Bonum Certa Men Certa

Links 18/5/2018: AsteroidOS 1.0 Released, More Snyk/Black Duck FUD





GNOME bluefish

Contents





GNU/Linux



  • Desktop



    • Raptor Launching Talos II Lite POWER9 Computer System At A Lower Cost
      For those that have been interested in the Talos II POWER-based system that is fully open-source down to the firmware but have been put off by its cost, Raptor Computer Systems today announced the Talos II Lite that is a slightly cut-down version of the Talos II Workstation.

      The Talos II Lite is still a very competent beast of a system and features a single POWER9 CPU socket, EATX chassis, 500W ATX power supply, and is sold as a barebones package. The Talos II Lite motherboard supports up to the 22-core POWER9 CPU, eight DDR4 ECC RAM slots, one PCI Express 4.0 x16 slot, one PCI Express 4.0 x8 slot, dual Gigabit Ethernet, four USB 3.0 ports, and one USB 2.0 port.


    • A little Talos of your very own
      Overall, that $3300 really does translate into greatly improved expandability in addition to the beefier power supplies, and thus it was never really an option for my needs personally. Maybe my mini:Quad analogy wasn't so off base. But if you want to join the POWER9 revolution on a budget and give Chipzilla the finger, as all right-thinking nerds should, you've now got an option that only requires passing a kidneystone of just half the size or less. It ships starting in July.




  • Server



    • Containers and microservices and serverless, oh my!
      A new round of buzzword-heavy technologies are becoming relevant to—or at least discussed among—developers, operations professionals, and the tech staff who lead them. Need to come up to speed on the changing cloud and container trends and technologies? If you feel out of the loop, this tech-transfer explainer should provide enlightenment.

      Once upon a time, virtual machines changed how we thought about servers. Then, the cloud changed how we thought about IT. Now, containers have started a new transformation. The latest entry is “serverless”—though I should point out immediately that the term serverless is a misnomer. Future cloud-native applications will consist of both microservices and functions, often wrapped as Linux containers.

      VMs and the cloud enabled DevOps, the practice of developers and IT operations staff collaborating to optimize technology processes. Cloud technologies’ dynamic compute and storage resources made it easier to provision resources. The idea behind DevOps is that developers no longer need to worry about infrastructure because that's taken care of in the background by programs such as Ansible, Chef, and Puppet.

      Then along came containers. Containers use far fewer resources than VMs by using shared operating systems. Containers are also easier to spin up and down when circumstances require it.


    • How a competitive cycling team applies DevOps and agile methods


    • Red Hat Virtualization 4.2 Gains New SDN, High-Performance Features


    • Scaling AMQ 7 Brokers with AMQ Interconnect


      Red Hat JBoss AMQ Interconnect provides flexible routing of messages between AMQP-enabled endpoints, including clients, brokers, and standalone services. With a single connection to a network of AMQ Interconnect routers, a client can exchange messages with any other endpoint connected to the network.

      AMQ Interconnect can create various topologies to manage a high volume of traffic or define an elastic network in front of AMQ 7 brokers. This article shows a sample AMQ Interconnect topology for scaling AMQ 7 brokers easily.

      AMQ Interconnect does not use master-slave clusters for high availability. It is typically deployed in topologies of multiple routers with redundant network paths, which it uses to provide reliable connectivity. AMQ Interconnect can distribute messaging workloads across the network and achieve new levels of scale with very low latency.

      The router accepts AMQP protocol–based connections from clients and creates AMQP connections to brokers or AMQP services. The router classifies incoming AMQP messages and routes the messages between message producers and message consumers.

      A messaging client can make a single AMQP connection into a messaging bus built with routers, and over that connection it can exchange messages with one or more message brokers connected to any router in the network. At the same time, the client can exchange messages directly with other endpoints without involving a broker at all.s
    • Advisory: Red Hat DHCP Client Command Injection Trouble






  • Kernel Space



    • Is it time to remove ZONE_DMA?
      The DMA zone (ZONE_DMA) is a memory-management holdover from the distant past. Once upon a time, many devices (those on the ISA bus in particular) could only use 24 bits for DMA addresses, and were thus limited to the bottom 16MB of memory. Such devices are hard to find on contemporary computers. Luis Rodriguez scheduled the last memory-management-track session of the 2018 Linux Storage, Filesystem, and Memory-Management Summit to discuss whether the time has come to remove ZONE_DMA altogether.


    • Zone-lock and mmap_sem scalability
      The memory-management subsystem is a central point that handles all of the system's memory, so it is naturally subject to scalability problems as systems grow larger. Two sessions during the memory-management track of the 2018 Linux Storage, Filesystem, and Memory-Management Summit looked at specific contention points: the zone locks and the mmap_sem semaphore.


    • Hotplugging and poisoning
      Memory hotplugging is one of the least-loved areas of the memory-management subsystem; there are many use cases for it, but nobody has taken ownership of it. A similar situation exists for hardware page poisoning, a somewhat neglected mechanism for dealing with memory errors. At the 2018 Linux Storage, Filesystem, and Memory-Management summit, Michal Hocko and Mike Kravetz dedicated a pair of brief memory-management track sessions to problems that have been encountered in these subsystems, one of which seems more likely to get the attention it needs than the other.


    • Reworking page-table traversal
      A system's page tables are organized into a tree that is as many as five levels deep. In many ways those levels are all similar, but the kernel treats them all as being different, with the result that page-table manipulations include a fair amount of repetitive code. During the memory-management track of the 2018 Linux Storage, Filesystem, and Memory-Management Summit, Kirill Shutemov proposed reworking how page tables are maintained. The idea was popular, but the implementation is likely to be tricky.


    • get_user_pages() continued
      At a plenary session held relatively early during the 2018 Linux Storage, Filesystem, and Memory-Management Summit, the developers discussed a number of problems with the kernel's get_user_pages() interface. During the waning hours of LSFMM, a tired (but dedicated) set of developers convened again in the memory-management track to continue the discussion and try to push it toward a real solution.

      Jan Kara and Dan Williams scheduled the session to try to settle on a way to deal with the issues associated with get_user_pages() — in particular, the fact that code that has pinned pages in this way can modify those pages in ways that will surprise other users, such as filesystems. During the first session, Jérôme Glisse had suggested using the MMU notifier mechanism as a way to solve these problems. Rather than pin pages with get_user_pages(), kernel code could leave the pages unpinned and respond to notifications when the status of those pages changes. Kara said he had thought about the idea, and it seemed to make some sense.



    • XFS parent pointers
      At the 2018 Linux Storage, Filesystem, and Memory-Management Summit (LSFMM), Allison Henderson led a session to discuss an XFS feature she has been working on: parent pointers. These would be pointers stored in extended attributes (xattrs) that would allow various tools to reconstruct the path for a file from its inode. In XFS repair scenarios, that path will help with reconstruction as well as provide users with better information about where the problems lie.


    • Shared memory mappings for devices
      In a short filesystem-only discussion at the 2018 Linux Storage, Filesystem, and Memory-Management Summit (LSFMM), Jérôme Glisse wanted to talk about some (more) changes to support GPUs, FPGAs, and RDMA devices. In other talks at LSFMM, he discussed changes to struct page in support of these kinds of devices, but here he was looking to discuss other changes to support mapping a device's memory into multiple processes. It should be noted that I had a hard time following the discussion in this session, so there may be significant gaps in what follows.


    • A new API for mounting filesystems
      The mount() system call suffers from a number of different shortcomings that has led some to consider a different API. At last year's Linux Storage, Filesystem, and Memory-Management Summit (LSFMM), that someone was Miklos Szeredi, who led a session to discuss his ideas for a new filesystem mounting API. Since then, David Howells has been working with Szeredi and VFS maintainer Al Viro on this API; at the 2018 LSFMM, he presented that work.

