      Trump's Department of Justice (DOJ) requested the question in a letter, claiming that the citizenship information will help it better enforce the Voting Rights Act, which among other things requires states to ensure that voters of color are not robbed of the power to elect their candidates of choice through redistricting. The DOJ said it "needs a reliable calculation of the citizens voting age population in localities where voting rights violations are alleged or suspected."
    • A Bigger Welcome Mat for America’s Tax Evaders


      Every nation levies taxes. Some nations levy well. In these admirable nations, tax systems spread the tax burden fairly. Those who can readily afford to pay more in taxes do pay more.

      Other nations tax poorly. They set low tax rates on high incomes. Officials in these nations let their wealthiest carve generous loopholes in their tax codes. They wink at outright tax evasion.

      Nations that go down this sorry second path don’t just lose out on revenue they ought to be raising. They turbocharge their inequality. They invite corruption. They poison their civic culture — and eventually, once enough poison takes hold, crash their economies.

      This crashing played out earlier this century most notably in Greece. That nation’s economic life essentially collapsed, the Economist business magazine noted six years ago, amid a tax evasion that had evolved into “less an under-the-radar activity, more a social norm.”

      The Greek wealthy, the Economist observed, established that norm. Greece’s most “egregious” tax cheating, researchers had found, “happens higher up the wealth ladder.”

      The United States hasn’t hit — yet — the levels of tax evasion that leveled Greece. But we’re moving in that direction, ever more deliberately. This past winter saw lawmakers shove us further down this perilous path in two major pieces of legislation.




  • Censorship/Free Speech



    • Scrubbed clean: why a certain kind of sex is vanishing from the internet

      A US government effort to fight online sex trafficking has cleansed many sites of personal ads and consensual eroticism, in a shift advocates say amounts to dangerous censorship

      Craigslist has shut down its renowned “personals” section, which once featured ads titled “Hot days” and “Looking to fool around tonight”. Porn performers are complaining that Google Drive is no longer allowing them to share erotic videos with private clients. Microsoft has announced new rules banning “offensive language” from conversations on Skype and Xbox. And Reddit has closed sex industry discussion groups entitled “Escorts”, “Hookers”, and “SugarDaddy”.



    • Media censorship fears rise after Malaysia's proposed fake news law
      While battling fake news is media's biggest challenge all over the world, a new rule proposed by Malaysian Prime Minister Najib Razak has stirred censorship fears in the country.
    • New anti-fake news law by Malaysia sparks censorship fears
      Malaysia's newly drafted anti-fake news law, which is proposed to clamp down on fake news, has fuelled concerns among the people on fears of media censorship.

      With the general elections scheduled to be held in August and a massive financial scandal, plaguing Malaysian Prime Minister Najib Razak, most mediapersons have questioned the government intent in introducing the anti-fake news bill that was taken up in the country's parliament earlier this week.

      The proposed Anti-Fake News Bill 2018 will give the government sweeping and authoritative powers to penalise those who are found guilty of creating or spreading fake news, along with a jail term of up to six years and fines as high as USD 130,000, according to CNN.
    • Google De-Monetizes Video of Cameroon Protest, Gaza UNSC Meeting, Neo-Censorship, So Patreon
      Now Google's YouTube is engaged in systematic financial censoring of independent videos about censorship.
    • Malaysia outlaws 'fake news'; sets jail of up to six years
      Malaysia on Monday approved a law against “fake news” that would allow for prison of up to six years for offenders, shrugging off critics who say it was aimed at curbing dissent and free speech ahead of a general election.




  • Privacy/Surveillance



    • Six months later: 3 things I learned from deleting Faceboo
      Six months ago, I deleted my Facebook and Instagram accounts. Beyond data privacy concerns, social media became a virtual band-aid applied to moments of weakness and sadness for me. I became more aware of the effects of social media on my mood and general outlook on the world, as I explained in my decision to delete my accounts. Six months passed since I deleted my accounts. Along the way, I learned a few lessons on creating a healthy diet of media and pop culture consumption in a world of constant connectivity and endless media reservoirs.

      [...]

      Since the November 2016 elections, social media content is an ever-increasing black box. You find powerful optimism, overwhelming pessimism, and some things as a balance between the two. I became aware that the content on my timeline had a tangible, noticeable effect on my daily perspective. If someone I knew fired off a thread hinting at doom and gloom, that content translates into my daily view.

      We cannot pretend that what we read on the screen has no effect on our real lives.