      He began by noting some of the downsides of the current mounting API. For one thing, you can pass a data page to the mount() call, but it is limited to a single page; if too many options are needed, or simply options with too many long parameters, they won't fit. The error messages and information on what went wrong could be better. There are also filesystems that have a bug where an invalid option will fail the mount() call but leave the superblock in an inconsistent state due to earlier options having been applied. Several in the audience were quick to note that both ext4 and XFS had fixed the latter bug along the way, though there may still be filesystems that have that behavior.


    • Controlling block-I/O latency
      Chris Mason and Josef Bacik led a brief discussion on the block-I/O controller for control groups (cgroups) in the filesystem track at the 2018 Linux Storage, Filesystem, and Memory-Management Summit. Mostly they were just aiming to get feedback on the approach they have taken. They are trying to address the needs of their employer, Facebook, with regard to the latency of I/O operations.

      Mason said that the goal is to strictly control the latency of block I/O operations, but that the filesystems themselves have priority inversions that make that difficult. For Btrfs and XFS, they have patches to tag the I/O requests, which mostly deals with the problem. They have changes for ext4 as well, but those are not quite working yet.


    • A mapping layer for filesystems
      In a plenary session on the second day of the Linux Storage, Filesystem, and Memory-Management Summit (LSFMM), Dave Chinner described his ideas for a virtual block address-space layer. It would allow "space accounting to be shared and managed at various layers in the storage stack". One of the targets for this work is for filesystems on thin-provisioned devices, where the filesystem is larger than the storage devices holding it (and administrators are expected to add storage as needed); in current systems, running out of space causes huge problems for filesystems and users because the filesystem cannot communicate that error in a usable fashion.

      His talk is not about block devices, he said; it is about a layer that provides a managed logical-block address (LBA) space. It will allow user space to make fallocate() calls that truly reserve the space requested. Currently, a filesystem will tell a caller that the space was reserved even though the underlying block device may not actually have that space (or won't when user space goes to use it), as in a thin-provisioned scenario. He also said that he would not be talking about his ideas for a snapshottable subvolume for XFS that was the subject of his talk at linux.conf.au 2018.


    • Fantastic kernel patches and where to find them
      I've griped before about kernel development being scattered and spread about. A quick grep of MAINTAINERS shows over 200 git trees and even more mailing lists. Today's discussion is a partial enumeration of some common mailing lists, git trees and patchwork instances. You can certainly find some of this in the MAINTAINERS file.


    • Linux Foundation



      • Sprint Joins ORAN Alliance and Linux Foundation Networking Fund
        Sprint is becoming a member of the ORAN Alliance, formerly known as the xRAN Forum, and it is also joining the LF Networking Fund (LNF).

        The two moves signal the operator’s commitment to the open source world. It’s making these inroads prior to its planned merger with T-Mobile. The two companies announced earlier last month that they will merge. The deal, if approved, will close in early 2019.




    • Graphics Stack



      • Vulkan 1.1.75 Released With Many Issues Resolved
        It's been almost one month since the Vulkan 1.1.74 debut but now that's been succeeded by Vulkan 1.1.75.

        The Khronos Group has put out Vulkan 1.1.75 this morning as the newest revision to this graphics/compute API. The Vulkan 1.1.75 update doesn't introduce any new extensions, but there are a wide number of issues resolved -- as usual, mostly document clarifications about intended behavior and some fixes.




    • Benchmarks



      • AMD Ryzen 5 2600 / Ryzen 7 2700 Benchmarks On Linux, 9-Way Ubuntu CPU Comparison
        Last month we delivered launch-day Linux benchmarks of the Ryzen 5 2600X and Ryzen 7 2700X for these new "Zen+" processors while recently we received the non-X Ryzen 5 2600 and Ryzen 7 2700 processors for Linux testing as well. In this article are benchmarks of these new AMD Ryzen processors as well as other Intel/AMD CPUs for delivering a fresh nine-way Linux distribution comparison using the very latest software components.






  • Applications



  • Desktop Environments/WMs



    • K Desktop Environment/KDE SC/Qt



      • LabPlot Support for live data


        Coming close to the next release of LabPlot, the last new feature in this release that we want to introduce is the support for live data. This feature developed by Fábián Kristóf during “Google Summer of Code 2017” program. In this context, the support for live data refers to the data that is frequently changing and the ability of the application to visualize this changing data.

        Prior to the upcoming release, the only supported workflow in LabPlot was to import the data from an external file into LabPlot’s data containers and to do the visualization. On data changes, the user needed to re-import again. With LabPlot 2.5 we introduced the “Live Data Source” object that is “connected” to the actual data source and that takes care of re-reading the changed data according to the specified options.


      • News about Elisa
        Elisa is a music player developed by the KDE community that strives to be simple and nice to use. We also recognize that we need a flexible product to account for the different workflows and use-cases of our users.




    • GNOME Desktop/GTK



      • Gnome Shell Dash To Panel v14 Brings Intellihide, Configurable Window Previews Size
        The Gnome Shell Dash to Panel extension combines the Dash with the top Gnome panel. The result is a single panel that provides an icon taskbar, the tray, system menu, and date / time indicator. This is similar to the KDE Plasma and Windows 7 (and newer) taskbar. The extension supports Gnome Shell 3.18 and newer.
      • Working on GNOME To Do this Summer
        I am Rohit Kaushik (kaushik on IRC) from Delhi, India. I am currently pursuing B.E Computer Science at BITS Pilani, Goa. I am interested in Software Engineering, Machine Learning and Research. I usually spend my free time playing badminton, cricket or listening to music. Last year, I worked on implementing Todoist for GNOME To Do and this time again I will be working on GNOME To Do, improving the two plugins that I wrote earlier and implementing newer features. I am grateful to GNOME and my mentor feaneron for giving me this opportunity.

      • Banquets and Barbecues
        One of the biggest problems with Fractal at the moment is that 1-1 messaging is pretty terrible. Since the rooms in the sidebar are sorted by most recent activity, high-traffic public rooms (such as GNOME IRC channels) tend to drown out rooms with less traffic, such as 1-1s and small groups. This is problematic because the signal-to-noise ratio in 1-1 chats and small groups tends to be much higher than in high-traffic public rooms. This leaves the user constantly searching for the rooms they care about, while the rooms they don’t care about are always at the top.


      • Performance hackfest






  • Distributions



    • New Releases



      • Linspire Server 2018 Released, Based On Ubuntu 16.04 With Xfce Desktop
        Back in January was the news of Linspire (formerly known as "Lindows") making a comeback and this week marks the release of Linspire Server 2018.

        Linspire/Lindows had previously been focused on just a desktop offering, but PC/OpenSystems acquired the Linspire rights a few months back and now they are spinning up new products. The newly-announced Linspire Server 2018 is based on Ubuntu Server 16.04 and is available for free with a self-support license while the company is also selling commercial support for interested users.




    • OpenSUSE/SUSE



      • openSUSE.Asia Summit 2018 Taiwan: Call for proposals is open
        openSUSE.Asia Committee calls for proposals of talks for openSUSE.Asia Summit 2018 held at National Taiwan University of Science and Technology on August 11 and 12. We might have community day on 10th August before the summit.

        openSUSE.Asia Summit is one of the great events for openSUSE community (i.e., both contributors, and users) in Asia. Those who usually communicate online can get together from all over the world, talk face to face, and have fun. Members of the community will share their most recent knowledge, experiences, and learn FLOSS technologies surrounding openSUSE.




    • Slackware Family



      • HandBrake 1.1.0 – now also in a patent-friendly package
        A new release of HandBrake, the video transcoder/ripper. The version 1.1.0 (released last month) comes with a load of enhancements, bug fixes and new features. Read the announcement to get all the details.

        And its GTK+-3 based GUI still compiles on Slackware 14.2. The devs must have done something right. Thank you! Still, it is sad that I can not compile the HandBrake GUI on Slackware 14.1 – or older – due to the GTK+-3 requirement (how I wish that the Qt based GUI was still an option). You could still build the CLI-only variant I suppose. But it might also be a good idea to upgrade to Slackware 14.2 if you thought of running the graphical HandBrake program…




    • Red Hat Family



      • Enhanced OpenShift JBoss AMQ container image for production
        As a Solution Architect at Red Hat, I had the opportunity to run an €« JBoss AMQ on OpenShift workshop €» some weeks ago at a customer site. Working with AMQ for years outside OpenShift and having just played with the containerized version, I was astonished that some features were already there but not documented while some others were simply missing.

        This post is a walk-through some enhancements I’ve made to Red Hat JBoss AMQ container image in order to meet my customer requirements. It goes through some topics like: adding a monitoring layer to AMQ, making configuration management across environments easier and explaining source-2-image process and use-cases for AMQ. By the way, if you’re interested on monitoring topic on Red Hat integration solutions, I recommend having a look at Bruno Meseguer excellent blog post that was an inspiration for reproducing on AMQ what was done on Fuse.


      • Red Hat brings cloud-native capabilities to software partner ecosystem
        Red Hat, the world’s leading provider of open source solutions, has introduced Kubernetes Operators to the Red Hat OpenShift ecosystem, providing a simplified path for software partners to ultimately deliver tested and validated Kubernetes applications on the industry’s most comprehensive enterprise Kubernetes platform.


      • Red Hat’s AI Strategy
        Daniel Riek leads the AI Center of Excellence in the CTO Office at Red Hat, which is tasked with advancing the adoption of AI across Red Hat’s products, services and communities. Before that, Daniel has managed engineering groups, worked on Container Strategy and has led RHEL Product Management.


      • Fedora





    • Debian Family



      • Video Channel Updates
        I’ll still keep uploading to YouTube, but ultimately I’d like to make my self-hosted site the primary source for my content. Not sure if I’ll stay with MediaDrop, but it does tick a lot of boxes, and if its easy enough to extend, I’ll probably stick with it. MediaDrop might also be a good platform for viewing the Debian meetings videos like the DebConf videos.






  • Devices/Embedded





Free Software/Open Source



  • Coreboot 4.8 Released With 17 New Motherboards Supported
    While many Coreboot users just habitually ride the latest Git code, for those sticking to official stable releases, Coreboot 4.8 was released today.


  • Web Browsers



    • Mozilla



      • The Rust compiler is getting faster
        As changes are made to the Rust compiler, a suite of benchmarks measuring compile time is run regularly on the development version. The data is viewable at http://perf.rust-lang.org. The default view is graphical, showing data from the past month.


      • These Weeks in Firefox: Issue 38


      • Scaling Firefox Development Workflows


        One of the central themes of my time at Mozilla has been my pursuit of making it easier to contribute to and hack on Firefox.

        I vividly remember my first day at Mozilla in 2011 when I went to build Firefox for the first time. I thought the entire experience - from obtaining the source code, installing build dependencies, building, running tests, submitting patches for review, etc was quite... lacking. When I asked others if they thought this was an issue, many rightfully identified problems (like the build system being slow). But there was a significant population who seemed to be naive and/or apathetic to the breadth of the user experience shortcomings. This is totally understandable: the scope of the problem is immense and various people don't have the perspective, are blinded/biased by personal experience, and/or don't have the product design or UX experience necessary to comprehend the problem.


      • Release of python-zstandard 0.9
        Zstandard is a highly tunable and therefore flexible compression algorithm with support for modern features such as multi-threaded compression and dictionaries. Its performance is remarkable and if you use it as a drop-in replacement for zlib, bzip2, or other common algorithms, you'll frequently see more than a doubling in performance.


      • Revisiting Using Docker
        When Docker was taking off like wildfire in 2013, I was caught up in the excitement like everyone else. I remember knowing of the existence of LXC and container technologies in Linux at the time. But Docker seemed to be the first open source tool to actually make that technology usable (a terrific example of how user experience matters).

        At Mozilla, Docker was adopted all around me and by me for various utilities. Taskcluster - Mozilla's task execution framework geared for running complex CI systems - adopted Docker as a mechanism to run processes in self-contained images. Various groups in Mozilla adopted Docker for running services in production. I adopted Docker for integration testing of complex systems.


      • Extensions in Firefox 61
        Firefox 60 is now in the Release channel, which means that Firefox 61 has moved from Nightly to the Beta channel. As usual, Mozilla engineers and volunteer contributors have been hard at work, landing a number of new and improved WebExtensions API in this Beta release.

        Before getting to the details, though, I’d like to note that the Firefox Quantum Extensions Challenge has come to an end. The contest was a huge success and the judges (myself included) were overwhelmed with both the creativity and quality of the entrants. A huge thank you to everyone who submitted an extension to the contest and congratulations to the winners.


      • Enigmail 2.0.4 available - better protection against Efail

        Enigmail now discovers if GnuPG prints a warning message about missing MDC (Modification Detection Code) for old algorithms like CAST5 and treats it like a hard failure. Such a message will no longer be displayed.





  • Databases



    • Built-in Sharding for PostgreSQL
      Built-in sharding is something that many people have wanted to see in PostgreSQL for a long time. It would be a gross exaggeration to say that PostgreSQL 11 (due to be released this fall) is capable of real sharding, but it seems pretty clear that the momentum is building. The capabilities already added are independently useful, but I believe that some time in the next few years we're going to reach a tipping point. Indeed, I think in a certain sense we already have. Just a few years ago, there was serious debate about whether PostgreSQL would ever have built-in sharding. Today, the question is about exactly which features are still needed.

      If you haven't followed progress in this area closely, I highly recommend that you read the Built-in Sharding page which my colleague Bruce Momjian wrote up for the PostgreSQL wiki in December of 2016 as well as the very interesting slides which Etsuro Fujita, Kyotaro Horiguchi, Masahiko Sawada, and Amit Langote presented at PGCONF.ASIA 2016. (Note that the atomic commit feature mentioned in that presentation did not make it into PostgreSQL 11.)




  • Oracle/Java/LibreOffice



    • TDF announces LibreOffice 5.4.7
      The Document Foundation (TDF) announces LibreOffice 5.4.7, the last minor release of the LibreOffice 5.4 family, currently targeted at mainstream users and enterprises.

      TDF suggests deploying LibreOffice in production environments with the backing of certified developers, migrators and trainers (an updated list is available at https://www.libreoffice.org/get-help/professional-support/). This is extremely important for the growth of the LibreOffice ecosystem.




  • Pseudo-Open Source (Openwashing)



  • BSD



  • FSF/FSFE/GNU/SFLC



    • Tarballs, the ultimate container image format

      The tarball format is plain and simple, it’s the one we know and love, and it’s been there “forever” as its name suggests. The tarball that guix pack produces can be readily extracted on another machine, one that doesn’t run Guix, and you’re done. The problem though, is that you’ll need to either unpack the tarball in the root file system or to play tricks with the unshare command, as we saw in the previous post. Why can’t we just extract such a tarball in our home directory and directly run ./opt/gnu/bin/guile for instance?



    • Using GnuCash as a Freelancer to Track Finances and Prepare Taxes
      I don't own a credit card (by choice), so keeping a close eye on my finances is really important, but I think whether or not you have a credit card, it’s a good idea to track all of your financial transactions. It’s really the only way you’ll know what’s coming in and what’s going out. This is a great habit to do even if you don’t have any problems keeping a positive balance – and I would say it's essential to do if you struggle with debt. Luckily I have no debt but I've seen a number of people turn around their whole financial situations just by starting to keep a ledger of all of their transactions.


    • Who controls glibc?
      The removal of an old joke from the GNU C Library manual might not seem like the sort of topic that would inspire a heated debate. At times, though, a small action can serve as an inadvertent proxy for a more significant question, one which is relevant to both the developers and the users of the project. In this case, that question would be: how is the project governed and who makes decisions about which patches are applied?