    • There's No Quick Fix For Securing Communications: EFF Ditches Secure Messaging Scorebard
      The EFF hasn't released a scorecard for secure messaging apps since 2014. The scorecard has been updated several times, but there's no current quick reference guide for secure messaging that considers all the tech (and legal) developments over the past four years. The EFF's guide was handy, but it also was the target of legitimate criticism. Simplifying complex issues is helpful, but not if it inadvertently omits critical considerations.

      The EFF recognizes there's no quick and dirty way to solve everyone's security issues. Consequently, the EFF has announced that it will no longer be providing a secure messaging scorecard. It will still provide plenty of useful info for those seeking secure options, but it cannot in good faith claim to address every potential issue in an easy-to-follow infographic.
    • You hated the NSA. So why not Facebook?
      This learned dependence could explain why Facebook still exists, despite its abject failure to protect users’ data. According to Wired, Cambridge professor Aleskandr Kogan requested access to Facebook user data for a research project. He developed an app which—unbeknownst to users—“granted access to many of their Facebook friends’ likes and interests as well [as their own].” That’s how an academic managed to scrape data on some 50 million Facebook users. Kogan then sold that data to Cambridge Analytica in violation of Facebook policies. And now, per The Washington Post, whistleblower Christopher Wylie has shone light into dark places. It’s nothing to worry about, just a massive campaign of voter manipulation which may have swayed the 2016 presidential election.
    • Leaked Letter Alleges Cambridge Analytica Link to HH, UPND

      According to an apparent letter of engagement dated 11 March 2016 from Cambridge Analytica to Hakainde Hichilema (attached below), which was leaked to several media outlets this weekend, the firm worked for the UPND in the 2016 election at a rate of $150,000 per month. The letter promised to “deploy certain third-party persuasion techniques which we have proven hugely successful in past campaigns in Nigeria. We feel that a similar approach is exactly what is needed to deliver victory to the UPND.”

      [...]

      Zambia Reports is unable to confirm the authenticity of the letter.



    • Mapped: The breathtaking global reach of Cambridge Analytica’s parent company

      So far, the focus has been on CA’s impact in the US and UK, but SCL Elections claims to have a far larger footprint. According to company documents issued around 2013, which were reviewed by Quartz, SCL has worked in 32 countries across Europe, North and South America, Asia, Africa, and the Caribbean.



    • Cambridge Analytica is what happens when you privatise military propaganda

      To understand Cambridge Analytica and its parent firm, Strategic Communication Laboratories, we need to get our heads round what Baudrillard meant, and what has happened since: how military propaganda has changed with technology, how war has been privatised, and how imperialism is coming home.



    • Tip Of The Suckerberg

      In India, this has led to a bitter debate and mudslinging between the BJP and the Congress over the latter employing the services of Cambridge Analytica to influence elections. While the slugfest between the two big parties €­continues, this has led to a larger question: how safe is €­personal information and data in the hands of social media companies such as Facebook and WhatsApp? Indians routinely open up their hearts on these sites to share €­information about themselves and their families—do the sites then sell this data to others to man€­ipulate buying and, well, voting?



    • Zucker & Sucker

      Now that Facebook has proven how easy it is to make money out of other people’s digital poop, all companies private and government should take a leaf out of Zucker’s Book On Suckers and try putting out all employee data out for sale.



    • Facebook scrambles to distance itself from leaked memo

      Lawmakers have already been scrutinizing Facebook over how research firm Cambridge Analytica, which worked on the Trump campaign, took data from 50 million users. They were quick to seize on the new revelations from the memo.



    • Accused NSA leaker wants to subpoena states, cybersecurity firms and federal agencies
      National Security Agency contractor Reality Winner, who is accused of leaking a top-secret report on Russian hacking activity connected to the 2016 election, is seeking to pull 21 states and an array of leading cybersecurity firms into her criminal case by subpoenaing them as part of her trial.

      Lawyers for Winner revealed in a court filing Friday that they want to subpoena representatives of the states formally notified by the Department of Homeland Security last September that they were targeted by hackers the U.S. government says were acting on behalf of the Russian government.

      Winner's attorneys also listed 10 cybersecurity companies they contend could have information useful to her defense: TrendMicro, FireEye, Eset, CrowdStrike, Volexity, F-Secure Corporation, ThreatConnect, Motherboard, Secureworks and Fidelis Cybersecurity.


    • Tech giants brace for sweeping EU privacy law

      The General Data Protection Regulation (GDPR), which goes into effect across the EU on May 25, will drastically change what [I]nternet companies can do with customers' data.