      Toward the end of April, Raymond Nicholson posted a patch to the glibc manual removing a joke that he didn't think was useful to readers. The joke played on the documentation for abort() to make a statement about US government policy on providing information about abortions. As Nicholson noted: "The joke does not provide any useful information about the abort() function so removing it will not hinder use of glibc". On April 30, Zack Weinberg applied the patch to the glibc repository.

      Richard Stallman, who added the joke sometime in the 1990s, asked that it not be removed. The resulting discussion touched on a number of issues. Carlos O'Donell, who has been trying hard to resolve the issue with some degree of consensus, suggested that the joke could hurt people who have had bad experiences associated with abortion. He proposed a couple of possible alternatives, including avoiding jokes entirely or discussing such issues in a different forum. Stallman, however, replied that "a GNU manual, like a course in history, is not meant to be a 'safe space'". He suggested the possibility of adding a trigger warning about functions that create child processes, since childbirth is "far more traumatic than having an abortion".




  • Licensing/Legal



    • Licenses for data
      The amount of available data is growing larger these days, to the point that some data sets are far larger than any one company or organization can create and maintain. So companies and others want to share data in ways that are similar to how they share code. Some of those companies are members of the Linux Foundation (LF), which is part of why that organization got involved in the process of creating licenses for this data. LF VP of Strategic Programs Mike Dolan came to the 2018 Legal and Licensing Workshop (LLW) to describe how the Community Data License Agreement (CDLA) came about.

      The kinds of data affected are for applications like machine learning, blockchains, AI, and open geolocation, he said. Governments, companies, and other organizations want to share their data and the model they want to follow is the one they have learned from open-source software. So the idea behind the CDLA is to share data openly using what has been learned about licensing from decades of sharing source code.




  • Programming/Development



    • LLVM 5.0.2 Released With Spectre Variant Two Mitigation
      For those that haven't yet upgraded to LLVM 6.0 stable, the long overdue LLVM 5.0.2 is now available.

      LLVM 5.0.2 was due out at the end of March while now at the middle of May this point release has materialized. What makes this new LLVM 5.0 stable update important is that it contains the compiler-side Retpoline support for Spectre Variant Two mitigation. This was already found in LLVM 6.0 and then back-ported to LLVM 5.0 and now available in this latest point release.






Leftovers



  • Health/Nutrition



    • US birth rates drop to lowest since 1987
      Births in the US have dropped to their lowest rate in 30 years, marking a cultural shift as women delay motherhood, experts say.

      Some 3.85 million babies were born in the US in 2017, the fewest since 1987, as births among women in their teens and 20s decreased.

      Both the birth rate - the number of births per thousand - and fertility - a lifetime average forecast - fell.

      Declining birth rates are common as countries become more developed.

      The US fertility rate is lower than the UK's but the US still has a higher fertility rate than many other countries.

      While births decreased among younger women in the US last year, it rose in women aged between 40 and 44.




  • Security



    • Security updates for Thursday


    • Critical Linux Flaw Opens the Door to Full Root Access


    • It has been a bad week for encrypted messaging and it’s only Wednesday

      Also on Monday, a different team of researchers disclosed a vulnerability in the desktop version of the Signal messenger. It allowed attackers to send messages containing malicious HTML and JavaScript that would be executed by the app. Signal developers published a security update on Friday, a few hours after the researchers privately notified them of the vulnerability. On Monday, Signal developers issued a new patch after discovering over the weekend that the first one didn’t fully fix the bug. (The incompleteness of the patch was independently and more-or-less simultaneously found by the researchers.)



    • Purism and Nitrokey Partner to Build Purekey for Purism’s Librem Laptops
      Purism, the social purpose corporation which designs and produces security focused hardware and software, has announced today that they are partnering with Nitrokey, maker of Free Software and Open Hardware USB OpenPGP security tokens and Hardware Security Modules (HSMs) to create Purekey, Purism’s own OpenPGP security token designed to integrate with its hardware and software. Purekey embodies Purism’s mission to make security and cryptography accessible where its customers hold the keys to their own security and follows on the heels of their announcement of a partnership with cryptography pioneer and GnuPG maintainer Werner Koch.


    • Purism Expands Its Linux Hardware Portfolio To Include A USB-Based GPG SmartCard
      If Purism didn't have their hands full enough already working to further free Linux laptops and their very ambitious project to get their own Linux smartphone software/hardware shipping next year, they have now expanded their portfolio with the Purekey.
    • Purism Partners with Nitrokey to Reinforce the Security of Their Linux Laptops
      Purism, the maker of Linux-powered laptops, announced today that it partners with Nitrokey, a maker of Free Software and Open Hardware USB OpenPGP security tokens and Hardware Security Modules (HSMs), to create a OpenPGP-based security token called Purekey.




  • Defence/Aggression



    • The Rebuilding of Syria
      During visits to Syria in 2016 and 2018, the devastation from years of war was tragically evident. Block after block in central Homs had the bombed out look of post-Second World War Berlin. The Old City and historic Souq of Aleppo was in ruins. Passing the Eastern Ghouta region near Damascus, we observed a shell-pocked landscape of ruined and burned out buildings and farms that stretched for miles. In the Palestinian Yarmouk Camp/neighborhood and the southern Damascus suburbs the fighting is still going on between government forces and elements of Daesh (ISIS) and al-Nusra. The result will be comparable devastation after the successful conclusion of combat operations.

      On the other hand, Damascus, modern Aleppo, Hama, Dera’a and the coastal cities of Latakia and Tartus — despite being targeted by rebel mortars and rockets which caused many civilian casualties — have remained largely intact, even as the fighting has taken a steep toll on the exurban neighborhoods and rural towns nearby.

      Less well known is the heavy damage to Syria’s industrial infrastructure, particularly in Aleppo. After 2011 anti-government forces occupied the extensive industrial zone outside the city and proceeded to systematically loot the modern factories. Tens of millions of dollars’ worth of industrial equipment from textile, plastics, chemical and pharmaceutical firms were sold off or simply stolen and shipped across the nearby border to Turkey. What could not be transported easily was destroyed.


    • ‘The Everyday Process of Ethnic Cleansing’
      Diana Buttu is a Palestinian-Canadian lawyer and former Palestinian negotiator. On Monday, she and hundreds of other protesters were roughed up and brutalized by a phalanx of heavily armed Israeli security forces as they tried to raise the Palestinian Flag in front of the new Jerusalem-based US Embassy .

      Buttu was outraged as she noted “from video footage we can see that people were shot in the back. Others were shot for carrying tires or for simply walking into these areas. These were individuals who posed no threat whatsoever. Even if they were attempting to cross the border, you don’t use live fire to kill people who are crossing a border.”




  • Transparency/Investigative Reporting



    • Ecuador's former president defends spy operation to protect Julian Assange
      The former president of Ecuador Rafael Correa has defended a multi-million dollar spy operation to protect Julian Assange in the country’s London embassy after an investigation by the Guardian revealed that his government had employed an international security company and undercover agents during much of the Australian’s six-year stay.


    • The UK's Russia Inquiry Had A Date To Interview Julian Assange. Then The Foreign Office Called.
      The UK inquiry looking into Russia and the Cambridge Analytica scandal had agreed a provisional date for a public interview session with WikiLeaks founder Julian Assange, before abandoning the plan after a call from the Foreign Office, BuzzFeed News has learned.

      Foreign Office officials called the Digital Culture, Media and Sport committee after learning of the plan to interview Assange from the Ecuadorian embassy in a high-profile public forum, according to a well-placed source.

      The closely watched DCMS inquiry, chaired by Conservative MP Damian Collins, was originally set up to look at fake news back in January 2017. But the MPs on the committee have been going down different paths, holding headline-grabbing public sessions with everyone from fake news academics to Brexit whistleblowers to representatives from the US tech giants.


    • Sarah Harrison: "It's not the journalist's role to decide what the public can see"
      Sarah Harrison: What was unique about WikiLeaks, was the anonymous dropbox. Because Julian (Assange) came from a technical background and he was able to build – at a time when nobody else could - this technology where a whistleblower could simply submit to the website in an anonymous fashion. Obviously, journalists have been working with sources for many years. But the technology hadn’t been brought to that problem. That was the crux of what made the WikiLeaks organisation different was the technology.

      I was comparing it to that in a vivid image that people can picture of, being able to bring the baby (the documents) to the website which could then ensure that it got to the world and the press and it could survive. It’s one of the achievements of WikiLeaks that that is now a normal thing for many newsrooms to have a dropbox like this, which I think is an excellent development in journalism.




  • Environment/Energy/Wildlife/Nature



    • Pew Research Finds Broad Bi-Partisan Support For Solar Power In US
      he latest Pew poll finds an astonishing difference in opinion between Republicans and Democrats about climate change and protecting the environment. Overall, two thirds of Americans say the government is not doing enough to reduce the effects of global climate change. 19% say the government is doing “about the right amount” with another 13% saying “too much” is being done.

      But the findings between Republicans and Democrats reveal a sharp divide between the two groups. Almost 90% of Democrats believe the federal government is not doing enough to protect key aspects of the environment such as air and water quality but few Republicans agree.

      Specifically, 89% of Democrats say the federal government isn’t doing enough to protect air quality. Only 26% of Republicans say the same thing. On the subject of water quality, 91% of Democrats say the federal government isn’t doing enough compared with 39% of Republicans.






  • Finance



    • Infrastructure built our middle class and now we must build it yet again
      It is hard to imagine our country without our iconic pieces of American transportation infrastructure.
    • 5 Unexpected Ways The 1990s Were Different From Today
    • Federal Watchdog Launches Investigation of Age Bias at IBM
      The U.S. Equal Employment Opportunity Commission has launched a nationwide probe of age bias at IBM in the wake of a ProPublica investigation showing the company has flouted or outflanked laws intended to protect older workers from discrimination.

      More than five years after IBM stopped providing legally required disclosures to older workers being laid off, the EEOC’s New York district office has begun consolidating individuals’ complaints from across the country and asking the company to explain practices recounted in the ProPublica story, according to ex-employees who’ve spoken with investigators and people familiar with the agency’s actions.

      “Whenever you see the EEOC pulling cases and sending them to investigations, you know they’re taking things seriously,” said the agency’s former general counsel, David Lopez. “I suspect IBM’s treatment of its later-career workers and older applicants is going to get a thorough vetting.”




  • AstroTurf/Lobbying/Politics



    • NYT Edit Board Are Last Humans on Earth Who Believe US Neutral in Israel/Palestine Conflict
      The fact that the United States favors Israel in its decades-long “conflict” with the Palestinians is not a subjective or abstract question; it’s a well-established empirical fact. The US gives over $3 billion a year in military aid to Israel (more than the US spends on aid for the last seven countries it’s bombed combined), and defends it from sanction almost uniformly at the UN Security Council. Israel’s support from the US Congress borders on sycophantic. The US, on the other hand, gives no military aid to Palestine, and opposes resolutions that even acknowledge Palestine exists—much less support its resistance to Israeli occupation. The US gives some aid to the Israeli-approved and corrupt Palestinian Authority, but this largely serves to buy off the docile and unpopular PA.

      [...]

      It’s difficult to imagine any of the seemingly knowledgeable and healthy adults at the Times editorial board actually thinking the US has been “neutral” in its dealings with Israel and Palestine. Perhaps not 100 percent lockstep. Perhaps sometimes pushing back against the most right-wing elements in Israel. But “neutral”? It flies in the face of decades of evidence to the contrary.

      This isn’t the first time the New York Times has played the part of a kindergartener finding out Santa Claus isn’t real. As FAIR noted last December (12/30/17), Times reporter Mark Landler used the specter of Trump to totally whitewash America’s aggressive and violent past, in a manner that crosses from jingoistic to outright goofy...
    • Morning mail: European council president condemns 'capricious' Trump
      The threat posed by Donald Trump’s administration has been likened to that of China and Russia by the European council president, Donald Tusk, as he condemned the US’s withdrawal from the Iran deal and the rising threat of a transatlantic trade war. Tusk offered a withering commentary on the chaotic US administration, saying: “We are witnessing today a new phenomenon: the capricious assertiveness of the American administration. Looking at the latest decisions of President Trump, some could even think, ‘With friends like that, who needs enemies?’”




  • Censorship/Free Speech



    • Dismal state of academic freedom in Turkey described by HRW

      Turkey’s universities are experiencing a period of self-censorship and a lack of academic freedom as hundreds of academic staff face prosecution and thousands more have lost their jobs, international non-governmental organization Human Rights Watch (HRW) said in a report it published on Monday.



    • Facebook Releases First-Ever Community Standards Enforcement Report
      For the first time, Facebook has published detailed information about how it enforces its own community standards. On Tuesday, the company announced the release of its Community Standards Enforcement Preliminary Report, covering enforcement efforts between October 2017 and March 2018 in six areas: graphic violence, adult nudity and sexual activity, terrorist propaganda, hate speech, spam, and fake accounts.

      Facebook follows YouTube in releasing content enforcement numbers; last month, the video-sharing platform put out its first transparency report on community guidelines enforcement, showing the total number of videos taken down, the percentage of videos removed after being flagged by automated tools, and other details.
    • Leading Israeli Playwright Faces 'Censorship' At Home
      Joshua Sobol claims that his latest play, 'The Last Act,' was the subject of a political witch hunt. Joshua Sobol is one of Israel's leading playwrights, having also achieved worldwide notoriety with his 1984 offering “Ghetto,” a poignant look...




  • Privacy/Surveillance



    • Publishers need to stop using insecure HTTP
      Academic publishers play a major role in the dissemination of scholarly information. As a society, we need to be able to rely on these publishers to provide information securely, accurately, and with content integrity. We also want to ensure that our personal information (e.g., a site password) is secure, and scholarly publishers have a responsibility to the community to protect our data.

      I've been surprised how often scholarly publishers' pages are published as HTTP, which (unlike HTTPS) doesn't encrypt data in transit. Implementing HTTPS has become much easier with initiatives such as Let's Encrypt and Certbot (but I recognize legacy systems can make it more difficult).


    • Mark Zuckerberg to appear before European parliament

      The Facebook founder’s decision to meet MEPs will be seen as a snub to the UK parliament. British MPs have asked him to appear to explain the company’s role in the Cambridge Analytica scandal where the personal data of tens of millions of people was used without their permission.



    • Zuckerberg Agrees to EU Parliament Grilling Over Data Scandal


    • EFF Asks FBI, DOJ To Turn Over Details On Thousands Of Locked Phones The FBI Seems Uninterested In Cracking
      The FBI's growing number of uncracked phones remains a mystery. The agency claims it has nearly 8,000 phones in its possession which it can't get into, despite multiple vendors offering services that can allegedly crack any iPhone and countless Android devices.

      The push for mandated backdoors and/or weakened encryption continues, with successive FBI heads (James Comey, Chris Wray) declaring public safety is being threatened by the agency's locked phone stockpile. This push seems doubly insincere given a recent Inspector General's report, which revealed agency officials slow-walked the search for a third-party solution to unlock a phone belonging to the San Bernardino shooter.

      Legislators have taken notice of the FBI's disingenuous push for a legislative mandate. Back in April, a group of lawmakers sent a letter to the FBI asking what it was actually doing to access the contents of its growing collection of locked phones and why it insisted there were no other options when it was apparent vendors were offering phone-cracking solutions.