  • Civil Rights/Policing



    • Alarm as government rewrites UK 'torture guidance' in secret
      A British government guidance paper that is intended to prevent the country’s intelligence officers from becoming involved in human rights abuses is being rewritten in secret, much to the alarm of civil liberties groups.

      Rights activists are deeply worried that the UK government may be tempted to water down the guidance at a time when the US president, Donald Trump, has said he hopes to restore waterboarding – “and a hell of a lot worse” – and has nominated Gina Haspel as the next head of the CIA. Haspel reportedly oversaw a secret CIA prison in Thailand, where a terrorism suspect was tortured.

      The UK paper, known in Whitehall as the ”consolidated guidance”, was rewritten and made public by the coalition government following a series of scandals in the years following the 9/11 attack on the twin towers in New York.


    • Protests Continue Over Killing of Stephon Clark as Autopsy Reveals Officers Shot Him in the Back
      Protests over the deadly police shooting of 22-year-old unarmed Stephon Clark are continuing on Saturday, with a former NBA player set to lead a rally in Sacramento to continue the call for justice and accountability.

      "I love Sacramento and this community will always be a part of me," said Matt Barnes, whose basketball career included playing with the Sacramento Kings. "As the father of two boys, I can't stay silent on this issue. We clearly need to unite, organize, and act to bring the accountability that is so desperately needed. This rally is the beginning to seeing that change."


    • Holst: Why the Senate should refuse to confirm Gina Haspel
      The Trump administration has been experiencing a large amount of turnover. Whether or not that is simply aggressively pursuing the right staff for long-term success or a sign of chaotic and impulsive leadership, I won’t speculate.

      But due to the recent departure of Rex Tillerson, President Trump has decided to nominate CIA head Mike Pompeo for secretary of state. To fill Pompeo’s place, President Trump has nominated Gina Haspel, who has been serving as deputy director of the CIA.


    • The teenager told police all about his gang, MS-13. In return, he was slated for deportation and marked for death.
      If Henry is killed, his death can be traced to a quiet moment in the fall of 2016, when he sat slouched in his usual seat by the door in 11th-grade English class. A skinny kid with a shaggy haircut, he had been thinking a lot about his life and about how it might end. His notebook was open, its pages blank. So he pulled his hoodie over his earphones, cranked up a Spanish ballad and started to write.


    • Trump Declares DACA Dead, Demands Border Wall
      President Trump has declared DACA dead, dimming the prospects for hundreds of thousands of young undocumented immigrants who were granted permission to live and work in the United States under the Deferred Action for Childhood Arrivals program. In a tweet early this morning, Trump wrote, ”DACA is dead because the Democrats didn’t care or act, and now everyone wants to get onto the DACA bandwagon… No longer works. Must build Wall and secure our borders with proper Border legislation. Democrats want No Borders, hence drugs and crime!” Trump’s latest tweet followed a flurry of attacks on DACA on Easter Sunday, in which Trump threatened to cancel the North American Free Trade Agreement unless Mexico helps pay for a wall along its border with the U.S.





  • Internet Policy/Net Neutrality



    • Why I am not too enthusiastic about AMP

      Most people (rightfully) thinks AMP is a result of Facebook implementing a similar product. To me, both facebook’s implementation and Google’s AMP feels like such a huge step backward – as if we are back to the walled garden of AOL days.





  • Intellectual Monopolies



    • Copyrights



      • Lawyer Behind Failing Sham To Protect Sketchy Patents Sends Bogus Copyright Cease & Desist To Blogger
        [...]

        The letter goes on to demand Schestowitz cease and desist from doing anything with the photograph and gives him until the end of this week to respond. In an abundance of caution, Schestowitz has done so. But he shouldn't need to. Abdi, a recent law school grad, specializes in patent and trademark issues, but considering she worked at the Intellectual Property Law Clinic in law school, one would hope that at some point someone taught her about Section 107 of copyright law, regarding exceptions to copyright law, including fair use. That starts out by noting that using works "for purposes such as criticism, comment, [and] news reporting" can be considered fair use, and thus non-infringing.

        Indeed, there is a case that is directly on point on this issue, Dhillon v. Does, in which a lawyer named Harmeet Dhillon was upset about a website, called MungerGames, that published an article critical of her that included one of her own headshots that she had posted on the web. In other words, an identical situation to the one here. The court there found it to easily be fair use. And, of course, we won't even get that deeply into the open questions of whether or not Shore actually holds the copyright in this image. Abdi's letter states that Shore "has exclusive rights in his photographs" which is not entirely accurate. It's unclear who took this photo, but it clearly was not Shore. It is possible that there was an assignment of the copyright in the photo to Shore or that it was done under some sort of explicit work-made-for-hire agreement, but nowhere does the letter state that. Indeed, it seems to imply (incorrectly under the law) that Shore has exclusive rights in photos taken of him rather than by him. Notably, nowhere in the letter does Abdi suggest that Shore registered the copyright in the photo, which would be a necessary prerequisite to suing for statutory damages (there simply are no actual damages here anyway).