    • EFF to New York Appellate Court: No Warrantless Searches of Devices at the Border
      In a month of court victories for travelers' digital privacy, EFF continues its legal fight for Fourth Amendment rights at the border. We filed an amicus brief yesterday, along with the ACLU and NYCLU, urging a New York State appellate court to rule that border agents need a probable cause warrant to search the electronic devices of people at international airports and other border crossings.

      We asked the court to rule that the extremely strong and unprecedented privacy interests we have in the massive amount of highly sensitive information stored and accessible on electronic devices is protected under the Constitution. This is our eighth amicus brief in a case where border agents have conducted warrantless searches of travelers' phones or laptops at the border. For too long, federal agents have treated the border as a Constitution-free zone, searching travelers without individualized suspicion that they have committed a crime. This must stop.




  • Civil Rights/Policing

    • Company used by police, prisons to find any mobile device breached (again)

      Since the application is Web based and the website allows "Anywhere, anytime access to all system controls" for the Securus call system, the usernames and passwords could conceivably be used to gain access to not just device location data but prisoner phone records and other sensitive data. A previous breach at Securus reported by The Intercept exposed data on 70 million recorded prisoner phone calls, including calls between prisoners and their attorneys.



    • Congressional Members Decide It's Time To Make Assaulting A Police Officer A Federal Hate Crime
      It's apparently time for a legislative update to The War on Cops. Apropos of nothing, legislators from both sides of Congress have flung some more "cops are more equal than others" legislation into the ring. Senators Orrin Hatch and Heidi Heitkamp have joined their House counterparts in attempting to make any crime against a police officers a hate crime.


    • AT&T Mobility Fired Me for Being Pregnant
      Demerit-based attendance policies discriminate against pregnant women.

      When I found out I was pregnant in the fall of 2014, I was so grateful to have a job with AT&T Mobility. My husband and I both worked as sales representatives at the company’s store in Elkhart, Ind. Our jobs provided us a stable, comfortable life that we looked forward to sharing with our son. We made $14 an hour, plus commission, and AT&T Mobility provided generous benefits that included paid maternity leave. We both loved our jobs and looked forward to fulfilling sales careers with the company.

      But that hope evaporated as my pregnancy progressed. I had severe nausea that wasn’t just “morning sickness.” I felt sick nearly all the time and had trouble sleeping. In my second and third trimesters, things got even worse, and I developed cholestasis, a disabling liver condition characterized by intense itching all over the body. These difficulties meant that I occasionally was late for my shift, or needed to stay home, and that I had to visit my doctor more often.

      These symptoms were scary and stressful on their own. I never dreamed that they also would cost me my job.


    • ACLU Client Makes History As First Air Force JAG Corps Officer to Wear Hijab
      ACLU applauds Air Force for respecting religious freedom.

      When Lt. Maysaa Ouza began her first assignment as an officer in the Air Force’s Judge Advocate General’s Corps earlier this month, it was a historic moment. Lt. Ouza, a recent law school graduate, became the first Air Force JAG Corps officer authorized to wear hijab. Before she enlisted, the Air Force granted her a religious accommodation allowing her to wear hijab during basic and officer training and in her role as chief of legal advice at Scott Air Force Base. The groundbreaking development was a long time in the making.

      Lt. Ouza always knew that she wanted to serve her country. As the daughter of immigrants, she was called to give back by defending the very freedoms and liberties that have afforded her and her family so many opportunities.

      When Lt. Ouza was in law school and began investigating her options for military service, however, there was one potential obstacle: her hijab. For Lt. Ouza, the practice of covering her hair and neck by wearing hijab reflects a core tenet of her Muslim faith. She believes that being forced to remove the head covering is humiliating and no different than being compelled to strip in front of others.


    • Home Office grants visa to student in U-turn after 'distressing' visit
      In an unexpected U-turn, the Home Office has granted a visa to a woman it had previously classified as an immigration offender, just 24 hours after video footage of a distressing dawn raid on her home was published by the Guardian.

      Zixuan Qu, 29, who submitted an application to extend her student visa over four years ago, has been granted leave to remain in the UK for a further five years.

      For the past four years, the Home Office has been sitting on her application, and has held her passport, preventing her from going back to China to visit her grandparents, who brought her up. She was forced to cancel her wedding because she was unable to register the marriage without a passport.


    • Brown v. Board Made It to 64. But How Much Longer Will It Survive?
      It’s been 64 years this week since Brown v. Board Of Education began charting a new course for public schools and race in America. In a unanimous decision, the Supreme Court struck down the dishonest doctrine of “separate but equal” and exposed the white supremacy that lay beneath it.

      Yet, the celebration this year is muted by a fresh sense of uncertainty. The sanctity of the landmark decision that helped ensure Black children’s full and equal access to participation in American society is increasingly under attack in the courts, in government, and in the private sphere.


    • Congress Wants More Protections for Cops While Ignoring Police Reform
      An “empty gesture” — that is the term that Rep. Jerrold Nadler, Democrat from New York, used to describe H.R. 5698, the Protect and Serve Act of 2018, which creates a new federal crime for targeting law enforcement officers.

      “There is no profession more widely protected under federal and state law than working in law enforcement,” Nadler continued as the U.S. House Judiciary Committee considered the bill last week on the eve of Police Week. Protect and Serve, he said, is a “one-sided approach that presents the strong risk of creating a perception of bias against community-based policing concerns.”

      So how did this bill pass the U.S. House of Representatives this week by a vote of 382 to 35? And how did it pass with the support of some of its critics in Congress?
    • A Tale of Two Tortures
      It was with some disbelief that I read of two torture-related stories emerging around the same time last week. The first was about the legal victory of Abdul Hakim Belhaj, Libyan dissident, kidnap victim of MI6 and the CIA, and torture victim of Colonel Gaddafi. UK governmental apologies were finally made and reparation paid. For once justice was seen to be done and the use of torture condemned.

      Meanwhile, across the pond last week the reverse side of the same coin was on full disgusting display. Our American chums are in the process of attempting to appoint an alleged notorious torturer as the head of the CIA.

      While nominee Gina Haspel had soft-ball questions lobbed at her by a tame pack of senators at her confirmation hearing, retired CIA senior analyst, former presidential briefer, and now justice activist, Ray McGovern, stood up and said what the Senators knew, but would not say: namely that she supervised — directly, on site — the waterboarding of Al Nashiri, who had been kidnapped and brought to the first secret CIA prison abroad (in Thailand) for “interrogation.” McGovern was dragged out by four burly police, thrown to the ground, and injured when additional police piled on. Here is a link to the video of this assault.




  • Internet Policy/Net Neutrality

    • Senate Approves First Step In Uphill Effort To Restore Net Neutrality
      As noted previously, net neutrality advocates managed to convince Congress to try and use the Congressional Review Act (CRA) to reverse the FCC's misleadingly-named "Restoring Internet Freedom Order."

      That order, approved by a 3-2 FCC vote last December, not only kills net neutrality (as of June 11), but eliminates much of the FCC's authority to police monopoly ISPs. Since many still don't seem to understand this, it's worth reiterating that the attack on net neutrality is just one part of a much broader plan to severely hamstring FTC, FCC, and state oversight of giant broadband monopolies that face little to no organic market competition.

      Today's hearing before the Senate included all of the favorite hits culled from a decade of net neutrality debates, including ISP-loyal lawmakers like John Thune repeating the entirely false claim that net neutrality rules somehow devastated sector investment (SEC filings, earnings reports, and countless CEO statements disprove this). Claims that U.S. net neutrality rules were "heavy handed government regulation of the internet" were also frequently repeated (that's also not true, and the U.S. rules are arguably modest by international standards).
    • ‘Most Americans Say They Want Protections for the Open Internet’
      All social justice fights intersect in some way. But net neutrality is the definition of a keystone issue: The policy protects the space in which to discuss and debate and organize all the other fights, the means to talk around the legacy media gatekeepers—the ones who tell you that killing people in other countries to force them to change their elected leadership is reasonable, but providing healthcare for everyone is outrageous.

      In a sort of slow-motion trainwreck, the Trump FCC—led by former Verizon lawyer Ajit Pai—moved to dismantle net neutrality protections only recently won. Millions of people voiced their strong opposition, but were overruled—while Pai and his agency produced a truly bizarre video of him doing a smug victory dance to show off to a bunch of industry lobbyists.

    • Update on Fight for Net Neutrality in U.S. – Senate votes to save net neutrality, now it’s up to the House


      We’re pleased this resolution passed – it’s a huge step, but the battle to protect net neutrality and reinstate the 2015 rules isn’t over. The next step is for the motion to go to the House of Representatives for a vote before the order is supposed to go into effect on June 11. Unfortunately, the rules in the House will make passage much harder than in the Senate; at this point, it’s not clear when, or if, there will be a vote there.

      We will continue to fight for net neutrality in every way possible as we try to protect against erosion into a discriminatory internet, with ultimately a far worse experience for any users and businesses who don’t pay more for special treatment.


    • This Is Ajit Pai, Nemesis of Net Neutrality


    • Senate Votes to Save Net Neutrality, but Hurdles Remain

      Senators Susan Collins (R-Maine), John Kennedy (R-Louisiana), and Lisa Murkowski (R-Alaska) crossed the aisle to defend net neutrality in what was otherwise a party-line vote. The final tally was 52–47. Collins had announced her support for the proposal in January, but Murkowski and Kennedy didn’t announce their positions in advance of the vote.



    • Net neutrality advocates gain symbolic win as Senate votes to save Obama rules

      But resolution requires passage in House and Trump’s signature – an unlikely outcome before FCC’s repeal goes into effect in June



    • Senate votes to reinstate net neutrality — but it has a long way to go

      In order for net neutrality to actually be reinstated, two more things have to happen. First, the House has to use the CRA to overturn the policy as well. That’s even harder. Instead of 30 signatures, net neutrality supporters have to collect signatures from a full majority of House members. Even if they get every single Democrat on board — and they don’t have that yet — they’d still need the support of 22 Republicans. And finally, if that happened and they all voted to reverse the policy, it’d still have to get signed by President Trump, who is not a fan of the policy.



    • The Senate Voted to Stand Up for Net Neutrality, Now Tell the House to Do the Same
      The Senate has voted to restore the 2015 Open Internet Order and reject the FCC’s attempt to gut net neutrality. This is a great first step, but now the fight moves to the House of Representatives.

      The final Senate vote was 52 to 47 in favor. That puts a bare majority of the Senate in step with the 86% of Americans who oppose the FCC’s repeal of net neutrality protections.

      Net neutrality means that the company that controls your access to the Internet should not also control what you see and how quickly you see it once you’re there. We pay our ISPs plenty of money for Internet access, they shouldn’t have the ability to block or throttle any application or website we choose to use or visit. And they shouldn’t get to charge extra to deliver some content faster while slowing down others or get to prioritize their own content over that of competitors.


    • As Intermediary Liability Is Under Attack, Stanford Releases Updated Tool To Document The State Of Play Globally
      We've spent many years talking about the issue of intermediary liability on the internet. While the term is one that nearly everyone agrees sounds boring as anything, it's incredibly important in protecting your rights to express yourself online. The key issue is who is liable for speech that is posted online. The common sense reaction should be that "the speaker" is responsible for any speech they make online. However, for reasons I still don't full comprehend, many, many, many people would prefer that the site hosting the speech should be liable. In many cases, this might not seem to matter. But it can actually matter quite a bit for absolutely everyone. While most speech is perfectly legal, there remain some exceptions (including copyright, defamation, true threats and more).

      And while some people think that those exceptions are narrow enough that pinning liability on websites shouldn't be a big deal, that's not true in practice. Because if you say that the website (the intermediary or platform) is liable for the speech, then merely making an accusation of illegality in the speech has a high likelihood of censorship of protected speech. That's because most platforms will take down speech that is reported in an attempt to avoid potentially crippling legal liability. Indeed, in many cases, platforms are then pressured (either by law or threat of laws or legal action) to pre-filter or moderate certain content just to avoid even the possibility of legal liability.


    • Comcast Found To Be Charging $90 Installation Fees At Homes Where Comcast Is Already In Use
      Any review of our ongoing coverage of Comcast will leave you with the impression that the mega-company is almost perfectly terrible at customer service, seems only interested in growing as large as possible as quickly as possible while tamping down anything resembling the potential for competition in its market, and has done everything in its power to kill net neutrality on top of it all. While many might believe that Comcast is getting killed by the same cord-cutting epoch causing so many others in the entertainment space to reach for the Tums, we recently noted that the cable company is actually still raking in money hand over fist. This is done, at least in part, by the company's subtle strategy of simply upping what they charge customers for internet services.


    • Charter Uses Net Neutrality Repeal To Claim States Can't Hold It Accountable For Shoddy Service, Failed Promises


      While people remain exclusively fixated on the telecom industry's attacks on net neutrality, the reality is companies like Comcast, Charter, AT&T and Verizon are busy trying to eliminate nearly all federal and state oversight of their businesses. And while deregulation has its uses in healthy markets as part of an effort to protect innovation, you may have noticed that the telecom market isn't particularly healthy. As such, the end result of eliminating most meaningful regulatory oversight without organic market pressure in place is only likely to make existing problems worse.

      This battle is getting particularly heated on the state level. After the Trump administration dismantled net neutrality and consumer privacy protections, states began flexing their muscle and attempting to pass their own privacy and net neutrality rules. ISP lobbyists, in turn, tried to head those efforts off at the pass by lobbying the FCC to include (legally untested) language in its net neutrality repeal "pre-empting" states from being able to protect broadband consumers in the wake of federal apathy.

      And in the wake of the net neutrality repeal, companies like Charter (Spectrum) are trying to claim that states have no legal authority to hold them accountable for failed promises, slow speeds, or much of anything else.




  • Intellectual Monopolies



    • Lenovo, the Chinese giant that plays by the rules … and loses
      The war of words between the US and China over trade has many subtexts, but treatment of intellectual property (IP) is a major factor. Donald Trump believes that the world’s second-largest economy gains an unfair advantage over its main rival due to an overly aggressive and sometimes underhand approach to IP – the patents and copyrights that underpin big tech, manufacturing and creative breakthroughs.

      So what happens when China plays the game fairly and buys American IP to gain a foothold in the world’s biggest economy? In the case of Lenovo, one of China’s biggest tech firms, doing so has been no guarantee of success. The Beijing-based company has bought three respected US tech businesses since 2005: IBM’s PC arm and low-cost server unit, and Motorola smartphones. None of them has worked out.


    • Sex, Death, and Intellectual Property
      This paper makes two main contributions. First, it shows that IP often provides an effective tool for managing personal and social boundaries and as a result reinforces autonomy, community, and kinship among the diverse group of individuals who become rights holders. Individuals are using the old tools of IP to tackle a new and different set of socioeconomic challenges. Second, as a normative matter, it argues that IP provides some important practical and conceptual advantages over other legal responses to sexual privacy and family mourning. IP delegates context-sensitive boundary-management decisions to individuals, families, and communities—as opposed to more top-down criminal or regulatory solutions—and can be transferred within communities and across generations—as opposed to more individualized tort and contract solutions. Although undeniably a break from traditional theory, IP can be a useful means of legally responding to emergent cultural vulnerabilities.


    • Trademarks



      • Dr Dre loses trademark battle with gynaecologist Dr Drai
        Rapper and music mogul Dr Dre has lost a dispute over his name, after he tried to prevent gynaecologist Draion M Burch from trademarking the name Dr Drai.

        As well as practising gynaecological and obstetric medicine, Burch is the author of books including 20 Things You May Not Know About the Vagina, and is a public speaker on women’s health issues.