        Of course, it's possible that Abdi knows all this and was just doing what the partners at her firm asked her to do, which was to send a purely bumptious, censorial threat to a blogger for daring to call out the sketchy legal practices of the law firm Shore Chan DePumpo in trying to craft sham patent sales for the sake of avoiding questionable patents getting invalidated by the PTAB. Of course, sending such a threat might just backfire, in the same way that Shore's plan to "sell" (wink, wink) patents to Native American tribes has backfired. Indeed, it might call attention to just how thin-skinned Michael Shore is, and how he's willing to have associates at his firm send out completely ridiculous, legally nonsensical threats in a weak attempt to try to scare off someone who was criticizing him.
      • Not Everything Needs Copyright: Lawyers Flip Out That Photos Taken By AI May Be Public Domain
        You may recall the years we've spent over the ridiculous monkey selfie story, concerning whether or not there was a copyright in a selfie taken by a monkey (there is not) and if there is (again, there is not) whether it's owned by the monkey (absolutely not) or the camera owner (still no). But one of the points that we raised was to remind people that not every bit of culture needs to be locked up under copyright. It's perfectly fine to have new works enter the public domain. So much of the confusion over the whole monkey selfie thing is that so many people have this weird belief that every new piece of content simply must have a copyright. Indeed, during the PETA legal arguments in trying to claim the copyright on behalf of the monkey, they basically took it as given that a copyright existed, and felt the only fight was over who got to hold it: the camera owner or the monkey.

        As we mentioned a few times throughout that ordeal, it really appeared that PETA's lawyers at the hotshot (and formerly respectable) law firm of Irell & Manella had taken on the case to establish some credibility on the issue of non-human-generated works and copyright. There isn't likely to be a rush of animal selfies (though there just was a pretty damn awesome penguin selfie -- no one tell PETA), but there are going to be a whole bunch of questions in the very, very near future concerning copyright and works generated by artificial intelligence. If you look, there are already many, many law review articles, papers, think pieces and such on whether or not AI-generated works deserve copyright, and some of these go back decades (shout out to Pam Samuelson's prescient 1985 paper: Allocating Ownership Rights in Computer-Generated Works).

        But now many of these questions are becoming reality, and some lawyers are freaking out. Case in point: an article in Lexology recently by two Australian lawyers, John Hannebery and Lachlan Sadler, in which they seem quite disturbed about the copyright questions related to the new Clips camera from Google. In case you haven't heard about it (and I'll confess this article was the first I'd found out about it), Clips is a tiny camera that you "clip" somewhere while action is happening and it uses AI to try to take a bunch of good pictures. Sounds interesting enough, if it actually works.
      • 'Copyright negligence boomerangs on Korean game industry’
        Korea’s game industry, which has been enjoying an unrivaled lead in the world market, is increasingly struggling against Chinese copycats.

        But the developers mostly have themselves to blame for underestimating the importance of copyrights for so many years, according to a game business expert.
      • Spotify’s Two Million Unauthorized Users Hammered Google For Alternatives
        Earlier this month, Spotify began taking action against users abusing its free tier. After detecting their modified Android files, countless people were suspended or excluded from the service. Now Spotify has revealed that it had a staggering two million unauthorized users and data from Google shows that many flooded the search engine during March looking for a way back in.

      • Happy as Larry: Why Oracle won the Google Java Android case
        One piece of paper. Just one lousy piece of paper. That's the difference between success and a potential $8.8bn payout.

        Google's lucky streak finally ran out this week. Its defense for using Oracle's copyrighted Java code in Android – without paying the database giant a penny in royalties – collapsed in a US Federal appeals court, just as I predicted it would in 2016. Why was I so confident back then that Oracle would prevail?


      • Comcast Doesn’t Disconnect All Binging Pirates

        Comcast has recently updated its repeat infringer policy to make it clear that persistent pirates risk losing their Internet access. While the company doesn't specifically state when a subscriber is at risk, receiving more than 50 DMCA notices on a single day doesn't appear to cause any issues. Perhaps Comcast favors a more gradual approach?