        Dre, real name Andre Young, argued the public would be confused at the similarity of the names; Burch argued there would be no such confusion “because Dr Dre is not a medical doctor nor is he qualified to provide any type of medical services or sell products specifically in the medical or healthcare industry”.




    • Copyrights



      • Copyright Once Again Hiding Important Cultural Artifacts


        And lest you think this is a small problem, I'll point again to the research of Paul Heald, who has documented the giant hole in our culture created by lengthy copyright terms. Public domain works published prior to 1923 are available. Works in the last few years tends to remain available. Works from the many, many, many decades in between?
      • Music Modernization Act gathers momentum in Senate
        On May 15, singers and songwriters including Smokey Robinson, Dionne Warwick, Darlene Love and Josh Kear urged the judiciary committee to support the copyright reform. Senators demonstrated their support by incorporating their favourite lyrics into their comments.

        [...]

        Every time I see that image again, I am dismayed about what it says about our culture, and how little supporters of our existing copyright system seem to care about what copyright is doing to our culture. Supporters of the existing system regularly exclaim how they are the ones who support culture and creators with their views on extensive copyright protections, yet they run away and hide when people point out things like this, where copyright gets in the way of culture, locks it up and (unfortunately) sometimes throws away the key completely.



      • Sweden Cancels Agreement With Elsevier Over Open Access

        A collection of Swedish universities and research institutions will not renew its current contract with Elsevier that expires at the end of June, Times Higher Education reports today (May 16). The move comes not long after academic institutions in other countries have let publishers’ subscriptions lapse when fee negotiations come to an impasse.



      • Internet Association Blasts MPAA’s ‘Crony Politics’

        The Internet Association, an industry group that consists of several large technology companies, has lashed out against the MPAA. In a letter to the House Energy and Commerce Committee, they accuse Hollywood's main lobbying group of using the Facebook scandal for "rent seeking" and "crony politics" to further its own interests.



      • Roku Displays FBI Anti-Piracy Warning to Legitimate YouTube & Netflix Users

        Legitimate users of the Roku platform were greeted by an ominous message over the past few hours when accessing official channels including YouTube and Netflix. An FBI warning, which advised that "unauthorized copying is punishable under federal law", noted that the channels had been removed due to repeated claims of copyright infringement.









Recent Techrights' Posts

Another Massive Blow to the Web
This is awful news and it neatly relates to topics that we covered this morning
All the Latest Five Blog Posts at OSI's Blog Are Written by a Microsoft Operative Salaried by Microsoft
"Open Source" no longer means anything
Three Months
Next week on Tuesday our sister site turns 20.5
Links 06/12/2024: Promotion of Fake and Illegal Patent 'Court' (UPC), South Korean Strikes, and More Bailouts at Taxpayers' Expense
Links for the day
 
statCounter: GNU/Linux Rises Sharply to All-Time High in Republic of South Korea
Notice how sharp the rise is!
It's FOSS? No, It's SPAM.
Another sellout
Legacy of a Dying World Wide Web
Many people truly believe they're "stars" in social control media
Google Does Not Have a Search Engine Anymore
Google wants to "retain" users for more "screen time" and influence over their minds; it does not save you time, it's manipulating you
[Meme] Automattic: Host With Automattic, We'll Handle Our Own Complexity for You
The RHEL modus operandi (more so with systemd)
Finding Peace With Less
There seems to be a growing consensus (speaking to other editors helps confirm this) that the Web is going in a very bad direction
Links 07/12/2024: DEI Chopped by University of Michigan, French and South Korean Governments in Turmoil
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, December 06, 2024
IRC logs for Friday, December 06, 2024
Links 06/12/2024: Meal Changes and Internet Nostalgia
Links for the day
Brittany Day (linuxsecurity.com) Reposing Linux Foundation/Microsoft FUD Using LLMs, Probably Controlled by Microsoft
Plagiarised FUD by LLMs
Links 06/12/2024: Alarm Raised in EU Over Meddling and Destabilisation by TikTok, Strong Criticism of 'Open'AI
Links for the day
In France, Android Skyrockets to 52%, Windows Falls to 26%
even in rich countries across Europe Windows is rapidly losing "market share"
When News Sites Become Shopping Catalogues Disguised as 'Reviews' or 'Articles'
Sometimes Fagioli uses HEY HI (AI, LLMs actually) to make 'articles' about HEY HI
[Meme] Hit and Run with SLAPP
Microsoft staff versus Techrights
[Meme] When You Go Against Corporate Front Groups and Shills of Moneyed Interests (EDRi is Microsoft-Compromised Now)
The "golden rule" is, follow the gold
The Register Exposed Many IBM Scandals, Lawsuits, and Secret Layoffs. Now IBM Pays The Register.
Hush money?
IBM Told the Media the Secret Mass Layoffs Would Carry on Till End of November, But They Still Happen This Month
"My team of 9 people had 4 regulars and 5 contractors. All contractors gone."
All the Red Flags in New Linux Foundation Report
How telling...
Gemini Links 06/12/2024: Shrinkflation and Working at Google
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, December 05, 2024
IRC logs for Thursday, December 05, 2024
[Meme] Shooting the Messenger
"you needn't refute the message, just take out the messengers"
Software Freedom Conservancy (SFC) Associate Sued Us for Publishing Perfectly Accurate Article About SFC; We Sued Them for Harassment
SFC and its associates aren't nice people
Fantastic Journalism by Brian Fagioli
A lot of today's Web, even "news" sites, is spam
Techrights Does Not Forget
Techrights has many anti-censorship mechanisms
Windows Has Fallen to All-Time Low in India
In India, only about 1 in 8 Web requests comes from Windows
Microsoft Criminals: Law Enforcement is the Real Problem
deflecting the issue and resorting to projection
[Meme] They Dropped the L (Libre and Law)
SFLC, could I borrow 75% of your letters?
Companies That the Software Freedom Conservancy (SFC) Will Censor the Community for, Using Their Very Large CoC
also exploiting poor (and sexually abused) women from eastern Europe
Software Freedom Conservancy (SFC) Has Asked a Blogger to Delete This Page About the SFC, So We Reproduce It in Full Here
Censored article
The Free Software Foundation (FSF) Has Raised More Than Three Times More Money Than the Software Freedom Conservancy (SFC), Which Mostly Gets Money From Corporations, Including Microsoft
Do not donate any money to copycat organisations. It's worse than money down the river because your money might get spent attacking and even defaming the originals.
Increasing Productivity With Less Hardware, Little Power, and Fewer CPU Cycles (and Far Less Digital Waste in General)
A lot of people who glance at our PCs (as they visit us) act a bit baffled, as much of what we're using is a bunch of terminals and some text editors
Gemini Protocol Keeps Getting Better (Less and Less Reliance on Centralised Certificate Authorities)
Reliable systems do not depend on third parties, only themselves
Why We Moved to Perl and Dumped PHP Last Year
Elongating the lifetime of the underlying stack
Links 05/12/2024: Explaining the South Korea Chaos and French PM Barnier's Government Already Disintegrating
Links for the day
Gemini Links 05/12/2024: Domain Changes, Griping With Haskell
Links for the day
Links 05/12/2024: Mass Layoffs at Microsoft's PR (Bribery of Media) Agency, UnitedHealthcare CEO Shot Dead
Links for the day
GNU/Linux news for the past day
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 04, 2024
IRC logs for Wednesday, December 04, 2024
Links 05/12/2024: Formaldehyde and Cancer, US and China Boycotting One Another
Links for the day
Gemini Links 05/12/2024: Hermeticism, Living in the Shell, and More
Links for the day
At the OSI, Microsoft Operative (Funded by Microsoft) Promotes Proprietary Software of Microsoft
The OSI is deeply corrupt. The good news is, it's barely hiding it anymore.