Recent Techrights' Posts

Google Has Mass Layoffs (Again), But the Problem is Vastly Larger
started as a rumour about January 2025
Electronic Frontier Foundation Defends Companies That Attack Free Speech Online (Follow the Money)
One might joke that today's EFF has basically adopted the same stance as Donald Trump and has a "warm spot" for BRICS propaganda
 
Early Retirement Age: Linus Torvalds Turns 55 Next Week
Now he's almost eligible for retirement in certain European countries
Gemini Links 22/12/2024: Solstice and IDEs
Links for the day
BetaNews: Microsoft Slop is Your "Latest Technology News"
Paid-for garbage disguised as "journalism"
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, December 21, 2024
IRC logs for Saturday, December 21, 2024
Links 21/12/2024: EU on Solidarity with Ukraine, Focus on Illegal and Unconstitutional Patent Court in the EU (UPC)
Links for the day
[Meme] Microsofters at the End of David's Leash
Hand holding the leash. Whose?
Deciphering Matt's Take on WordPress, Which is Under Attack From Microsofters-Funded Aggravator
the money sponsoring the legal attacks on WordPress and on Matt is connected very closely to Microsoft
Gemini Links 21/12/2024: Projections, Dead Web ('Webapps' Replacing Pages), and Presentation of Pi-hole
Links for the day
American Samoa One of the Sovereign States Where Windows Has Fallen Below 1% (and Stays Below It)
the latest data plotted in LibreOffice
[Meme] Brian's Ravioli
An article per minute?
Links 21/12/2024: "Hey Hi" (AI) or LLM Bubble Criticised by Mainstream Media, Oligarchs Try to Control and Shut Down US Government
Links for the day
LLM Slop is Ruining the Media and Ruining the Web, Ignoring the Problem or the Principal Culprits (or the Slop Itself) Is Not Enough
We need to encourage calling out the culprits (till they stop this poor conduct or misconduct)
Christmas FUD From Microsoft, Smearing "SSH" When the Real Issue is Microsoft Windows
And since Microsoft's software contains back doors, only a fool would allow any part of SSH on Microsoft's environments, which should be presumed compromised
Paywalls, Bots, Spam, and Spyware is "Future of the Media" According to UK Press Gazette
"managers want more LLM slop"
On BetaNews Latest Technology News: "We are moderately confident this text was [LLM Chatbot] generated"
The future of newsrooms or another site circling down the drain with spam, slop, or both?
"The Real New Year" is Now
Happy solstice
Microsoft OSI Reads Techrights Closely
Microsoft OSI has also fraudulently attempted to censor Techrights several times over the years
"Warning About IBM's Labor Practices"
IBM is not growing and its revenue is just "borrowed" from companies it is buying; a lot of this revenue gets spent paying the interest on considerable debt
[Meme] The Easier Way to Make Money
With patents...
The Curse (to Microsoft) of the Faroe Islands
The common factor there seems to be Apple
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, December 20, 2024
IRC logs for Friday, December 20, 2024
Gemini Links 21/12/2024: Death of Mike Case, Slow and Sudden End of the Web
Links for the day
Links 20/12/2024: Security Patches, Openwashing by Open Source Initiative, Prison Sentence for Bitcoin Charlatan and Fraud
Links for the day
Another Terrible Month for Microsoft in Web Servers
Consistent downward curve
LLM Slop Disguised as Journalism: The Latest Threat to the Web
A lot of it is to do with proprietary GitHub, i.e. Microsoft
Gemini Links 20/12/2024: Regulation and Implementing Graphics
Links for the day
Links 20/12/2024: Windows Breaks Itself, Mass Layoffs Coming to Google Again (Big Wave)
Links for the day
Microsoft: "Upgrade" to Vista 11 Today, We'll Brick Your Audio and You Cannot Prevent This
Windows Update is obligatory, so...
The Unspeakable National Security Threat: Plasticwares as the New Industrial Standard
Made to last or made to be as cheap as possible? Meritocracy or industrial rat races are everywhere now.
Microsoft's All-Time Lows in Macao and Hong Kong
Microsoft is having a hard time in China, not only for political reasons
[Meme] "It Was Like a Nuclear Winter"
This won't happen again, will it?
If You Know That Hey Hi (AI) is Hype, Then Stop Participating in It
bogus narrative of "Hey Hi (AI) arms race" and "era/age of Hey Hi" and "Hey Hi Revolution"
Bangladesh (Population Close to 200 Million) Sees Highest GNU/Linux Adoption Levels Ever
Microsoft barely has a grip on this country. It used to.
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, December 19, 2024
IRC logs for Thursday, December 19, 2024